problem of packet loss with e100 machine with fedora core 4

Eric Doutreleau Eric.Doutreleau at int-evry.fr
Fri Dec 23 11:20:04 UTC 2005 

Steffen Kluge wrote:

>On Thu, 2005-12-22 at 13:10 -0600, Les Mikesell wrote:
>  
>
>>If you are sure that the port negotiation is working and
>>both the nic and switch are running in full duplex it
>>could be an interrupt sharing issue when running under
>>Linux.  I'm not sure how to solve it, though.
>>    
>>
>
>That's an interesting point, I always wondered if/when overloading a
>single interrupt (as ACPI does on my laptop) leads to performance
>problems. It would be good to see the output of ``cat /proc/interrupts''
>in this case.
>
>I fixed the interrupt overloading on my laptop by booting with
>acpi=noirq, BTW.
>
>Cheers
>Steffen.
>
>  
>
Hi folks

I have found something
when i stop the firewall i don't lose packets anymore.

i m wondering what could make the network freeze in my config

i will try to remove some rules in order to see what rules is the culprit

Here is my config
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j 
ACCEPT
# Ouverture pour portmapper (C. Bac)
#-A RH-Firewall-1-INPUT -p tcp -m tcp -s 157.159.0.0/16 --dport 111 -j 
ACCEPT
#-A RH-Firewall-1-INPUT -p udp -s 157.159.0.0/16 --dport 111 -j ACCEPT
# Ouverture pour les postes de la salle
-A RH-Firewall-1-INPUT -s 157.159.15.210 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.211 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.212 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.213 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.214 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.215 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.216 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.217 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.218 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.219 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.220 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.221 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -s 157.159.15.222 -p tcp --destination-port 
1024:65535 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp -s 157.159.10.29 -d 0/0 --dport 
5308 -j ACCEPT
# Ouverture Multicast IGMP et classe D 224/4
-A RH-Firewall-1-INPUT -p igmp -d 224.0.0.0/28 -j ACCEPT
-A RH-Firewall-1-INPUT  -s 224.0.0.0/4 -j ACCEPT
# Ouverture cfengine port pour cfrun ...
-A RH-Firewall-1-INPUT -p tcp -m tcp -s 157.159.10.29 -d 0/0 --dport 
5308 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

More information about the users mailing list