IPTables and forward

Crucificator crucificator at home.ro
Thu Oct 28 09:59:38 UTC 2004 

Marco A. Ramos wrote:

>Ok, I was wrong, I look it the error on Iptables (because I’m new using it I
>thought that I put something wrong), well that I found is RX (reception)
>errors on the eth0.
>
>This is that ifconfig show:
>eth0      Link encap:Ethernet  HWaddr 00:C0:9F:46:25:97
>          inet addr:101.32.212.53  Bcast:101.32.212.255  Mask:255.255.255.0
>          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>          RX packets:4329 errors:2843 dropped:0 overruns:0 frame:1590
>          TX packets:6536 errors:0 dropped:0 overruns:0 carrier:0
>          collisions:0 txqueuelen:1000
>          RX bytes:309036 (301.7 Kb)  TX bytes:2020769 (1.9 Mb)
>          Interrupt:18 Base address:0xece0 Memory:fe1e0000-fe200000
>
>As you can see, there is 3843 errors. On the RX, the streigs think, it’s
>that I can received smaller files then 700b, greater files are loosing, and
>other smaller files pass but they arrive empty.
>
>First I change the network cable, but it not work..
>
>There is two equal cards eth0 and eth1, when eth1 is working perfectly, so I
>try to found any difference on the driver, PCI or IRQ configuration, but the
>only difference found is that the eth0 (bad card) appear in the  /proc/pci
>file as No bursts and the eth1 (good) card appear as Latency=32, and don’t
>know what it mean or how can I change it.
>
>Any one know some about it?
>
>This are some related files.
>
>/proc/pci report:
>    Ethernet controller: PCI device 8086:1075 (Intel Corp.) (rev 0).
>      IRQ 18.
>      Master Capable.  No bursts.  Min Gnt=255.
>      Non-prefetchable 32 bit memory at 0xfe1e0000 [0xfe1fffff].
>      I/O at 0xece0 [0xecff].
>  Bus  3, device   2, function  0:
>    Ethernet controller: PCI device 8086:1076 (Intel Corp.) (rev 0).
>      IRQ 21.
>      Master Capable.  Latency=32.  Min Gnt=255.
>      Non-prefetchable 32 bit memory at 0xfdee0000 [0xfdefffff].
>      I/O at 0xdcc0 [0xdcff].
>  Bus  3, device   3, function  0:
>    Ethernet controller: Davicom Semiconductor, Inc. Ethernet 100/10 MBit
>(rev 49).
>
>/proc/interrupts report:
>           CPU0       CPU1
>  0:    4243967    4241237    IO-APIC-edge  timer
>  1:          4          0    IO-APIC-edge  keyboard
>  2:          0          0          XT-PIC  cascade
>  8:          1          0    IO-APIC-edge  rtc
> 12:         28          0    IO-APIC-edge  PS/2 Mouse
> 14:         21          0    IO-APIC-edge  ide0
> 15:      62241      52518    IO-APIC-edge  libata
> 16:          0          0   IO-APIC-level  usb-uhci
> 18:      10959      41562   IO-APIC-level  eth0
> 19:          0          0   IO-APIC-level  usb-uhci
> 21:     208689          0   IO-APIC-level  eth1
> 22:          8     197601   IO-APIC-level  eth2
> 23:          0          0   IO-APIC-level  ehci-hcd
>NMI:          1          0
>LOC:    8484883    8484882
>ERR:          0
>MIS:          0
>
>/proc/ioports report:
>d400-d4ff : ATI Technologies Inc Rage XL
>d800-d8ff : Davicom Semiconductor, Inc. Ethernet 100/10 MBit
>  d800-d8ff : dmfe
>dcc0-dcff : PCI device 8086:1076 (Intel Corp.) (good card)
>  dcc0-dcff : e1000
>e000-efff : PCI Bus #01
>  ece0-ecff : PCI device 8086:1075 (Intel Corp.) (bad card)
>    ece0-ecff : e1000
>
>
>Thank you so much.
>
>Regards.
>
>-----Original Message-----
>From: redhat-list-bounces at redhat.com
>[mailto:redhat-list-bounces at redhat.com]On Behalf Of Marco A. Ramos
>Sent: Wednesday, 13 October, 2004 11:37 AM
>To: redhat-list at redhat.com
>Subject: IPTables and forward
>
>
>Hello, every one!
>
>
>
>I have a problem using Iptables and Forward.
>
>
>
>First some data to explain the problem
>
>
>
>OS: RedHat Enterprice 3 WS
>
>
>
>Use of service: transmit small text files using sockets, the sofware contact
>the remote server, transmit the file and disconnect it.
>
>
>
>Connection: From a Linux Server to a Remote Unix Server using Frame Relay
>Technology.
>
>
>
>This schemes was working perfectly for two year:
>
>Server –Router -----FrameRelay----Router---Other equipment—Server
>
>         <--------- Transmitting and receiving connections --------->
>
>
>
>But for some requirements we have to add en LinuxServer before the remote
>other equipment:
>
>Server –Router --FrameRelay--Router--New Linux Server---Other
>equiment—Server
>
>         <--------- Transmitting and receiving
>connections ---------------------------->
>
>
>
>The new Linux server, must to make NAT, forward and redirect connections,
>using IPtables.
>
>
>
>The problems is, since we add the new server, we start to have tree
>problems: 1) loose some connections; 2) The connection some time is slowly;
>and 3) some files are transmit it empty.
>
>
>
>I reduce the function of the New Linux Server to just make forward (the
>connection get in from one network card and get out from other) with out any
>security rule, but the problem still happen.
>
>
>
>Any idea?
>
>
>
>Thank you so much, regards.
> Marco Antonio Ramos
> Centro de Prevalidación
> mramos at sanyoval.net
>  (664) 647-44-66/25/44
>  Fax: (664) 647-44-33
>
>
>--
>redhat-list mailing list
>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>https://www.redhat.com/mailman/listinfo/redhat-list
>
>  
>
Because you are a top-poster I will not read a mail so fuzzy like yours. 
First thing you should you is to check your hardware and your cables. If 
they are not to blame for what happens then I would bet 100G that you 
have some kind of TCP over TCP encapsulation that generates that issue.
Hey, but don't worry, top posting is cool too.

More information about the redhat-list mailing list