Hi, I've done a quick network analysis to better understand the problem. Basically I've a client A (192.168.20.174) which tries to connect to sunrpc on server B (132.147.160.216). The problem is that 132.147.160.216 is an IP alias on server B (its real IP is 132.147.160.194). So it gets the sunrpc request on 132.147.160.216 but answers with 132.147.160.194 as you can see below). Eth1 is the network interface on 132.147.160.x and eth3 is the nic on 192.168.20.0 Let's see the network dump:
[EMAIL PROTECTED] root]# tcpdump -n -i eth1 host 192.168.20.174 and host 132.147.160.216 or host 132.147.160.194 tcpdump: listening on eth1 11:37:23.241180 192.168.20.174.33167 > 132.147.160.216.sunrpc: udp 56 (DF) 11:37:23.242535 132.147.160.194.sunrpc > 192.168.20.174.33167: udp 28 (DF) (nothing) 2 packets received by filter 0 packets dropped by kernel [EMAIL PROTECTED] root]# tcpdump -n -i eth3 host 192.168.20.174 and host 132.147.160.216 or host 132.147.160.194 tcpdump: listening on eth3 11:37:34.094396 192.168.20.174.33168 > 132.147.160.216.sunrpc: udp 56 (DF) (nothing) So basically, the answers comes to eth1 but nevers goes out on eth3. Furthermore I cannot see any droped paquet on my firewalls logs. More weird, sometimes the paquet goes out on et3 and sometimes it doesn't. Maybe this is a bug in FW1 ? Has someone experienced this before ? -- Sebastien Cantos <[EMAIL PROTECTED]> Network / System Manager Neopost DIVA > -----Message d'origine----- > De : Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] De la > part de S�bastien Cantos > Envoy� : jeudi 10 f�vrier 2005 18:27 > � : [email protected] > Objet : [FW-1] Sunrpc problem > > Hi, > > I've a cluster XL NG FP3 checkpoint firewall. I've problem with NFS > mounting. For example when I do a : > showmount -e server_ip > Sometimes it works and sometimes no. > Has anyone experienced this before ? > Thanks in advance. > > Regards, > -- > Sebastien Cantos <[EMAIL PROTECTED]> > Network / System Manager > Neopost DIVA > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
