[Click] packets not seen by click unless tcpdump running
Marcel Poisot
marcel at jhu.edu
Thu Oct 14 15:27:38 EDT 2004
1.
I have the following configuration, run in User mode:
FromDevice( eth0 ) -> ToDump( input.dump ) -> /* uninteresting stuff */
I have Iptables set to drop packets from INPUT, and accept all packets
from FORWARD and OUTPUT. I do this because I just want to passively
record packets right now, and I don't want the OS sending out RST or any
programs actually responding to packets.
With this router running, I try to telnet to this machine from a second
machine, expecting input.dump to record the several SYN packets issued
by telnet trying to initiate the connection. I have tcpdump running on
the second machine so I see the three SYN packets go out.
However, input.dump only records the first SYN packet. Sometimes I see
other traffic, such as ARP requests and NetBios broadcasts from other
machines on the network.
Strangely, if I run tcpdump at the same time as the click router, then
input.dump DOES record all the traffic I think it should be getting (ie,
the three SYN packets)! What is going on here? Why does the click
router not receive traffic unless tcpdump is running?
2.
What is the proper/required use of Queue? Is it needed for Userland
click configurations, or just Kernel mode? Where in a configuration
should I put them, and how many are needed? (I really don't want any
packets dropped). Could this have anything to do with my problem above?
Thanks,
Marcel
More information about the click
mailing list