[2.1.32] TCPv4/masquerading problems

B. James Phillippe (bryan@Terran.ORG)
Sun, 6 Apr 1997 20:15:53 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul Gortmaker: "Re: CONFIG_SERIAL_CONSOLE in v2.1.31"
Previous message: David S. Miller: "Re: IT'S THE END OF THE WORLD AS WE KNOW IT"
Next in thread: David S. Miller: "Re: [2.1.32] TCPv4/masquerading problems"
Maybe reply: David S. Miller: "Re: [2.1.32] TCPv4/masquerading problems"

Greetings,

I just recently moved from 2.1.29 to 2.1.32 and am noticing some
problems. First, I'm quite used to seeing the familiar "TCPv4 bad
checksum from ..." debugging messages. However, with the upgrade to
2.1.32, they are actually coinciding with real problems.
My wife's computer (Windows 95) is connected to mine via thinnet,
and using masquerading to get to the Internet (through my PPP modem
connection). This works well and has been for a long time. Since 2.1.32
however, she is unable to get to www.excite.com (the search engine) and
events.ticketmaster.com, and probably certain other sites as well. DNS
resolution occurs, packets are exchanged, but insufficient data ever makes
it back to put something on the screen. Note that every other location
she points her browser at works okay. tcpdump on my machine shows things
look normal, and ipfwadm -Mle shows the masqueraded connection as one
would expect. However, tail -f'ing my log files show a consistant,
repetative "TCPv4 checksum" printk for each of these sites, several times
each time she tries to connect. I can connect fine.

Here is the tcpdump of the session:

19:56:28.105613 208.152.24.33.61231 > 198.3.98.99.www: S 695591347:695591347(0) win 8192 <mss 1460> (DF)
19:56:28.265613 198.3.98.99.www > 192.168.2.2.1670: S 336527677:336527677(0) ack 695591348 win 8760 <mss 1460> (DF)
19:56:28.265613 208.152.24.33.61231 > 198.3.98.99.www: . ack 336527678 win 8760 (DF)
19:56:28.265613 208.152.24.33.61231 > 198.3.98.99.www: P 0:189(189) ack 1 win 8760 (DF)
19:56:28.455613 198.3.98.99.www > 192.168.2.2.1670: . ack 190 win 8760 (DF)
19:56:28.515613 198.3.98.99.www > 192.168.2.2.1670: P 1:161(160) ack 190 win 8760 (DF)
19:56:28.685613 208.152.24.33.61231 > 198.3.98.99.www: . ack 161 win 8600 (DF)
19:56:29.005613 198.3.98.99.www > 192.168.2.2.1670: P 1621:2209(588) ack 190 win 8760 (DF)
19:56:29.005613 208.152.24.33.61231 > 198.3.98.99.www: . ack 161 win 8600 (DF)

And some log output:

Apr 6 19:38:22 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0e9e, len=373/373/393
Apr 6 19:38:37 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0ee2, len=256/256/276
Apr 6 19:38:58 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0ea1, len=377/377/397
Apr 6 19:39:01 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0e5d, len=373/373/393
Apr 6 19:40:22 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0e9e, len=373/373/393
Apr 6 19:40:58 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:0ea1, len=377/377/397
Apr 6 19:43:12 earth kernel: TCPv4 bad checksum from 636203c6:0050 to 211898d0:1fff, len=20/20/40

Last but not least, my forwarding rule:

IP firewall forward rules, default policy: deny
pkts bytes type prot opt tosa tosx ifname ifaddress source destination ports
1887 155K acc/m all ---- 0xFF 0x00 ppp0 0.0.0.0 192.168.2.0/24 0.0.0.0/0 n/a

Any advice you can offer would be appreciated. Thanks,
-bp

--
# B. James Phillippe # Network/Sys Admin Terran.ORG #
# <bryan@terran.org> # http://w3.terran.org/~bryan  #
# Finger for PGP key # Linux Convert - circa 1.1.59 #
# Systems Administrator, Seattle Software Labs, Inc #

Next message: Paul Gortmaker: "Re: CONFIG_SERIAL_CONSOLE in v2.1.31"
Previous message: David S. Miller: "Re: IT'S THE END OF THE WORLD AS WE KNOW IT"
Next in thread: David S. Miller: "Re: [2.1.32] TCPv4/masquerading problems"
Maybe reply: David S. Miller: "Re: [2.1.32] TCPv4/masquerading problems"