On Sun, Feb 13, 2005 at 12:03:58PM -0600, Bill Gradwohl wrote: > Added information: > > The admin @ the site had an FC2 box available and it is showing the > identical problem. Works fine internally, but anything that hits the > firewall, which is the default route, doesn't appear to make it past the > public nic on the firewall. > > On this FC2 box, tcp ecn and window scaling are off, as is ipv6. > > The site is 80 miles from me, so I've been trying to ssh in to the site > to run diagnostics. I'd hate to drive all that way to hook up a box on > the public side to tcpdump things. My ssh sessions are getting in the > way when I try to dump all the traffic since the ssh sessions themselves > are a positive feedback loop thats generating nuisance traffic which > obscures the picture. What are you using to dump the traffic? tcpdump (and ethereal) can be configured to ignore (not display) certain traffic. For example, a tcpdump alias I use is : alias eth0q='tcpdump -a -vi eth0 '\''not ( ( host 64.12.30.95 ) or ( arp ) or ( port 110 ) or ( port 80 ) or ( port 25) or ( port 53 ))'\''' A similar one to ignore ssh traffic might be: alias eth0nossh='tcpdump -a -vi eth0 '\''not ( (port 22 ) ) '\''' -- Linux/Open Source: Your infrastructure belongs to you, free, forever. Idealism: "Realism applied over a longer time period" http://www.scaled.com/projects/tierone/ http://kinz.org http://www.fedoratracker.org http://www.fedorafaq.org http://www.fedoranews.org Jeff Kinz, Emergent Research, Hudson, MA.
