> > Now when connection my firewall from any host on the internet SOMETIMES > > it puts me through to my webserver and everything seems fine. But 99% of > > the time, it seems like the router doesn’t work at all (ie doesn’t > > forward and/or doesn’t respond). > > Mostly it works a while after bootup, but then it stops working. > > Have you confirmed that the packets sent by your "internet host" are > reaching your firewall? (Using, for example, the ACTION:info notation on > your rules.) Note that some ISPs filter port 80, though I haven't heard of > intermittent blocking.
Yes.. the packages sent from any "internet host" _should_ reach my router. Since the router itselfe doesn’t get acknowledge that it is getting these packages (it doesn’t route or log anything) I cannot surely say. BUT if I connect any other host (like my webserver running win2k), then these problems does not exist. So I can rule out the ISP filter and ISP problems. > > Meanwhile everything seems fine from the internal network. > > Meaning, you can connect to the webserver from inside the network? Or > that you have connectivity from loc to net? Meaning that I can connect from loc to fw, loc to net and the webserver is connected to without problems. It´s only net to all connectivity which "goes down".. > > Now I have tried configuring the router to respond to > > ping/tracert/traceroute so that I can check if it responds, but it stops > > responding whenever it likes. The router logs doesn’t record any icmp > > connections when trying to ping it from the internet.. > > The router stops responding to pings from outside? Yet still communicates > from fw/loc to net? Like clockwork.. Although I believe that after accessing the net from loc or fw, packets from net to fw/loc gets through.. BUT only for a while.. I have made one experiment where I sent ping packets every 30 sec for about 7 days from an "internet host" right after a reboot.. Everything worked perfectly during the time that I sent these ping packets, www calls were forwarded and so on. But an hour or so after stopping the "pings" the server didn’t respond to ping.. (yet everything works from loc/fw to net) > I am not getting a clear picture of where packets are known to be present, > and where they are not present. Using a network monitoring tool like > tcpdump during some of this testing could help. Also note that if it is a > kernel problem, the connection tracking timeouts could come into play. While running RC2 i got some log messages saying there were "to much work at eth0".. but they aren’t present anymore.. I believe I read the mail archives, finding something addressing the problem, but I cant really remember.. /Anders ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
