You are not logged in.

#1 2013-09-24 02:55:24

Judicus
Member
Registered: 2013-09-24
Posts: 1

TCP? issues

Hi All,

Sorry if this is in the wrong spot.

I have a couple of Arch VMs running on a vmware host somewhere. I don't have control over this host at present, so I can't give a lot of details on it.

How I have it set up:
Public interface on a /26 connects to a packet filter VM (not Arch) on .77. .72 through .76 are bound to the same interface and 1:1 NAT'd to a specific Arch VM behind it. 1 Arch VM does not have a 1:1 NAT'd IP, but TCP 22 on .77 is forwarded to it.
2 Private networks exist (10.xxx.xxx.0/24 and 192.168.0/24) and are bound to each VM that has a 1:1 NAT'd IP. The VM that does not have a 1:1 NAT'd IP is only attached to the 10.xxx.xxx.0/24 network.
The packet filter box is only involved in egress traffic (traffic destined to the internet), and does not interact with traffic between VMs.

The Arch VMs had been running perfectly fine until this last weekend. Since then most TCP connections do not function. If I try to SSH into .77 (port 22 forwarded to the singular VM) from my two workstations on my desk I succeed. If I try from home or the workstation under my desk (different internet connection), the SSH process stalls at "debug1: SSH2_MSG_KEXINIT sent". This means that the TCP handshake has succeeded and we shouldn't be dealing with any routing issues. Simultaneously, the teamspeak server running on this host is functional. If, on the other hand, I open a console to ANY VM, I experience the following:

        - CAN ping out to any destination (in virtual environment, or on the internet)
        - CAN resolve any hostname via DNS
        - CAN manually simulate an SMTP delivery to an external mail server
        - CANNOT ssh between VMs on either network
        - CANNOT ssh into the packet filter machine
        - CANNOT perform a package update (pacman aborts after seeing "Less than 1 bytes/sec transferred the last 10 seconds")
        - CANNOT ssh out to hosts on the internet

NFS is wonky too (the singular VM acts as NFS & LDAP host for the others). I can work with mounts that have 2 small files in them (less than 900bytes total) without issue, but anything larger will stall. For some reason I'm also seeing ports far greater than 65535 in use for NFS:

    18:52:55.089174 IP 10.xxx.xxx.40.2653835080 > 10.xxx.xxx.3.2049: 152 getattr fh 0,0/22

In all cases I see the TCP handshake occurring without issue, and netstat will show the connection as "ESTABLISHED"

Has anyone had similar issues, or have any ideas on how to proceed?

Thanks

Offline

#2 2013-09-24 03:36:49

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

Re: TCP? issues

Moving to Networking, Server, and Protection

Offline

Board footer

Powered by FluxBB