RE: No Netflix, lost connection after CONNECT

Thu, 02 Jun 2011 08:29:11 -0700 

I must confess that the tcpdump output is over my head. Any help would be 
appreciated. I see a lot of checksums marked bad and "incorrect" but I have no 
idea how to fix it. I am using a Netgear FVS318G with an MTU of 1500. The only 
thing I found on Google was that it might mean the router is causing problems 
which is why I went to a DMZ setup, so the router wouldn't mess with packets. 

Tcpdump worked before I went to a DMZ setup but it didn't work the first time I 
tried it today. DNS is working and "dig mx-ecom.netflix.com" produced 
appropriate results. I used the -n flag in tcpdump to turn off dns resolution 
and replaced the host name with the ip address of the server and that worked. I 
only mention this in case it means something. 

root@server:/opt/mail
$ tcpdump -w /opt/mail/dump6.txt -s 0 host netflix.com
tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C0 packets captured
549 packets received by filter
0 packets dropped by kernel

root@server:/opt/mail
$ tcpdump -nw /opt/mail/dump7.txt -s 0 net 208.75.76.252/32
tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C24 packets captured
224677 packets received by filter
0 packets dropped by kernel

$ tcpdump -vvvv -r /opt/mail/dump7.txt
reading from file /opt/mail/dump7.txt, link-type EN10MB (Ethernet)
09:40:25.853369 IP (tos 0x0, ttl 46, id 196, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.7988 > server.workflowproducts.com.smtp: Flags [F.], 
cksum 0xedda (correct), seq 3280516486, ack 1181407503, win 46, length 0
09:40:25.853403 IP (tos 0x0, ttl 64, id 40810, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->9171)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.7988: Flags [.], 
cksum 0x0a0f (incorrect -> 0xee08), seq 1, ack 1, win 65535, length 0
09:40:25.853934 IP (tos 0x0, ttl 46, id 45051, offset 0, flags [DF], proto TCP 
(6), length 52)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [S], 
cksum 0x3847 (correct), seq 1705566477, win 5840, options [mss 
1380,nop,nop,sackOK,nop,wscale 7], length 0
09:40:25.853969 IP (tos 0x0, ttl 64, id 65283, offset 0, flags [DF], proto TCP 
(6), length 52, bad cksum 0 (->31cc)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [S.], 
cksum 0x0a1b (incorrect -> 0xca96), seq 265909580, ack 1705566478, win 65535, 
options [mss 1460,nop,wscale 2,sackOK,eol], length 0
09:40:25.854777 IP (tos 0x0, ttl 64, id 25627, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->ccc0)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.7988: Flags [F.], 
cksum 0x0a0f (incorrect -> 0xee07), seq 1, ack 1, win 65535, length 0
09:40:25.945774 IP (tos 0x0, ttl 46, id 45052, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0x0a35 (correct), seq 1, ack 1, win 46, length 0
09:40:25.945796 IP (tos 0x0, ttl 64, id 54885, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->5a76)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [.], 
cksum 0x0a0f (incorrect -> 0x0a63), seq 1, ack 1, win 65535, length 0
09:40:25.946069 IP (tos 0x0, ttl 46, id 0, offset 0, flags [DF], proto TCP (6), 
length 40)
    mx-ecom.netflix.com.7988 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0xedd9 (correct), seq 1, ack 2, win 46, length 0
09:40:25.948733 IP (tos 0x0, ttl 64, id 30296, offset 0, flags [DF], proto TCP 
(6), length 86, bad cksum 0 (->ba55)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [.], 
cksum 0x0a3d (incorrect -> 0x6c2a), seq 1:47, ack 1, win 65535, length 46
09:40:26.041138 IP (tos 0x0, ttl 46, id 45053, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0x0a07 (correct), seq 1, ack 47, win 46, length 0
09:40:26.041155 IP (tos 0x0, ttl 64, id 8764, offset 0, flags [DF], proto TCP 
(6), length 41, bad cksum 0 (->e9f)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [P.], 
cksum 0x0a10 (incorrect -> 0x002c), seq 47:48, ack 1, win 65535, length 1
09:40:26.129016 IP (tos 0x0, ttl 46, id 45054, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0x0a06 (correct), seq 1, ack 48, win 46, length 0
09:42:26.652346 IP (tos 0x0, ttl 46, id 45055, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [F.], 
cksum 0x0a05 (correct), seq 1, ack 48, win 46, length 0
09:42:26.652366 IP (tos 0x0, ttl 64, id 35596, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->a5cf)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [.], 
cksum 0x0a0f (incorrect -> 0x0a33), seq 48, ack 2, win 65535, length 0
09:42:26.654381 IP (tos 0x0, ttl 64, id 26128, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->cacb)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.53126: Flags [F.], 
cksum 0x0a0f (incorrect -> 0x0a32), seq 48, ack 2, win 65535, length 0
09:42:26.741904 IP (tos 0x0, ttl 46, id 0, offset 0, flags [DF], proto TCP (6), 
length 40)
    mx-ecom.netflix.com.53126 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0x0a04 (correct), seq 2, ack 49, win 46, length 0
09:42:48.030188 IP (tos 0x0, ttl 46, id 36948, offset 0, flags [DF], proto TCP 
(6), length 52)
    mx-ecom.netflix.com.24722 > server.workflowproducts.com.smtp: Flags [S], 
cksum 0x4928 (correct), seq 2043554555, win 5840, options [mss 
1380,nop,nop,sackOK,nop,wscale 7], length 0
09:42:48.030224 IP (tos 0x0, ttl 64, id 38326, offset 0, flags [DF], proto TCP 
(6), length 52, bad cksum 0 (->9b19)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.24722: Flags [S.], 
cksum 0x0a1b (incorrect -> 0x67f0), seq 73987140, ack 2043554556, win 65535, 
options [mss 1460,nop,wscale 2,sackOK,eol], length 0
09:42:48.117246 IP (tos 0x0, ttl 46, id 36949, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.24722 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0xa78e (correct), seq 1, ack 1, win 46, length 0
09:42:48.117275 IP (tos 0x0, ttl 64, id 53187, offset 0, flags [DF], proto TCP 
(6), length 40, bad cksum 0 (->6118)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.24722: Flags [.], 
cksum 0x0a0f (incorrect -> 0xa7bc), seq 1, ack 1, win 65535, length 0
09:42:48.124851 IP (tos 0x0, ttl 64, id 50886, offset 0, flags [DF], proto TCP 
(6), length 86, bad cksum 0 (->69e7)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.24722: Flags [.], 
cksum 0x0a3d (incorrect -> 0x0984), seq 1:47, ack 1, win 65535, length 46
09:42:48.211677 IP (tos 0x0, ttl 46, id 36950, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.24722 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0xa760 (correct), seq 1, ack 47, win 46, length 0
09:42:48.211693 IP (tos 0x0, ttl 64, id 65464, offset 0, flags [DF], proto TCP 
(6), length 41, bad cksum 0 (->3122)!)
    server.workflowproducts.com.smtp > mx-ecom.netflix.com.24722: Flags [P.], 
cksum 0x0a10 (incorrect -> 0x9d85), seq 47:48, ack 1, win 65535, length 1
09:42:48.299600 IP (tos 0x0, ttl 46, id 36951, offset 0, flags [DF], proto TCP 
(6), length 40)
    mx-ecom.netflix.com.24722 > server.workflowproducts.com.smtp: Flags [.], 
cksum 0xa75f (correct), seq 1, ack 48, win 46, length 0



Regards,

Justin T

Reply via email to