[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

2.8 stops routing when portscanning through it

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: 2.8 stops routing when portscanning through it
From: Sebastian Stark <seb_(_at_)_todesplanet_(_dot_)_de>
Date: Mon, 14 May 2001 19:41:39 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

I'm having a problem with 2.8-stable. This 2.8 box acts as a router
for my small network (3 clients) and uses PPPoE/DSL for the internet
connection.

Now, if I start some parallel nmap scans from a *client* box, after
a while, the 2.8 box will stop routing. Ping time in the LAN will
become >1sec which is not acceptable. Pings from clients outside
get lost. But I can still logon with ssh (slow!).

Then, already logged into the router, I kill the nmaps on the client.
Trying to ping some host outside I get "No buffer space available".
After a short while (3min) pings from client to router are like that:

64 bytes from 192.168.1.111: icmp_seq=36 ttl=255 time=827.4 ms
64 bytes from 192.168.1.111: icmp_seq=37 ttl=255 time=0.5 ms
64 bytes from 192.168.1.111: icmp_seq=38 ttl=255 time=14082.0 ms
64 bytes from 192.168.1.111: icmp_seq=53 ttl=255 time=7717.3 ms
64 bytes from 192.168.1.111: icmp_seq=61 ttl=255 time=0.5 ms

The box is nearly dead.

Another 3 minutes later, all is working again.

1) is this a problem with pppoe?
2) how can I flush the buffer space?
3) can I get around this problem?

(No, I'm not a hacker, I do scans for customers.)

-- 
1024D/DC805C44 2000-07-06 http://cran.ath.cx/~seb/publicpgpkey.asc 
key fingerprint A079 88E9 3617 838D ED65  A7D1 277D D529 DC80 5C44

Prev by Date: problem sending mail through firewall
Next by Date: [ot] Accounting sys for OBSD
Previous by thread: Re: problem sending mail through firewall
Next by thread: [ot] Accounting sys for OBSD
Index(es):
- Date
- Thread

Visit your host, monkey.org