Odd tcp dump? was: ssh working with dialup, not through router

M. Fioretti mfioretti at mclink.it
Sat May 15 21:51:31 UTC 2004


still trying to track why ssh doesn't work anymore, see my original

the PC is192.168.1.2 and the ADSL router I have run
tcpdump on the PC eth0 interface, while the ssh connection
freezes, and found that, at a certain point:

1) the PC asks the DNS server (if I understand correctly) about the
router: > ammi.mclink.it.domain:  22723+ PTR? (42) (DF)
ammi.mclink.it.domain >  22723 NXDomain 0/1/0 (119)

2) after that PC and router start to ask each other their ethernet
addresses ("arp who-has tell" and the related
arp replies) and viceversa, repeatedly.

3) when this happens, the pc and the ssh server seem to also go in a
loop, which eventually times out: several equal lines in the dump,

23:27:10.780631 > ssh.server.io.ssh: . ack 2096 win 8832 <nop,nop,timestamp 474677 141420442,nop,nop,sack sack 1 {2048:2096} > (DF) [tos 0x10] 

Is 3) caused by 1) and 2)?

are 1) and 2) normal?

if they are not normal and causing ssh to freeze, how to fix them?

	Marco F.

Marco Fioretti
Red Hat for low memory         http://www.rule-project.org/en/

In a [wired by the Internet] mass media world, there is *less*  of
everything except the top ten books, records, movies, ideas.
                               -- Michael Crichton, "The Lost World"

