- Pingando Eth´s
+ Responder ao Tópico
-
Pingando Eth´s
Galera bom dia!
Está ocorrendo algo estranho no meu servidor proxy, nele tenho 2 placas de rede, eth0 e eth1.
Estando em uma estação windows e pingando a eth0 e eth1 do proxy que estão neste momento com os ip 192.168.0.38 e 192.168.0.37 respectivamente os mesmos respondem, agora se eu baixo a eth1 que teoricamente está com o ip 192.168.37 e pingo este IP o proxy continua respondendo o ping, porque disto?
Abraços
-
apresente:
ifconfig do proxy
faça:
tcpdump -v host maquina.rwindows.que.vai.pingar.no.proxy
-
eth0 Link encap:Ethernet HWaddr 00:50A6:05:AA
inet addr:192.168.0.38 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:daff:fed6:5aa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12448 errors:0 dropped:0 overruns:1 frame:0
TX packets:2800 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2288206 (2.1 MiB) TX bytes:366928 (358.3 KiB)
Interrupt:18 Base address:0xe800
eth1 Link encap:Ethernet HWaddr 00:16:EC:30:F7:76
inet addr:192.168.0.37 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::216:ecff:fe30:f776/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6748 errors:0 dropped:0 overruns:0 frame:0
TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1807318 (1.7 MiB) TX bytes:16488 (16.1 KiB)
Interrupt:19 Base address:0xec00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:952 (952.0 b) TX bytes:952 (952.0 b)
Resulado do Tcpdump
tcpdump -v host 192.168.0.2
13:24:19.097481 IP (tos 0x0, ttl 64, id 63236, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.device2 > 192.168.0.37.ssh: ., cksum 0x20ce (correct), ack 19833048 win 63027
13:24:19.097523 IP (tos 0x10, ttl 64, id 34376, offset 0, flags [DF], proto: TCP (6), length: 268) 192.168.0.37.ssh > 192.168.0.2.device2: P 19834572:19834800(228) ack 97449 win 283
13:24:19.097557 IP (tos 0x0, ttl 64, id 63237, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.device2 > 192.168.0.37.ssh: ., cksum 0x20ce (correct), ack 19833888 win 62187
13:24:19.097572 IP (tos 0x10, ttl 64, id 34377, offset 0, flags [DF], proto: TCP (6), length: 460) 192.168.0.37.ssh > 192.168.0.2.device2: P 19834800:19835220(420) ack 97449 win 283
13:24:19.097602 IP (tos 0x0, ttl 64, id 63238, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.device2 > 192.168.0.37.ssh: ., cksum 0x20ce (correct), ack 19834344 win 61731
[2]+ Stopped tcpdump -v host 192.168.0.2
Obrigado.
-
esta seria a condição normal, com ambas as placas em funcionamento; como vc diz que BAIXANDO a placa AINDA continua pingango,, isso é MUITO estranho; então, façamos assim:
ifconfig eth1 down
e repita os testes acima, pls.
-
root@uniinteer:~# ifconfig eth0 down
root@uniinteer:~# ifconfig
eth1 Link encap:Ethernet HWaddr 00:16:EC:30:F7:76
inet addr:192.168.0.37 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::216:ecff:fe30:f776/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:12638 errors:0 dropped:0 overruns:0 frame:0
TX packets:250 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3440058 (3.2 MiB) TX bytes:20312 (19.8 KiB)
Interrupt:19 Base address:0xec00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1660 (1.6 KiB) TX bytes:1660 (1.6 KiB)
root@uniinteer:~#
