Hi all,
this is not realy related to netfilter but maybe someone here can help
me to find what I did wrong/forgot,...:
I get the following in the logs on my netfilter gateway, about every 2
seconds from two machines behind of the gateway that are in one subnet:
REJECT: IN=eth0 OUT=eth0
SRC=10.10.0.218 DST=10.10.0.200 LEN=56 TOS=0x00 PREC=0x00 TTL=63 ID=0
DF PROTO=UDP SPT=111 DPT=50916 LEN=36
I'am wondering why the packet is sent to the gateway instead of
sending it direct?
10.10.0.218 is a kernel 2.4.18 NFS server running portmap, ...
10.10.0.200 is a linux box with mounted directorys from that host.
All 3 machines are in the same subnet 10.10.0.0/24. The gateway logging
the message is the default gateway for both.
Running tcpdump -nvi eth0 on the gateway shows exactly what gets logged:
> arp who-has 10.10.0.218 tell 10.10.0.254
< arp reply 10.10.0.218 is-at 0:50:ba:e9:7:d3 (0:80:c8:ca:ce:41)
< 10.10.0.218.sunrpc > 10.10.0.200.50919: udp 28 (DF) (ttl 64, id 0)
> 10.10.0.254 > 10.10.0.218: icmp: 10.10.0.200 udp port 50919
unreachable [tos 0xc0] (ttl 255, id 49752)
I checked the interface mask, broadcast and routing entries on both
machines and they are as they should be.
The interesting thing is the routing cache on 10.10.0.218 (it has
another interface with 10.10.0.219 but this address never appears in the
logs):
# route -Cn | grep 10.10.0.200
10.10.0.200 10.10.0.218 10.10.0.218 l 0 0 152
lo
10.10.0.200 10.10.0.218 10.10.0.218 l 0 0 32611
lo
10.10.0.219 10.10.0.200 10.10.0.200 0 0 25713
eth1
10.10.0.218 10.10.0.200 10.10.0.200 0 0 1
eth1
10.10.0.218 10.10.0.200 10.10.0.200 0 1 0
eth1
10.10.0.218 10.10.0.200 10.10.0.254 0 0 1304
eth0
Rebooting the machines helps for about 10 minutes then the last entry is
again in the cache.
Interface config:
inet Adresse:10.10.0.218 Bcast:10.10.0.255 Maske:255.255.255.0
inet Adresse:10.10.0.219 Bcast:10.10.0.255 Maske:255.255.255.0
Many thanks for reading this and for any help/ideas!!!
-marcus
