Networking :: DNS Raw Packet Structure?

May 19, 2010

My question is about the raw MX reply package structure. I've read the RFC and all relevant pages I could find, but I couldn't figure this one out. Say we do a MX query.

The first answer (just the rdata part) will be: But in the raw package, instead of the .com, you have c0 13. Then for the second answer,, the raw package has, instead of, just c0 3a. So is the part after c0 a pointer towards another part of the message? Or what does it stand for exactly? I am puzzled by it, and don't know exactly where to ask... some of the networking people here might have a good idea.

View 3 Replies


Ubuntu Networking :: Send The Keys Or Value As The Packet Data (content Of The Packet) In Ns-2 (for Wireless Environment)

Jul 12, 2010

I am the new user to ns-2. I would like to know is it possible to send the keys or some value as the packet data (content of the packet) in ns-2 (for wireless environment).

View 1 Replies View Related

CentOS 5 Server :: Authenticate/Decrypt Packet Error: Packet HMAC Authentication Failed

Sep 17, 2009

I got a problem with my CentOS server. Somebody told me OpenVPN Requires different changes inside my firewall settings. That could be the problem why openvpn wont load..I receive this error on my CentOS panel when im trying to connect into the centos openvpn (with my winxp pc):

Thu Sep 17 20:31:36 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622
Thu Sep 17 20:31:38 2009 Authenticate/Decrypt packet error: packet HMAC authentication failed
Thu Sep 17 20:31:38 2009 TLS Error: incoming packet authentication failed from 84.xx.62.122:2622


View 5 Replies View Related

Ubuntu Networking :: 9.10 Updates Yesterday/Today Cause Packet Loss On Networking

Apr 9, 2010

I have 3 Dell Precision M4400 machines. After getting updates yesterday or today, I get random network dropouts like crazy, on wired or wireless. On one machine I was able to turn off ipv6 in grub and reboot, and it works now. However on the other 2 machines, still have the same problems. All 3 are running 9.10 64 bit. Is there a way I can back out the updates so the network works again? Anyone else see this behavior after updates today?

View 2 Replies View Related

Networking :: Packet Spy On A Hub

Jan 25, 2011

I am in a hub(with switches and rooters) and i want to spy what packets everyone receives! if can i do this and if i can which tools i can use?

View 6 Replies View Related

Networking :: DNAT On First SYN ACK Packet

Aug 19, 2010

I am trying to simply address translate TCP packets from one destination IP to another destination IP (DNAT?) without getting the initial SYN packet. Is this possible? I do not think it is with DNAT since the conntrack needs SYN first.

I have given the command:

The problem is that the first packet that matches this rule will be the SYN-ACK and I suspect it is simply DROPPED.

I am sparing you the gory details of why I would do such a silly thing, but simply put; I need to intercept client-to-server packets through a tunnel, but allow server-to-client packets to follow through the regular network.

I have been working on this for many days w/o success and my learning curve is still steep. I can provide more details as needed.

View 2 Replies View Related

Networking :: Packet DETECTED From 1s And 0s?

Jan 11, 2011

From all the stuff that can enter an interface, how does it know when an IP packet has been *formed*? What if it's just random garbage entering there for whatever reason? Also, can Linux do other protocols besides TCP/IP? This would be the problem, as I said above.

View 2 Replies View Related

Networking :: Udp Packet Conflict ?

Jul 28, 2011

In application udp port listening with 3330 i am sending udp request from port to that is same port in the same machine....application works fine udp sending and receiving also fine.....for clarification there any conflicts in the communication ?

View 2 Replies View Related

Networking :: Odd PPPoE Packet Redirection Networking?

Feb 7, 2010

I have a machine with two network cards running linux mint 8 XFCE (which is compatable with Ubuntu Intrepid Ibex). eth0 gos out onto the network propper, has a static IP address of and serves DHCP requests for the 10.10.10.x subnet.

eth1 is pluged into a PPPoE concentrator, and has a static address of (I would have left it alone but pppoeconf wouldn't work unless it had an address).

ppp0 is the piont to piont over ethernet conection that is corectly created when I run pon. I have both guard dog and guide dog installed but they are both disabled.

