On Saturday, August 11, 2018, 8:07:36 PM GMT+2, Tom Eastep <teas...@shorewall.net> wrote:
> My suggestion for debugging this further is to use a packet sniffer to > see what is happening on the wire during the period of loss: > > a) Are the echo-request packets being sent? > b) If not, is there unsuccessful ARPing occurring? The echo requests are being sent as seen below. # tcpdump -i enp9s6 host 8.8.8.8 dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on enp9s6, link-type EN10MB (Ethernet), capture size 262144 bytes 08:12:18.603636 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 1, length 64 08:12:19.642887 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 2, length 64 08:12:20.682810 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 3, length 64 08:12:21.721237 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 4, length 64 08:12:22.762528 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 5, length 64 08:12:23.802597 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 6, length 64 08:12:24.841126 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 7, length 64 08:12:25.881195 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 8, length 64 08:12:26.922607 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 9, length 64 08:12:27.962655 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 10, length 64 08:12:29.001091 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 11, length 64 08:12:30.042569 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 12, length 64 08:12:31.082581 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 13, length 64 08:12:32.122591 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 14, length 64 08:12:33.162544 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 15, length 64 08:12:33.177647 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 15, length 64 08:12:34.171027 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 16, length 64 08:12:34.186632 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 16, length 64 08:12:35.180972 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 17, length 64 08:12:35.196782 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 17, length 64 08:12:36.191086 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 18, length 64 08:12:36.206656 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 18, length 64 08:12:37.201017 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 19, length 64 08:12:37.216632 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 19, length 64 08:12:38.210990 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 20, length 64 08:12:38.226712 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 20, length 64 08:12:39.219069 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 21, length 64 08:12:39.234713 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 21, length 64 08:12:40.229018 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 22, length 64 08:12:40.244660 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 22, length 64 08:12:41.230962 IP 192.168.101.2 > google-public-dns-a.google.com: ICMP echo request, id 4825, seq 23, length 64 08:12:41.246677 IP google-public-dns-a.google.com > 192.168.101.2: ICMP echo reply, id 4825, seq 23, length 64 The pattern of echo replies failing to arrive is variable. At times, there's no packet loss, but I frequently get a 10-20-40% packet loss (sometimes even as high as 65%). I also noticed (but it's just an impression) that right after rebooting the modem/router I get no packet loss whatsoever for several hours. The shorewall gateway's enp9s6 interface is 100Mbps full duplex, and is connected to the modem/router which has a built-in 4-port Gbps switch with an ethernet cable. If I connect a test laptop to that mini switch while I'm experiencing the packet loss issues on the shorewall box, I can see the same problems there too. Disconnecting the shorewall gateway ethernet cable from that 4-port switch, hence making my test laptopĀ the only client device in the network makes the packet loss issue vanish. Reconnecting the Shorewall gateway restores the network issues. Again, I'd like to point out that rebooting the modem/router solves everything for SEVERAL hours (basically until the next day), no matter what I connect to that 4-port switch. I'm wondering if there's a host within Shorewall's LAN that's generating some sort of traffic that could be directly or indirectly causing this issue (maybe it does so only on a daily basis and only at night, which would explain why rebooting the modem/router in the morning fixes my issue for about 24 hours). A full tcpdump was taken on enp9s6 (no filters) while I was pinging 8.8.8.8 (and noticed missing reply packets even though there were requests). It can be found here: https://drive.google.com/open?id=1TVqiNmlaL4Hu5-I3IDiJpX66vPofHpd9 I'd appreciate it if you could let me know if you see anything odd in that trace. Thanks, Vieri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users