Adam ,
Thanks,
> Ok, if you cant see the SYN/ACK from 10.56.233.99, it could be;
> - if the box is multi-homed the SYN/ACK may be being routed out a different interface
> - the traffic may be being dropped by iptables (which sits between tcpdump and the OS)
I have only one network interface in the 10.56.233.99 server . When I
couldn't see ACK to 198.18.24.3, I could see the ACK to 198.18.24.2
(the other squid server ) at the same time . So as for me ,it's really
strange.
iptables configraion:
iptables -t nat -A POSTROUTING -o bond0.4011 -s 198.18.24.0/22 -j SNAT
--to 10.56.235.86
Thanks,
-Arkin
On Mon, Jul 28, 2008 at 8:41 AM, Adam Carter <Adam.Carter_at_optus.com.au> wrote:
>> Thanks a lot for your response .
>> I used sniffer tool to catch the packet in both Poly graph Server
>> (10.56.233.99) and Squid server side (198.18.24.3).
>>
>> I could see 198.18.24.3 send out SYNs, they SYNs were also could be
>> captured in PolyServer(10.56.233.99) side , but no ack were genenated
>> by the 10.56.233.99 server .
>
> Ok, if you cant see the SYN/ACK from 10.56.233.99, it could be;
> - if the box is multi-homed the SYN/ACK may be being routed out a different interface
> - the traffic may be being dropped by iptables (which sits between tcpdump and the OS)
>
> Double check (or maybe post) your iptables configuration.
>
> Also send the output of netstat -ant | grep 198.18.24.3
>
Received on Mon Jul 28 2008 - 14:12:57 MDT
This archive was generated by hypermail 2.2.0 : Mon Jul 28 2008 - 12:00:04 MDT