Networking :: Netstat - Dropped Packets Under IP

Feb 13, 2009

I have question regarding netstat? When performing a "netstat -s" I receive the following information regarding dropped packets under IP:

93978695 total packets received
0 forwarded
0 incoming packets discarded
79472157 incoming packets delivered
65235033 requests sent out
29527 outgoing packets dropped

However if I run a "netstat -i" I have no dropped packets whatsoever: (apologies for the table format):
Kernel Interface table
bond0 1500 0 34326528 0 0 0 72755307 0 0 0 BMmRU
bond0:1 1500 0 - no statistics available - BMmRU
bond1 1500 0 28605491 0 0 0 20948952 0 0 0 BMmRU
eth0 1500 0 34199550 0 0 0 72755278 0 0 0 BMsRU
eth1 1500 0 126978 0 0 0 29 0 0 0 BMsRU
eth2 1500 0 97911 0 0 0 1 0 0 0 BMsRU
eth3 1500 0 28507580 0 0 0 20948951 0 0 0 BMsRU
lo 16436 0 34094225 0 0 0 34094225 0 0 0 LRU

View 5 Replies


Networking :: Dropped Packets But Only For TCP Connections?

Oct 1, 2010

One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.

View 5 Replies View Related

Networking :: Dropped Packets On Firewall

Jan 11, 2010

I've recently installed Ubunter 9.10 Server Edition to use as a NAT firewall for the lab I run. I'm using iptables to do NAT forwarding and everything works great except that, occasionally, connections seem to break. Ssh connections close with "Connection reset by peer" and HTTP connections just stall out.I believe this has to do with the firewall's internal network interface occasionally dropping packets.

View 2 Replies View Related

Networking :: Netstat Command - Huge Amounts Of Small Packets

Nov 30, 2009

I have a small office network (about 30 machine) with linux gateway (6Mbps internet bandwidth). Every user get only 500Kbps bandwidth, and they use the internet very poor. The internet getting slow lately, and I noticed that there are huge amount of small packets (78 byte, 48 byte) coming to linux machines. My question is: How can I solve which machine(s) sending those small packets? Do you have any ideas with netstat command?

View 1 Replies View Related

Networking :: (Netstat -s) Bits Or Data Packets Transferred Counts?

Sep 15, 2009

Using netstat I can get a lot of network related information which is pretty useful at times. But when I use for example 'netstat -s' it gives me a lot of counts for bits transferred or data packets transferred etc. Now one thing I am not sure of is that for how long those counts will keep rolling and when will they get reset (when I restart the machine?, when I restart the network services? Or if there is some kinda threshold set on it?) How exactly netstat counts those things (I mean what is the source of those counts for netstat).

View 2 Replies View Related

Ubuntu Networking :: Packets DROPPED By Firewall?

Mar 13, 2010

I am using ubuntu 9.10. Configuring my firewall using guarddog. I have setup a rule to allow traffic OUT on port 7078 UDP, and just because i'm having problems i added an IN rule.

# Create the filter chains
# Create chain to filter traffic going from 'Internet' to 'Local'
ipchains -N f0to1


View 2 Replies View Related

Networking :: Packets Go Out One Tunnel / Come Back Another / Then Are Dropped

Dec 5, 2010

I've run into a of a routing issue pertaining to packets leaving a firewall, traversing and IPSec tunnel, hitting the target and then returning via a different tunnel, finally arriving back on the source firewall but on a different interface from where it started. Once the packet has returned to the firewall it is dropped I've been unable to discover the reason for the drop. Two sides to the system, Firewall A and Firewall B. Each firewall provides the default gateway to its respective side and offers a backup IPSec tunnel to the high capacity tunnel handled internally. The Layer 3 Switch uses OSPF and takes care of the bulk of the behind the scenes routing between the sides. In case of failure the Layer 3 switches direct traffic to use the Firewall tunnels to route traffic.

View 2 Replies View Related

Networking :: TCP Packets Seem To Be Dropped On Debian Squeeze W/NAT?

Apr 4, 2011

I'm running a Debian Squeeze 6.0.1a box that's connected to my ISP via an L2TP connection that's managed by OpenL2TPD. The box is configured to perform NAT from local clients (on eth0) to the internet (on ppp0).

However, I'm having an issue with TCP packets that are sent from the box itself to the internet (packets originally coming from the local clients get sent and received over the internet just fine)

I'm using this Python app to test this:

#!/usr/bin/env python
import socket, time
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('', 5003))
while 1:
conn, addr = s.accept()


View 3 Replies View Related

Fedora Networking :: Can Ping But Cannot Browse - Outgoing Packets Dropped

Oct 5, 2010

In my Fedora13 machine, while in mobile broadband, i can ping and skype outside, but cannot browse/yum etc. Few output that may be of relevence are here:

$ netstat -s
149468 total packets received
6 with invalid headers
16174 with invalid addresses
0 forwarded
0 incoming packets discarded
118821 incoming packets delivered
101331 requests sent out
124 outgoing packets dropped
866 dropped because of missing route .....

View 3 Replies View Related

Ubuntu Networking :: Ifconfig Showing Millions Of Dropped Packets?

