Subject: Re: IP Forwarding works only when tcpdump'ing (1.4.2)
To: =?iso-8859-1?Q?P=E5llen?= <email@example.com>
From: Steven M. Bellovin <firstname.lastname@example.org>
Date: 05/22/2000 09:03:59
In message <Pine.NEB.email@example.com.=
>Yes, you read it, and to me it sounds very strange.
>Using 1.4.2 kernel and two realtek 8139 nic's the gateway works when
>tcpdump is also listening to one of the interfaces. (Don't remember if i=
>does matter WHICH of the interfaces)
>I have an (what I think) almost exactly configured box which works. But
>that one has just one rl, the other interface is ne. That one works (ok,=
>it's NAT'ing, but that shouldn't matter for the forwarding.)
>When we kill tcpdump the forwarding is killed too.
>Any ideas with this one?
At a guess, the issue is that some machine whose traffic you're trying to=
forward has a bad ARP entry or other bad forwarding information. The =
packet is thus not received by the gateway. But by default, tcpdump
puts the interface in promiscuous mode, so it will receive everything. =
The easiest way to test this is to run tcpdump with the -p option, =
which turns off promiscuous mode. If it doesn't forward packets then, =
you'll have a better idea where to look.