15:16:03.624876 IP (tos 0x10, ttl 64, id 3280, offset 0, flags [DF], proto: TCP (6), length: 268) 192.168.0.37.ssh > 192.168.0.2.3199: P 1392920:1393148(228) ack 6813 win 283
15:16:03.624913 IP (tos 0x0, ttl 64, id 23095, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.3199 > 192.168.0.37.ssh: ., cksum 0x538a (correct), ack 1390448 win 63431
15:16:03.624916 IP (tos 0x10, ttl 64, id 3281, offset 0, flags [DF], proto: TCP (6), length: 268) 192.168.0.37.ssh > 192.168.0.2.3199: P 1393148:1393376(228) ack 6813 win 283
15:16:03.624970 IP (tos 0x10, ttl 64, id 3282, offset 0, flags [DF], proto: TCP (6), length: 268) 192.168.0.37.ssh > 192.168.0.2.3199: P 1393376:1393604(228) ack 6813 win 283
15:16:03.625016 IP (tos 0x10, ttl 64, id 3283, offset 0, flags [DF], proto: TCP (6), length: 444) 192.168.0.37.ssh > 192.168.0.2.3199: P 1393604:1394008(404) ack 6813 win 283
15:16:03.625062 IP (tos 0x10, ttl 64, id 3284, offset 0, flags [DF], proto: TCP (6), length: 444) 192.168.0.37.ssh > 192.168.0.2.3199: P 1394008:1394412(404) ack 6813 win 283
15:16:03.625068 IP (tos 0x0, ttl 64, id 23096, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.3199 > 192.168.0.37.ssh: ., cksum 0x538a (correct), ack 1391780 win 62099
15:16:03.625103 IP (tos 0x0, ttl 64, id 23097, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.3199 > 192.168.0.37.ssh: ., cksum 0x538a (correct), ack 1392236 win 61643
15:16:03.625108 IP (tos 0x10, ttl 64, id 3285, offset 0, flags [DF], proto: TCP (6), length: 444) 192.168.0.37.ssh > 192.168.0.2.3199: P 1394412:1394816(404) ack 6813 win 283
15:16:03.625149 IP (tos 0x0, ttl 64, id 23098, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.3199 > 192.168.0.37.ssh: ., cksum 0x538a (correct), ack 1392692 win 61187
15:16:03.625164 IP (tos 0x10, ttl 64, id 3286, offset 0, flags [DF], proto: TCP (6), length: 268) 192.168.0.37.ssh > 192.168.0.2.3199: P 1394816:1395044(228) ack 6813 win 283
15:16:03.625201 IP (tos 0x0, ttl 64, id 23099, offset 0, flags [DF], proto: TCP (6), length: 40) 192.168.0.2.3199 > 192.168.0.37.ssh: ., cksum 0x538a (correct), ack 1393148 win 60731
[1]+ Stopped tcpdump -v host 192.168.0.2
---------
Ping da estação na interface do proxy após baixar a mesma
Microsoft Windows XP [versão 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
c:\>ping 192.168.0.38
Disparando contra 192.168.0.38 com 32 bytes de dados:
Resposta de 192.168.0.38: bytes=32 tempo<1ms TTL=64
Resposta de 192.168.0.38: bytes=32 tempo<1ms TTL=64
Resposta de 192.168.0.38: bytes=32 tempo<1ms TTL=64
Resposta de 192.168.0.38: bytes=32 tempo<1ms TTL=64
Estatísticas do Ping para 192.168.0.38:
Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de perda),
Aproximar um número redondo de vezes em milissegundos:
Mínimo = 0ms, Máximo = 0ms, Média = 0ms
c:\>
-
Olha que loucura, baixei a eth0 (192.168.0.38) e mesmo assim consegui conectar ao proxy através do Putty usando este IP, olha a imagem.....
ImageShack - Image Hosting :: putty.jpg
-
vc disparou o ping mas não deixou o tcpdump pra olhar. De qualquer forma, eu não sabia que vc estava remoto, então as informações foram apenas da porta 22. Tentemos, de novo:
tcpdump -v host maquina.de.origem and port ! ssh
dai vc pinga pro .38, que é o tal
(imagino que AMBOS os end estejam na mesma máquina).
