You are not logged in.
Hello!
I have a weird problem with my virtual machine running Windows 7 Guest (Host is Arch Linux). Surfing the web is fine and ok, but trying to get windows updates ends in an infinite loop with no error messages at all.
My first analysis narrowed the search a bit down to an network issue with my network setup.
On the host I used wireshark for packet inspection, here is my dump:
no. Time Source Destination Protocol Length Info
42807 1113.078097000 134.170.115.62 192.168.10.10 TLSv1.2 1104 Application Data
42808 1113.287702000 192.168.10.10 134.170.115.62 TCP 54 49736→443 [ACK] Seq=181106 Ack=105279 Win=64512 Len=0
42809 1128.751468000 192.168.10.10 84.53.146.69 HTTP 234 HEAD /v11/2/microsoftupdate/redir/v6-muredir.cab?1507292120 HTTP/1.1
42810 1128.767819000 84.53.146.69 192.168.10.10 TCP 363 [TCP segment of a reassembled PDU]
42811 1128.791179000 192.168.10.10 134.170.115.62 TLSv1.2 415 Application Data
42812 1128.791261000 192.168.10.10 134.170.115.62 TCP 1514 [TCP segment of a reassembled PDU]
42813 1128.791274000 192.168.10.10 134.170.115.62 TLSv1.2 159 Application Data
42814 1128.923919000 134.170.115.62 192.168.10.10 TCP 60 443→49736 [ACK] Seq=105279 Ack=183032 Win=65536 Len=0
42815 1128.928056000 134.170.115.62 192.168.10.10 TCP 1514 [TCP segment of a reassembled PDU]
42816 1128.928807000 134.170.115.62 192.168.10.10 TCP 5894 [TCP segment of a reassembled PDU]
42817 1128.928948000 192.168.10.10 134.170.115.62 TCP 54 49736→443 [ACK] Seq=183032 Ack=112579 Win=65536 Len=0
42818 1128.928996000 134.170.115.62 192.168.10.10 TCP 5894 [TCP segment of a reassembled PDU]
42819 1128.929159000 192.168.10.10 134.170.115.62 TCP 54 49736→443 [ACK] Seq=183032 Ack=118419 Win=65536 Len=0
42820 1128.929199000 134.170.115.62 192.168.10.10 TLSv1.2 5894 Application Data
42821 1128.929369000 192.168.10.10 134.170.115.62 TCP 54 49736→443 [ACK] Seq=183032 Ack=124259 Win=65536 Len=0
42822 1128.929415000 134.170.115.62 192.168.10.10 TLSv1.2 4048 Application Data
42823 1128.929610000 192.168.10.10 134.170.115.62 TCP 54 49736→443 [ACK] Seq=183032 Ack=128253 Win=65536 Len=0
42824 1128.975173000 192.168.10.10 84.53.146.69 TCP 54 49735→80 [ACK] Seq=2045 Ack=3394 Win=65280 Len=0
42825 1133.773501000 PcPartne_58:9f:1e CadmusCo_92:47:e3 ARP 60 Who has 192.168.10.10? Tell 192.168.10.1
42826 1133.773639000 CadmusCo_92:47:e3 PcPartne_58:9f:1e ARP 42 192.168.10.10 is at 08:00:27:92:47:e3
42827 1167.694666000 191.234.4.50 192.168.10.10 TCP 60 80→49737 [RST, ACK] Seq=50461 Ack=303 Win=0 Len=0
42828 1187.256868000 192.168.10.10 84.53.146.74 TCP 54 49739→80 [RST, ACK] Seq=1041 Ack=46967 Win=0 Len=0
42829 1188.650828000 134.170.115.62 192.168.10.10 TCP 60 443→49736 [RST, ACK] Seq=128253 Ack=183032 Win=0 Len=0
42830 1192.021644000 CadmusCo_92:47:e3 PcPartne_58:9f:1e ARP 42 Who has 192.168.10.1? Tell 192.168.10.10
42831 1192.022098000 PcPartne_58:9f:1e CadmusCo_92:47:e3 ARP 60 192.168.10.1 is at 00:01:2e:58:9f:1e
You can see some resets here and the connections to the windows update site (packet 42809 above) repeates after some time. I guess there is something wrong with routing / NAT.
My network path is like this:
Guest Virtualbox (5.0.0) with Bridge/NAT to -> Arch Host -> Debian Router with shorewall NAT -> Broadband Router with NAT
Shorewoll is configured properly and Bridge/NAT mode in Virtualbox doesn't change anything. All other services in the guest machine seem to work ok (WWW, ping, DNS, SMB).
I tried my notebook with windows attached with wireless to my Debian Router and Windows Update is working here...
Does anyone has a clue what I can do next to analyze the problem?
Thanks in advance!
Webtux
Offline