> > Now when connection my firewall from any host on the internet SOMETIMES > > it puts me through to my webserver and everything seems fine. But 99% of > > the time, it seems like the router doesn�t work at all (ie doesn�t > > forward and/or doesn�t respond). > > Mostly it works a while after bootup, but then it stops working. > > Have you confirmed that the packets sent by your "internet host" are > reaching your firewall? (Using, for example, the ACTION:info notation on > your rules.) Note that some ISPs filter port 80, though I haven't heard of > intermittent blocking.
Yes.. the packages sent from any "internet host" _should_ reach my router. Since the router itselfe doesn�t get acknowledge that it is getting these packages (it doesn�t route or log anything) I cannot surely say. BUT if I connect any other host (like my webserver running win2k), then these problems does not exist. So I can rule out the ISP filter and ISP problems. > > Meanwhile everything seems fine from the internal network. > > Meaning, you can connect to the webserver from inside the network? Or > that you have connectivity from loc to net? Meaning that I can connect from loc to fw, loc to net and the webserver is connected to without problems. It�s only net to all connectivity which "goes down".. > > Now I have tried configuring the router to respond to > > ping/tracert/traceroute so that I can check if it responds, but it stops > > responding whenever it likes. The router logs doesn�t record any icmp > > connections when trying to ping it from the internet.. > > The router stops responding to pings from outside? Yet still communicates > from fw/loc to net? Like clockwork.. Although I believe that after accessing the net from loc or fw, packets from net to fw/loc gets through.. BUT only for a while.. I have made one experiment where I sent ping packets every 30 sec for about 7 days from an "internet host" right after a reboot.. Everything worked perfectly during the time that I sent these ping packets, www calls were forwarded and so on. But an hour or so after stopping the "pings" the server didn�t respond to ping.. (yet everything works from loc/fw to net) > I am not getting a clear picture of where packets are known to be present, > and where they are not present. Using a network monitoring tool like > tcpdump during some of this testing could help. Also note that if it is a > kernel problem, the connection tracking timeouts could come into play. While running RC2 i got some log messages saying there were "to much work at eth0".. but they aren�t present anymore.. I believe I read the mail archives, finding something addressing the problem, but I cant really remember.. /Anders ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