Feb 28, 2010

with my other ethernet card problem solved, I suddenly run into this:

Link encap:Ethernet HWaddr 00:02:e3:16:37:4c
inet addr: Bcast: Mask:
inet6 addr: fe80::202:e3ff:fe16:374c/64 Scope:Link


This card was working perfectly fine up hour ago and it started doing this. My iptables isn't blocking it somehow, because I didn't change anything. I tried reverting to an older kernel and that didn't help. It's not the network cable, it works fine in any other card. Also, the dropped packets seem to count down? It seems to go down by exactly one every time I run ifconfig, no matter the length of time in between running it.

View 3 Replies View Related

Networking :: See The Number Of Packets Dropped By Kernel Due To Insufficient Queue Size?

Sep 15, 2010

As is known, there is a queue lies between the kernel subsystem and the network driver for incoming data. And if data come when this queue has no space for it, the data got dropped by kernel. Is there some way to see how many packets are dropped due to this buff penury? I tried netstat -s but could not find something useful. On the other hand, I found this 12176 packets collapsed in receive queue due to low socket buffer from netstat -s. I think this is something related to the per-socket buffer, but not the incoming queue between the network driver and kernel. Is this right?

View 1 Replies View Related

Security :: Logging DROPPED And INVALID Packets

Oct 18, 2010

I am trying to figure out what command to use to show the number of DROPPED and INVALID packets that the firewall is handling.I'm going to put these commands into a log analyzer script which will run every 15 minutes with cron. The firewall is running and operating the way I want it to. I'm running CentOS 5.4.

View 2 Replies View Related

General :: Netem For Mac OS X To Emulate Network Latency And Dropped Packets?

Aug 9, 2010

I'm looking for an open source/free network emulator tool that I could use on Mac OS X, to simulate a slow network connection, limited bandwidth and other network characteristics such as dropped packets etc for both UDP/TCP connections (or even on the physical layer).

I'm looking for the simplest solution that would allow me to run TCP/UDP servers and have a few clients connect to them on localhost emulating various network connections. I'm mainly wondering if I can use something like Linux's netem on Mac OS X (or even better cross-platform Windows/Linux/Mac). Perhaps I can run VirtualBox and a Linux kernel running netem, has anyone had luck with that?[URL]...

View 2 Replies View Related

General :: Unexplained Log Cruft And Possible Dropped Packets On WPA2-Personal LAN

Sep 12, 2010

I've been receiving a LOT of log cruft ever since I installed my WUSB100V2 (using the rt2870sta community driver from the Linux kernel) and was wondering what it all meant.

Many times when these messages occur it is accompanied by slow network speeds and many DNS queries and outgoing SYNs being dropped. I have searched for documentation for these (error?) messages and have come up empty as far as what they mean or how I can stop them from occurring.

I reside on the opposite side of the building from my WAP. I have taken steps to improve the signal strength, but the signal quality hovers between 50% and 70%, sometimes dropping to 40% for unknown reasons.

My /var/log/messages:

Sep 12 05:04:40 necronomicon -- MARK --
Sep 12 05:29:48 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4284
Sep 12 05:29:53 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4104
Sep 12 05:30:06 necronomicon kernel: 0:3 LTL=0 , TL=0 L:4156


View 1 Replies View Related

Fedora Security :: Logging Dropped Packets With System-config-firewall?

Sep 1, 2009

I switched over to Fedora a couple of days ago. I'm using the built-in firewall shipped with it but I can't find out how to enable logging of dropped packets. Among others I'd like to use psad that needs firewall logging. Is there an easy way to do this? I'm not an iptables "expert".

View 6 Replies View Related

Fedora Hardware :: Realtek RTL8111E - Dropped Packets In Windows7 / F15 Dual-boot?

Jul 6, 2011

my NIC drives me crazy and I need some help to gather all relevant informations to file a decent bug report. Maybe someone could guide me through this process.My mainboard is an AsRock Z68 Pro3


I use a dual-boot setup with Windows7 installed in parallel to Fedora 15-x64. Whenever I had Windows in use and jjust reboot the system into Fedora, the NIC does not work as expected. Instead it goes in an endless "em1: link up" loop which results in very low bandwith or even complete network timeouts. This happens in Firefox as well as with yum or ping.


Originally Posted by dmesg
[ 58.763294] r8169 0000:05:00.0: em1: link up
[ 59.686773] r8169 0000:05:00.0: em1: link up
[ 61.936454] r8169 0000:05:00.0: em1: link up


If I directly cold boot into Fedora (after the power cord has been removed and the system got completely re-initialized) there are no problems at alll and I get a fast and stable network conection. This also happens with other linux distributions, for example SysRescCD.

View 1 Replies View Related

Networking :: Firewall - Allow Packets Coming From Internet After Authenticating And To By Pass Packets Generated From Internal LAN?

Feb 8, 2010

i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.

i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?

View 8 Replies View Related

Programming :: Write A Program In C That Can Sniff Packets From Ethernet And Distinguish RTP Packets From Non-RTP Packets?

