[Openswan Users] TCP problem
Jochen Witte
jwitte at alpha-lab.net
Fri Feb 25 22:12:23 CET 2005
Hello,
I have a strange problem using OpenSWAN on Fedora 3 (Kernel 2.6). Ping is
OK, but some TCP connections do not work with the other end (which is
FreeSWAN , 2.4).
This is a try to connect to cvs (pserver) on my internal interface:
---snip---
Capturing on eth0
0.000000 10.128.0.23 -> 10.49.2.2 TCP 45811 > cvspserver [SYN] Seq=0 Ack=0 Win=5840 Len=0 MSS=1460 TSV=383854937 TSER=0 WS=0
0.031219 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSV=61373806 TSER=383854937 WS=0
0.031343 10.128.0.23 -> 10.49.2.2 TCP 45811 > cvspserver [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSV=383854940 TSER=61373806
0.031433 10.128.0.23 -> 10.49.2.2 TCP 45811 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5840 Len=27 TSV=383854940 TSER=61373806
0.265066 10.128.0.23 -> 10.49.2.2 TCP [TCP Retransmission] 45811 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5840 Len=27 TSV=383854964 TSER=61373806
0.745014 10.128.0.23 -> 10.49.2.2 TCP [TCP Retransmission] 45811 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5840 Len=27 TSV=383855012 TSER=61373806
1.704899 10.128.0.23 -> 10.49.2.2 TCP [TCP Retransmission] 45811 > cvspserver [PSH, ACK] Seq=1 Ack=1 Win=5840 Len=27 TSV=383855108 TSER=61373806
---snip---
and her on the external interface:
---snip---
Capturing on eth1
0.000000 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [SYN, ACK] Seq=0 Ack=1 Win=5792 Len=0 MSS=1460 TSV=61373806 TSER=383854937 WS=0
0.029977 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [ACK] Seq=1 Ack=28 Win=5792 Len=0 TSV=61373810 TSER=383854940
0.030347 my_ext_ip -> 10.49.2.2 ESP ESP (SPI=0xc21dfcd0)
0.264035 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [ACK] Seq=1 Ack=28 Win=5792 Len=0 TSV=61373833 TSER=383854964 SLE=572492295 SRE=572492322
0.264379 my_ext_ip -> 10.49.2.2 ESP ESP (SPI=0xc21dfcd0)
0.744041 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [ACK] Seq=1 Ack=28 Win=5792 Len=0 TSV=61373881 TSER=383855012 SLE=572492295
SRE=572492322
0.744383 my_ext_ip -> 10.49.2.2 ESP ESP
(SPI=0xc21dfcd0)
1.704042 10.49.2.2 -> 10.128.0.23 TCP cvspserver >
45811 [ACK] Seq=1 Ack=28 Win=5792 Len=0 TSV=61373977 TSER=383855108
SLE=572492295 SRE=572492322
1.704358 my_ext_ip -> 10.49.2.2 ESP
ESP (SPI=0xc21dfcd0)
3.623992 10.49.2.2 -> 10.128.0.23 TCP cvspserver > 45811 [ACK] Seq=1
Ack=28 Win=5792 Len=0 TSV=61374169 TSER=383855300 SLE=572492295
SRE=572492322
---snip---
Is this a MTU problem. Or what? Why do I see these packages on my external
interface anyway? Should'nt it be ESP-packets?
Thanks in advance
Jochen
More information about the Users
mailing list