[Xorp-users] Sorry, the problem is not RIP, but the routing table

Tue, 7 Jun 2005 00:00:15 +0200

On Monday 06 June 2005 01:28, Diogo Della wrote:
> Sorry, I'm from webmail here.
>
> There is no problem with /etc/hosts. The problem haapens with ssh and
> ftp. Ping there is no problem.
>
> I'm looking every where to figure this out, but I can´t understand.

Most probably you messed up the route to your DNS server(s), so in fact 
your ftp/ssh daemons actually do accept TCP connections, yet later they 
just get stuck in an attempt to do reverse lookups on client IP 
addresses.  Since it looks like the daemons are attempting to resolve 
127.0.0.1 via DNS, my guess is that a proper entry for "localhost" is 
missing from your /etc/hosts file.

Can you remove any nameserver entries from /etc/resolv.conf, retry the 
tests and report what happens?

Marko

> ### TEST
> router2# route add -net 0.0.0.0 192.168.69.200
> add net 0.0.0.0: gateway 192.168.69.200
> router2# ssh 127.0.0.1
> ^C
> router2# ftp 127.0.0.1
> Connected to 127.0.0.1.
> ^Z
> Suspended
> router2# ping 127.0.0.1
> PING 127.0.0.1 (127.0.0.1): 56 data bytes
> 64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.027 ms
> ^C
> --- 127.0.0.1 ping statistics ---
> 1 packets transmitted, 1 packets received, 0% packet loss
> round-trip min/avg/max/stddev = 0.027/0.027/0.027/0.000 ms
> router2# route delete -net 0.0.0.0 192.168.69.200
> delete net 0.0.0.0: gateway 192.168.69.200
> router2# ssh 127.0.0.1
> Password:
> router2# ftp 127.0.0.1
> Connected to 127.0.0.1.
> 220 router2.multicast FTP server (Version 6.00LS) ready.
> Name (127.0.0.1:root):
>
>
> ### KERNEL OPTIONS
> #MULTICAST
> options         MROUTING
> #DUMMYNET
> options         DUMMYNET
> options         IPFIREWALL
> options         IPFIREWALL_VERBOSE
> options         IPFIREWALL_VERBOSE_LIMIT=5
> options         IPFIREWALL_FORWARD
> options         IPFW2
> options         IPDIVERT
> options         HZ=1000
> # Mais opcoes no Kernel segundo o HandBook 20050513 por Diogo Della
> options    IPFIREWALL_DEFAULT_TO_ACCEPT
> options    IPV6FIREWALL
> options    IPV6FIREWALL_VERBOSE
> options    IPV6FIREWALL_VERBOSE_LIMIT
> options    IPV6FIREWALL_DEFAULT_TO_ACCEPT
> # Suporta ao PIM
> options         PIM
>
>
> De:"Kristian Larsson" kristian@juniks.net
>
> Para:"Diogo Della" ap010@terra.com.br
>
> Cópia:xorp-users@xorp.org
>
> Data:Mon, 6 Jun 2005 04:21:43 +0200
>
> Assunto:Re: [Xorp-users] Sorry, the problem is not RIP, but the
> routing table
>
> > First of all, try to keep everything in one thread. There are now
> > numerous threads all coming from you on the same subject. And it
> > looks real messy in my mail reader ;)
> >
> > Anyway, you haven't by any chance changed something in /etc/hosts,
> > perhaps the ip of localhost?
> > Is it just ssh or does everything, like ping and so on, stop
> > working as well? What if you try pinging or ssh to 127.0.0.1
> >
> > it looks correct from over here, and when doing this on my machine
> > (also freebsd) I don't get the same errors.
> >
> > //Kristian Larsson
> >
> > On Sun, Jun 05, 2005 at 07:51:13PM -0300, Diogo Della wrote:
> > > I made more tests.
> > >
> > > When I put routes at the route table of FreeBSD, it does not
> > > accept any more connection from localhost or from other host at
> > > the subnet.
> > >
> > > Look what happens:
> > > 1-
> > > router2# ssh localhost
> > > Password:
> > > 2-
> > > route add -net 192.168.67.0/24 172.16.3.1
> > > route add -net 192.168.68.0/24 172.16.5.3
> > > 3-
> > > router2# netstat -nr | less
> > > Routing tables
> > > Internet:
> > > Destination Gateway Flags Refs Use Netif Expire
> > > 127.0.0.1 127.0.0.1 UH 0 97481 lo0
> > > 172.16.3/24 link#2 UC 1 0 fxp0
> > > 172.16.3.1 00:02:2a:d3:07:ab UHLW 2 999 fxp0 979
> > > 172.16.5/24 link#3 UC 1 0 rl0
> > > 172.16.5.3 link#3 UHLW 1 0 rl0
> > > 192.168.67 172.16.3.1 UGSc 0 0 fxp0
> > > 192.168.68 172.16.5.3 UGSc 0 0 rl0
> > > 192.168.69 link#1 UC 1 0 sis0
> > > 192.168.69.200 00:0c:6e:33:0c:ae UHLW 0 8 sis0 243
> > > 4-
> > > router2# ssh localhost
> > > ^C
> > > (It timeout and I have to kill with CTRL + C )
> > > 5-
> > > delete net 192.168.67.0: gateway 172.16.3.1
> > > delete net 192.168.68.0: gateway 172.16.5.3
> > > 6-
> > > router2# ssh localhost
> > > Password:
> > >
> > > Why does this happens? Is it because a securty level of FreeBSD,
> > > how a change this?
> > >
> > > Thanks
> > >
> > > Diogo Della