Aug 30, 2010

i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do

View 9 Replies View Related

Networking :: Understanding Netstat TCP Port

Aug 1, 2011

I have an application that uses port 8080 all the time. One time, for some reason, it was taken by I didn't know what.

View 2 Replies View Related

Networking :: Netstat Displaying Wrong Process Name/id?

Feb 9, 2010

While running some live tests last week I saw an odd situation where netstat appeared to be displaying the wrong PID and process name for TCP connections. I'm trying to figure out if this is just a strange netstat bug or if it could indicate something odd is happening with our software.

We have a main program which establishes a number of connections, including connecting to a JMS server and listening/accepting a TCP connection. The main program also creates a child process which it uses to communicate with another server. On at least three occasions we saw a situation we saw netstat reporting all the expected TCP connections (correct ip/port for both source and destination), however the child process, instead of the main, was listed for the PID. The main process was still running but netstat no longer reported any TCP connections established by the main program. The main program continued to function correctly, the JMS communication continued to work and we believe the other TCP connection was functioning correctly despite the program supposedly not having any TCP connections.

I'm wondering if this could simply be a bug and/or obscure functionality of netstat that I don't understand which would cause netstat to report the child process as 'owning' the parents TCP connections. I don't know how this would happen or why the parent would continue functioning despite the problem otherwise.

View 1 Replies View Related

Networking :: Netstat Command - No Support For IP Masquerade

Nov 23, 2009

While issuing the command netstat -M it shows netstat: no support for `ip_masquerade' on this system. But this system is used as a gateway and iptable rules are set for ip forwarding. Also internet is getting another machine through this machine. What about the message?

View 3 Replies View Related

Networking :: Netstat Port State IDLE

Jun 8, 2011

with netstat i found a port with idle state, i google the meaning of IDLE:Idle, opened but not bound.What do you mean by bound?

View 2 Replies View Related

Networking :: OpenVPN Server And Netstat -tunp

Jan 8, 2010

When the centos is running a vpn server, there 's a client connecting. The connection can't be seen by netstat -tunp

View 4 Replies View Related

Networking :: Using Netstat Command - 54406 Established?

Dec 1, 2010

I just found something "strange" by using netstat
tcp 0 0 myhost.deprecated:53719 amaretti.chimfar.:54406 ESTABLISHED
How can I check what is the program that is responsible for this line?

View 2 Replies View Related

Networking :: Kernel - Forward Packets From Eth0 To Eth1 And Eth1-to Eth0 As Well As Get A Copy Of These Packets For Analysis

Sep 27, 2010

I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.

View 3 Replies View Related

Ubuntu Networking :: Port Open In Iptables But Nothing In Netstat?

May 16, 2011

I need the port 27015 to be open. I've opened it in iptables :


iptables -A INPUT -p tcp -i eth0 --dport 27015 -j

But when i try :


netstat -nan

The port 27015 do not appear as "LISTEN".

View 1 Replies View Related

Ubuntu Networking :: Netstat Shows Web Server Connecting To Itself?

Jul 14, 2011

I've been experiencing some home web-server slowdown issues lately, and I wanted to see if it's a problem with the server itself. I'm not sure if this might be the problem, but upon checking netstat -tn, I see over 15 instances of the following:


where is the server's local address, the local address port varies, and the foreign address is the server's web address. If anyone knows what might be causing this and/or how to fix i

View 1 Replies View Related

Networking :: (Netstat -pl) Foreign Host Can Connect From Any Port (IPP)

May 12, 2010

Netstat has always confused me. I ype netstat -pl and get this:

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:ipp *:* LISTEN 1476/cupsd
tcp 0 0 localhost:postgresql *:* LISTEN 13816/postgres
tcp 0 0 *:44223 *:* LISTEN 1288/sshd
tcp6 0 0 localhost:ipp [::]:* LISTEN 1476/cupsd
tcp6 0 0 localhost:postgresql [::]:* LISTEN 13816/postgres
tcp6 0 0 [::]:44223 [::]:* LISTEN 1288/sshd
udp 0 0 *:bootpc *:* 1267/dhclient

I assume that *:* means that any foreign host can connect from any port, but then what does [::]:* mean? and localhost:ipp... what port is ipp? Shouldn't ports be numeric?

View 1 Replies View Related

Networking :: Netstat Shows Multiple Identical Instances Of Connection

Jan 4, 2010

We are running a combination of Apache-2 with mod_jk connecting to tomcat workers running on separate hardware.Strange: "netstat -tn" on the Apache server outputs identical combinations of source address, source port, destination address and destination port.

Has anybody else experienced this phenomenon? (I googled and searched LQ but couldn't find anybody else reporting this)Is netstat broken, or is there another explanation?

View 5 Replies View Related

Ubuntu Networking :: Wireless Keeps Getting Dropped

Oct 1, 2010

My wireless connection keeps getting dropped very frequently. I am on a Dell XPS m1530 and I will just be on the interent and it just disconnects from wireless and I have to connect back. It is super annoying. I am on the latest version of ubuntu.

View 4 Replies View Related

Copyrights 2005-15, All rights reserved