aproveite faça um
traceroute 192...38 só pra ver onde passa. (provavelmente é direto)
-
root@uniinteer:~# tcpdump -v host 192.168.0.2 and port ! ssh
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
13:23:14.362379 IP (tos 0x0, ttl 64, id 26366, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 14082, length 40
13:23:14.362385 IP (tos 0x0, ttl 64, id 12400, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 14082, length 40
13:23:15.362608 IP (tos 0x0, ttl 64, id 26390, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 14338, length 40
13:23:15.362614 IP (tos 0x0, ttl 64, id 12401, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 14338, length 40
13:23:16.362873 IP (tos 0x0, ttl 64, id 26417, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 14594, length 40
13:23:16.362879 IP (tos 0x0, ttl 64, id 12402, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 14594, length 40
13:23:17.363097 IP (tos 0x0, ttl 64, id 26446, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 14850, length 40
13:23:17.363105 IP (tos 0x0, ttl 64, id 12403, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 14850, length 40
13:23:18.363337 IP (tos 0x0, ttl 64, id 26472, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 15106, length 40
13:23:18.363343 IP (tos 0x0, ttl 64, id 12404, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 15106, length 40
13:23:19.363572 IP (tos 0x0, ttl 64, id 26485, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 15362, length 40
13:23:19.363579 IP (tos 0x0, ttl 64, id 12405, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 15362, length 40
13:23:20.363796 IP (tos 0x0, ttl 64, id 26509, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 15618, length 40
13:23:20.363802 IP (tos 0x0, ttl 64, id 12406, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 15618, length 40
13:23:21.364094 IP (tos 0x0, ttl 64, id 26537, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 15874, length 40
13:23:21.364100 IP (tos 0x0, ttl 64, id 12407, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 15874, length 40
13:23:22.364315 IP (tos 0x0, ttl 64, id 26554, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 16130, length 40
13:23:22.364321 IP (tos 0x0, ttl 64, id 12408, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 16130, length 40
13:23:23.364509 IP (tos 0x0, ttl 64, id 26575, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 16386, length 40
13:23:23.364515 IP (tos 0x0, ttl 64, id 12409, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 16386, length 40
13:23:24.364749 IP (tos 0x0, ttl 64, id 26593, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 16642, length 40
13:23:24.364755 IP (tos 0x0, ttl 64, id 12410, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 16642, length 40
13:23:25.365002 IP (tos 0x0, ttl 64, id 26615, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 16898, length 40
13:23:25.365010 IP (tos 0x0, ttl 64, id 12411, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 16898, length 40
13:23:26.365219 IP (tos 0x0, ttl 64, id 26647, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17154, length 40
13:23:26.365226 IP (tos 0x0, ttl 64, id 12412, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17154, length 40
13:23:27.366347 IP (tos 0x0, ttl 64, id 26667, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17410, length 40
13:23:27.366354 IP (tos 0x0, ttl 64, id 12413, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17410, length 40
13:23:28.365725 IP (tos 0x0, ttl 64, id 26685, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17666, length 40
13:23:28.365732 IP (tos 0x0, ttl 64, id 12414, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17666, length 40
13:23:29.365937 IP (tos 0x0, ttl 64, id 26704, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17922, length 40
13:23:29.365946 IP (tos 0x0, ttl 64, id 12415, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17922, length 40
13:23:30.366172 IP (tos 0x0, ttl 64, id 26722, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18178, length 40
13:23:30.366181 IP (tos 0x0, ttl 64, id 12416, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18178, length 40
13:23:31.366419 IP (tos 0x0, ttl 64, id 26748, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18434, length 40
13:23:31.366425 IP (tos 0x0, ttl 64, id 12417, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18434, length 40
13:23:32.366648 IP (tos 0x0, ttl 64, id 26764, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18690, length 40
13:23:32.366656 IP (tos 0x0, ttl 64, id 12418, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18690, length 40
13:23:33.366876 IP (tos 0x0, ttl 64, id 26791, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18946, length 40
13:23:33.366886 IP (tos 0x0, ttl 64, id 12419, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18946, length 40
[3]+ Stopped tcpdump -v host 192.168.0.2 and port ! ssh
root@uniinteer:~#
Tracert do win pro linux deu 1 hop e vice versa tbem.
Abs.
-
13:23:28.365725 IP (tos 0x0, ttl 64, id 26685, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17666, length 40
13:23:28.365732 IP (tos 0x0, ttl 64, id 12414, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17666, length 40
13:23:29.365937 IP (tos 0x0, ttl 64, id 26704, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 17922, length 40
13:23:29.365946 IP (tos 0x0, ttl 64, id 12415, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 17922, length 40
13:23:30.366172 IP (tos 0x0, ttl 64, id 26722, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18178, length 40
13:23:30.366181 IP (tos 0x0, ttl 64, id 12416, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18178, length 40
13:23:31.366419 IP (tos 0x0, ttl 64, id 26748, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18434, length 40
13:23:31.366425 IP (tos 0x0, ttl 64, id 12417, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18434, length 40
13:23:32.366648 IP (tos 0x0, ttl 64, id 26764, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18690, length 40
13:23:32.366656 IP (tos 0x0, ttl 64, id 12418, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18690, length 40
13:23:33.366876 IP (tos 0x0, ttl 64, id 26791, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.38: ICMP echo request, id 768, seq 18946, length 40
13:23:33.366886 IP (tos 0x0, ttl 64, id 12419, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.38 > 192.168.0.2: ICMP echo reply, id 768, seq 18946, length 40
[3]+ Stopped tcpdump -v host 192.168.0.2 and port ! ssh
___________
O tracert/traceroute entre win e linux deu 1 hop e vice versa....
