On Tue, Mar 15, 2011 at 04:23:54AM -0700, Steve wrote: > Hi, > > What I thought was an MTU problem, now looks possibly to be an ospf issue. > > I have 4.5 on one side and 4.7 on the other. At the moment this is the only > infrastructure I can test on. I cant see anything obvious in the changelog > that would stop me from testing on these platforms but If I have missed > something other than 4.5 out of support life pls let me know. > > I have 2 sites linked via a gif tuinnel. > site A has 1 client workstation (winxp) and 1 router (4.5 release) > site B has 1 server (4.7 release) and 2 routers (1 is 4.7 release and 2 is 4.5 > release) > all routers are connected to the internet via pppoe(4) and have the default > route set to the upstream. > > All routers are running ospfd > > site A router 1 (4.5) has a gif tunnel connected to site B router 1 (4.7) > > Default route on Site B server 1 (4.7) is Site B router 2 (4.5) > > As mentioned all three routers only are running ospfd. > > If I run tcpdump on all three routers and Site B server 1 to follow the > traffic and then ping Site B server 1 from Site A client 1 I see the path > > Site A router 1 -> Site B router 1 -> Site B server 1 -> Site B router 2 -> > Site B router 1 -> Site A router 1 -> site a Client 1. > > All completes and looks as I would expect. > > If I open an SSH client and try and ssh from Site A client 1 to Site B server1 > I get the path > Site A router 1 -> Site B router 1 -> Site B server 1 -> Site B router 2 and > there it stops. I see the packet destined for the IP address of Site A client > 1 but it never even reaches back to Site B router 1. > > I see the same behaviour with RDP connections to a different server at Site B. > Similarly ping always complete OK > > If I change the default route of Site B server 1 from Site B router 2 to Site > B router 1, in essence ( I believe) taking ospf out of the equation all ssh > and rdp connections complete as well as the pings. > > If the answer is simply upgrade, then so be it but ideally I would prefer the > ospf implementation project to occur prior to the next round of router > updates. > > Any thoughts appreciated. >
I guess you have pf enabled which causes problems in the state table because of the asymetric routing and so TCP sessions fail. Since ping does work it is not an ospf/routing issue. ICMP and TCP are not differently routed. -- :wq Claudio
