Bug#631980: linux-image-3.0.0-rc4-amd64: Traceroute problems with clients behind gateway

Brielle Tue, 28 Jun 2011 14:03:34 -0700

Package: linux-image-3.0.0-rc4-amd64
Severity: normal
Tags: experimental



-- System Information:
Debian Release: squeeze
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'unstable'), (500, 'stable'), 
(1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Hello,

I'm noticing a problem with clients behind my linux system that acts
as a NAT gateway.  When doing a traceroute from the client, to say,
google.com, the first hop is showing up as the final destination rather
then the IP address of the gateway.

-----
traceroute to 74.125.224.48 (74.125.224.48), 64 hops max, 52 byte packets
 1  74.125.224.48 (74.125.224.48)  0.658 ms  0.106 ms  0.123 ms
 2  boid-dsl-gw07-199.boid.qwest.net (184.99.64.199)  42.359 ms  41.447 ms  
42.161 ms
 3  boid-agw1.inet.qwest.net (184.99.65.49)  41.549 ms  40.989 ms  42.573 ms
 4  sea-edge-12.inet.qwest.net (67.14.41.22)  86.234 ms  57.025 ms  55.848 ms
 5  65.122.121.66 (65.122.121.66)  58.344 ms  56.292 ms  55.848 ms
-----

Proper traceroute from unaffected kernel (in this case, 2.6.38-2)
-----
traceroute to 74.125.224.48 (74.125.224.48), 64 hops max, 52 byte packets
 1  gateway (10.11.1.1)  1.431 ms  0.458 ms  0.445 ms
 2  boid-dsl-gw07-199.boid.qwest.net (184.99.64.199)  42.727 ms  43.713 ms  
43.292 ms
 3  184-99-65-49.boid.qwest.net (184.99.65.49)  43.442 ms  46.488 ms  43.461 ms
 4  sea-edge-12.inet.qwest.net (67.14.41.22)  59.208 ms  58.577 ms  56.627 ms
 5  65.122.121.66 (65.122.121.66)  56.779 ms  59.540 ms  121.465 ms
-----

Same exact firewalling rules are in place with iptables on both
traceroutes (SNAT, not messing with traceroutes, icmp in/out).

Even with a completely clean boot with no firewalling rules and no
nat rules, traceroute shows exactly the same thing, first hop shows up
as the destination.  So, I'm not entirely sure its related to netfilter.

I do have packet dumps from the tests if they might be useful.

I can confirm that 2.6.32-5 kernels from squeeze also do not exhibit
this issue.

Thanks for looking into this!



-- 
To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20110628202442.6059.37176.report...@noc.lulz.nu

Bug#631980: linux-image-3.0.0-rc4-amd64: Traceroute problems with clients behind gateway

Reply via email to