RE: IPNat Stops routing

Well the 208.1.223.246/32 is the IP I assign the firewall so we don't have
timeout problems.
I own two IP blocks
208.1.223.240/29 and 63.165.219.160/27
I looked at tcpdump and it looks like the request is making it out from what
I can see. I go as far as disabling the firewall to stop any problems there.
It feels like a queue is getting full and the stopping because the
connection will suddenly start getting slower and slower and then just stop.
Wait 5 minutes and it's back to normal. What's weird is I switch off ipnat
to natd and all problems went away. I like ipnat and would like to use it.

What part of the topology is messy?
Thanks
Travis

-----Original Message-----
From: Ryan Beasley [mailto:ryanb@goddamnbastard.org]
Sent: Wednesday, July 02, 2003 9:16 PM
To: Travis
Cc: Jim Sandoz; ipfilter@coombs.anu.edu.au
Subject: Re: IPNat Stops routing


On Wed, Jul 02, 2003 at 05:39:12PM -0400, Travis wrote:
> Is the problem my box isn't droping the connections that are old and the
timeout just needs to be adjusted? Also Why would this only effect 1 of my
ip blocks and not the other?

I overlooked the ipnat output from the beginning of this thread.
I apologize for suggesting it might've been a lack of available
RAM. When I see transient problems like that, the first thing I
think of is temporary resource exhaustion.

Regardless, I'm not entirely sure where to even begin. Have you
gone so far as eyeing tcpdump output + ipmon -a to look for any
anomalies yet? Is that 208.1.223.246/32 binding on dc0 permanent
or just a fluke?

I don't mean to offend, but I have a feeling this is more related
to screwy topology rather than a software flaw.

--
ryan beasley <ryanb@goddamnbastard.org>
GPG ID: 0x16EFBD48