Abraço
-
Esse é o dump pingando a outra interface através do windows, no caso a que está com o ip 192. . .37
root@uniinteer:~# tcpdump -v host 192.168.0.2 and port ! ssh
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
13:40:09.968596 IP (tos 0x0, ttl 64, id 46496, offset 0, flags [none], proto: UDP (17), length: 229) 192.168.0.2.netbios-dgm > 192.168.0.255.netbios-dgm: NBT UDP PACKET(138)
13:40:14.437278 arp who-has 192.168.0.37 tell 192.168.0.2
13:40:14.437293 arp reply 192.168.0.37 is-at 00:50:da:d6:05:aa (oui Unknown)
13:40:14.437403 IP (tos 0x0, ttl 64, id 46618, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.2 > 192.168.0.37: ICMP echo request, id 768, seq 41730, length 40
13:40:14.437426 IP (tos 0x0, ttl 64, id 12498, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 41730, length 40
13:40:15.437636 IP (tos 0x0, ttl 64, id 12499, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 41986, length 40
13:40:16.437847 IP (tos 0x0, ttl 64, id 12500, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 42242, length 40
13:40:17.438094 IP (tos 0x0, ttl 64, id 12501, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 42498, length 40
13:40:18.438324 IP (tos 0x0, ttl 64, id 12502, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 42754, length 40
13:40:19.438600 IP (tos 0x0, ttl 64, id 12503, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 43010, length 40
13:40:20.439008 IP (tos 0x0, ttl 64, id 12504, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 43266, length 40
13:40:21.439048 IP (tos 0x0, ttl 64, id 12505, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 43522, length 40
13:40:22.439276 IP (tos 0x0, ttl 64, id 12506, offset 0, flags [none], proto: ICMP (1), length: 60) 192.168.0.37 > 192.168.0.2: ICMP echo reply, id 768, seq 43778, length 40
[4]+ Stopped tcpdump -v host 192.168.0.2 and port ! ssh
root@uniinteer:~#
-
O que notei foi que quando eu fico escutando o ping para a .38 demora para ele me mostrar os resultados, já quando pingo para a .37 a resposta do dump é imediata.
Abs.
-
bem.. vamos tentar com o que temos:
13:40:14.437278 arp who-has 192.168.0.37 tell 192.168.0.2
13:40:14.437293 arp reply 192.168.0.37 is-at 00:50:da:d6:05:aa
tente achar QUAL máquina tem esse mac-addr 00:50:da:d6:05:aa; não será a primeira placa do mundo que encontro com endereço clonado. Ela está respondendo como fosse a .37, e isso ocasiona mesmo alguma demora, pode até ser que seja, mas enfim:
no meu exemplo, a seguir, tenho uma placa só, no seu servidor deverão aparecer duas. Veja os endereços (Ethernet.. ) , NÃO SENDO nêle (placa ainda desligada) indica que alguma outra máquina está se fazendo passar por esta. Deveria haver problemas do arp estar incomodando, mas isso é outra história, fica pra outra vez.
no servidor digite:
[irado@irado:~$]: dmesg | grep eth
eth0: Broadcom 4400 10/100BaseT Ethernet 00:15:c5:35:14:98
no seu caso, virão DUAS placas (ou mais, se houverem mais).
se a .37 (desligada) tiver o mesmo numero então podemos supor que OUTRA máquina está se fazendo passar por ela. Neste caso, vamos ter que ir atrás dela - um "mapeador de rede" poderia ajudar, neste caso (procurar no freshmeat).
-
Olá amigo!
Fiz o seguinte, reinstalei meu Slackware e refiz as configurações de squid, samba, http e etc, como havia anotado tudo foi rápido, infelizmente não posso ficar testando o que houve com essas NHACAS de placas de rede, tive que resolver desta forma.
Espero que isso não volte a acontecer, rs, senão voltamos a nos falar.
Mesmo assim agradeço a atenção do amigo e pode contar comigo no que for preciso.
Abraço a todos.