On Aug 21, 2005, at 3:51 AM, Chris Cameron wrote:
Have an OpenBSD firewall working in an office doing very straight
forward NAT and some persistent VPN tunnels.
Couple weeks ago, this firewall just stopped responding to any
traffic. It was sporadic, as after several minutes it'd start going
again. At that point it was a patched Sparc64 3.5.
While trying to troubleshoot this, I started setting up a spare x86
PC with 3.7. I didn't get anywhere with the troubleshooting, and
I'm now running OpenBSD 3.7, with the same config files, and I'm
having this exact same problem.
If two distinct firewalls, running different versions of OpenBSD/PF,
on two entirely different platforms and hardware are experiencing the
same problem, I would start to look at the common denominators. Bad
cable, switch behaving badly, etc...
Run tcpdump on another system on the network. Can it see pings
originating from the firewall during these "pauses"? Run a crossover
between the firewall and another non-OpenBSD system- can you see the
pings?
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
