FTP problems

From: Greg Breuer (breuerg@MISSOURI.EDU)
Date: Wed Aug 21 2002 - 00:06:16 EDT

Scenario:

Ftp/web server behind PIX firewall
AIX 4.3.3 ML9 OS

Users outside firewall cannot ftp. Users connect, sit a while, blocking call
received. Connection cancelled.

HTTP works like a champ until you hit a ftp link-nothing happens.

Users inside firewall can ftp at will.

PIX set up correctly. Verified by setting up temporary FTP server, no
problem.

16-hour day, drove home, logged on via modem. Connected anonymous,
downloaded file from ftp server.

Traceroute from modem connection:

Traceroute has started ...

traceroute to msdis.missouri.edu (128.206.27.198), 30 hops max, 40 byte
packets
 1 term1.jcmo.socket.net (216.106.32.245) 166.224 ms 122.968 ms 135.57
ms
 2 rtr1.jcmo.socket.net (216.106.32.241) 124.567 ms 122.666 ms 125.037
ms
 3 rtr1.kcmo.socket.net (216.106.23.97) 171.138 ms 175.447 ms 168.917 ms
 4 gw1.kcmo.socket.net (216.106.6.82) 158.924 ms 159.102 ms 162.938 ms
 5 sl-gw31-chi-6-0-ts12.sprintlink.net (144.223.6.97) 165.171 ms 169.433
ms 168.893 ms
 6 sl-bb23-chi-4-0.sprintlink.net (144.232.10.49) 189.864 ms 173.631 ms
177.444 ms
 7 sl-bb20-kc-14-0.sprintlink.net (144.232.8.201) 186.154 ms 195.482 ms
195.468 ms
 8 sl-gw16-kc-1-0.sprintlink.net (144.232.23.54) 182.446 ms 193.055 ms
187.522 ms
 9 sl-swb-60-0.sprintlink.net (144.232.128.242) 221.093 ms 218.1 ms
220.241 ms
10 bb2-p5-0.stlsmo.swbell.net (151.164.240.134) 228.986 ms 223.489 ms
228.484 ms
11 ded1-fa0-0-0.stlsmo.swbell.net (151.164.14.227) 228.249 ms 229.891 ms
223.245 ms
12 vip-university-of-missouri-3241086.cust-rtr.swbell.net (151.164.15.254)
204.849 ms 198.469 ms 193.257 ms
13 co-r12-01-atm0-0-101.mo.more.net (150.199.7.5) 210.219 ms 199.131 ms
213.497 ms
14 co-r10-01-pos1-0-0.mo.more.net (150.199.7.26) 211.023 ms 210.44 ms
214.312 ms
15 umc-atm4-0-0-200.gw.more.net (150.199.4.250) 225.938 ms 214.74 ms
228.756 ms
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

Network Statistics for session:

ip:
    223355 total packets received
    0 bad header checksums
    0 with size smaller than minimum
    0 with data size < data length
    0 with header length < data size
    0 with data length < header length
    0 with bad options
    0 with incorrect version number
    0 fragments received
    0 fragments dropped (dup or out of space)
    0 fragments dropped after timeout
    0 packets reassembled ok
    223260 packets for this host
    95 packets for unknown/unsupported protocol
    0 packets forwarded (0 packets fast forwarded)
    0 packets noges < minimum length
    0 bad checksums
    0 messages with bad length
    0 multicast echo requests ignored
    0 multicast timestamp requests ignored
    Input histogram:
        destination unreachable: 39
        routing redirect: 55
        time exceeded: 46
    0 message responses generated
    ICMP address mask responses are disabled
igmp:
    0 messages received
    0 messages received with too few bytes
    0 messages received with bad checksum
    0 membership queries received
    0 membership queries received with invalid field(s)
    0 membership reports received
    0 membership reports received with invalid field(s)
    0 membership reports received for groups to which we belong
    2 membership reports sent
tcp:
    159601 packets sent
        22907 data packets (3072782 bytes)
        180 data packets (90773 bytes) retransmitted
        0 resends initiated by MTU discovery
        63330 ack-only packets (59096 delayed)
        0 URG only packets
        0 window probe packets
        3074 window update packets
        70116 control packets
    221590 packets received
        25181 acks (for 3020867 bytes)
        1307 duplicate acks
        0 acks for unsent data
        78655 packets (77435994 bytes) received in-sequence
        557 completely duplicate packets (398186 bytes)
        0 old duplicate packets
        0 packets with some dup. data (0 bytes duped)
        755 out-of-order packets (567319 bytes)
        11 packets (10 bytes) of data after window
        10 window probes
        10 window update packets
        25 packets received after close
        221 discarded for bad checksums
        0 discarded for bad header offset fields
        0 discarded because packet too short
    68310 connection requests
    206 connection accepts
    0 bad connection attempts
    0 listen queue overflows
    1875 connections established (including accepts)
    70413 connections closed (including 1154 drops)
        44 connections updated cached RTT on close
        44 connections updated cached RTT variance on close
        17 connections updated cached ssthresh on close
    65537 embryonic connections dropped
    25082 segments updated rtt (of 91811 attempts)
    462 retransmit timeouts
        0 connections dropped by rexmit timeout
    0 persist timeouts
        0 connections dropped by persist timeout
    43 keepalive timeouts
        0 keepalive probes sent
        1 connection dropped by keepalive
    829 correct ACK header predictions
    58157 correct data packet header predictions
udp:
    1625 datagrams received
    0 with incomplete header
    0 with bad data length field
    3 with bad checksum
    47 dropped due to no socket
    4 broadcast/multicast datagrams dropped due to no socket
    0 dropped due to full socket buffers
    0 not for hashed pcb
    1571 delivered
    1638 datagrams output

Tell me what I'm seeing. Trouble at umc-atm4-0-0-200.gw.more.net
(150.199.4.250)

Greg Breuer
>From the homefront

The shortest and surest way to live with honor in the
world is to be in reality what we would appear to be.

-- Socrates

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:09 EDT