interesting problem I have here..

Started by Metgod, May 02, 2003, 08:41:10 PM

Previous topic - Next topic
Okay, firstly, know that this is a D-LINK, DI-604 model gateway. I know that some do not like D-LINK and prefer Netgear.. the funny thing is I had the exact same problem with Netgear, except it was worse.. anyhow..

normal NAT setup..

static ip from isp in gateway, along with my primary and secondary nameservers and subnet mask

In my tcp/ip settings I have the info for the router.. 192.168.0.1 being the gateway and so on.. I'm sure everyone knows what I'm referring to but if nto I can clarify that..

problem I'm having, and have for ages..

let's say I'm in telnet (not a terminal session but using telnet protocol).. if nothing is sent between the client and server, the connection is dropped. Not good, especially since it doesn't do this without the router as it shouldn't.. it is very frustrating and I can not for the life of me figure it out. Same goes with web sessions (which doesn't really bother me)..

It is not the firmware as I have the latest and I have had earlier versions. It is not the MTU (sorry, just had to mention that because of their tech support.. ). There has to be something, though..

time outs maybe ? That they don't even allow me to edit ? Problem with that is it's not nearly the amount they state (7500 sec).

Lastly, there is constant crap in my logs..
example:


May/02/2003 15:10:35  Drop TCP packet from WAN 64.160.202.42:4616 64.174.104.17:80 Rule: Default deny
May/02/2003 15:10:35  Drop TCP packet from WAN 61.209.219.76:1416 64.174.104.17:445 Rule: Default deny
May/02/2003 15:10:32  Drop TCP packet from WAN 64.160.202.42:4616 64.174.104.17:80 Rule: Default deny
May/02/2003 15:09:59  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33630 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33626 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33625 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33623 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33621 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33619 Rule: Default deny
May/02/2003 15:09:56  Drop TCP packet from WAN 66.70.32.78:80 64.174.104.17:33628 Rule: Default deny



other ports appear, lots of different sources and destinations too.. and I've seen a lot of tear drop packets (as they say anyhow) from  my machine and so on..

any ideas ? I know I've talked to some others about this and nothing came of it.. but the fact that I got it with netgear too, says something, I think..

cheers
Met


"My Terminal is my Soul"

Well

I checked a forum of a certain category on this and others were having similar problems. I suspected NAT was the culprit, and looking further into the forum, someone else mentioned NAT. So I found the culprit..

thing is.. my connection is static, not even PPPoE, and the tech support at D-Link told me that there is no possible way I could get disconnected (moron).

Anyone know of a way to prevent NAT from doing this ? Surely the tech support can help me.. I think tomorrow I'll report my findings and then ask for a way to by pass this.

But comments are welcome.

cheers
Met
"My Terminal is my Soul"

Sorry Met -

I didnt see this post or I would have replied earlier. Is it 1-1 NAT to your box or 1-many? And what are the chances that since you aren't sending any traffic through for a while that the router throws away (clears the buffer) of the original info about that connection? When you initially make the connection your router says "okay, sending traffic from int NAT A on port XXXX to ext box B on port 23, let me translate A to my ext int on port XXXX and send away"...then it sits and waits for a reply. When it gets the reply it use that same info to know where to send the data back to int Box A. That all works fine for you...but then you dont send anymore traffic using that and while this is all happening, any type of "keepalive" packets from the server would be dropped because they are initiated from the server, not the client....so after awhile it just disconnects completely. This would explain why it works fine without NAT...what you could do to test this is to put your box in the "DMZ" and allow that traffic to see if it still has issues...I'm will to bet that even though it is still NAT'd traffic, it would work...

I hope this helps, but I probably just confused you more...I cant even help myself half the time...

Wilnix
alt email address: wilnix@hackphreak.org

No, you didn't confuse me one bit. I know exactly what you're saying.

Unfortunately, even setting DMZ host to this box doesn't solve the problem. I tried that in the past as well. Overall, the router works fine, just a few things irritate me. However, I never thought about the cient v. server in regards to keep alives. That coudl be it. I don't know.. only way to solve it is to not use NAT and right now that's not a solution.

Another thing I hate about nat ? It fucks up my spoofing programs I wrote, hehe :)

But yea,the disconnection really irritates me to no end. I can't stand it. I'll try dmz again though...

Would appreciate it if you have any more ideas (as to what to try or why it is happening).. I think the router has a default timeout but the damn thing wont' let me edit it. I really could use a real router that I can actually control more of. Anyone have an idea as to a good but fair price router for home use ?


Thanks Will :)

Met.
"My Terminal is my Soul"

another note:

My SSH sessions to remote hosts (one in England for instance) sends keep-alives and it actually works... so there's another confusing part of it.

Any takers on that ?

Met.
"My Terminal is my Soul"

SSH works because it is treated differently. Once the session is established it is kept open. With telnet it is based on activity, much like ftp is.

wilnix
alt email address: wilnix@hackphreak.org

That explains it.. maybe I should play with tcpdump and compare the two and how they work.. would love to not be forced to use nat but alas I see no other choice. And of course, my reasons for not wanting to be behind nat is quite a silly one but still.. I want it, god damnit !! hehe

if anyone has ideas as to alternatives.. please tell me.. would love to try something else if it sounds good.

Met.

"My Terminal is my Soul"

Do you have to stick with telnet?

wilnix
alt email address: wilnix@hackphreak.org

I use SSH for most terminal emulation type services. In fact, I would never use telnet for say, shell access or something. This is a MUD and it is a telnet-like service, so basically telnet. So yeah I kind of have to in this case. For all other things, ssh is the way !

Met.

(If only I could use ssh as the protocol for muds.. oh that'd be too cool !)

"My Terminal is my Soul"

which is an interesting project, hehe.. I'll look into it
"My Terminal is my Soul"


yup.. it'd be one hell of a job... but I never said actually doing it, did I ?


I just said look into it ! ;D


Met.
"My Terminal is my Soul"



good news..

no longer do I get these useless idle disconnects.. I got a router that gives more functionality (was wanting one anyhow.. ) and this one allows me to actually disable some things like that..

so now I'm using a syslink router as opposed to d-link. Much nicer ! Thanks for your time, Will. Really appreciate it :)



Met.
"My Terminal is my Soul"

SMF spam blocked by CleanTalk