Now, the weird part: I can ping the IP number of the machine at the other end of the pppoe conection (when it changes I can still ping the new number), the local IPs (10.10.10.x), but *nothing* else not even the DNS servers passed to the machine during ppp conection which are in the same sub net as the machine I can ping.

When I try to ping or trace the route I get an error message like: reply from desination unreachable There is nothing wrong with the network at the other end, as I can make an Identical PPPoE connection from other machines on the network if the the concentrator is pluged into the hub (a rather unsafe place for it to be) and it all just falls into place.

What seems to be happening is that the machine is treating eth0 rather than ppp0 as the internet gateway, and passing the packets round in circles.

View 12 Replies View Related

Fedora Networking :: Receving UDP Packet In 12 ?

Feb 27, 2010

I wrote a program for transmitting an UDP Packet. It is properly received in Fedora core 2 machine while its not received properly in Fedora 12. I tried using Wireshack packet capture software which shows the protocol as DIS. Is there any service or setting i need to do for identifying the packet as UDP.

View 2 Replies View Related

Networking :: Identify The Icmp Packet?

Dec 1, 2010

how to identify the icmp packets & marking. this below icmp packets marking is not working.

iptables -t mangle -A PREROUTING -p icmp -j MARK --set-mark 0x5
iptables -t mangle -A PREROUTING -p icmp -j RETURN

with the help of port no or any other how can i identify the icmp packet ?... This below two is working fine

iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 0x2
iptables -t mangle -A PREROUTING -p tcp -j RETURN

iptables -t mangle -A PREROUTING -p udp -j MARK --set-mark 0x3
iptables -t mangle -A PREROUTING -p udp -j RETURN

View 1 Replies View Related

Networking :: Data Packet Transmission In A LAN?

Jun 24, 2011

I need to know how a data packet is transmitted from the sender to the receiver passing through the five Internet layers. Specially what device (hardware) the data packets have to pass through at each layer before reaching the destination in a LAN.

View 2 Replies View Related

Networking :: How To Send Udp Packet To The DNS Using Netcat

Jun 16, 2010

How can i send udp packet to the DNS using netcat in opensuse.

View 7 Replies View Related

Networking :: Monitoring TCP Packet Loss In NS2 ?

Jun 23, 2010

I am simulating a TCP/FTP to TCP/FTP network and trying to monitor the packet loss.

I am able to monitor and graph data regarding the TCPSinks' bytes received, but I can't monitor packet loss.

Why is it that the TCPSink Agent has a variable for bytes (bytes_) but not one for monitoring packet loss?

Do I have to monitor the packet loss from the queue? If so, how do I write code for this?

Below is part of the code for monitoring bytes received from sinks if anyone was interested.

View 4 Replies View Related

Networking :: Packet Forwarding Using IPtables?

May 4, 2011

I have 2 Ubuntu boxes sitting in the same subnet; server 1 [] and server 2 [] What I am trying to achieve here is the following: server 1 act as a gateway or proxy to server 2, meaning that server 1 is exposed to the Internet and all traffic to server 2 should go though it (i hope!).

server 2 act as application server and I don't want a direct access to it from the internet. I want all the inbound traffic comes through server 1. for testing purposes, i will limit the traffic to simple http or port 80

in server 1, i have done the following settings: iptables -t nat -A PREROUTING -p tcp -i eth0 -d --dport 80 -j DNAT --to iptables -A FORWARD -p tcp -i eth0 -d --dport 80 -j ACCEPT In server 1, I've edited the value of net.ipv4.ip_forward to equal 1 (uncomment that line in /etc/sysctl.conf) Currently, both server 1 and server 2 has its own apache2 servers with different index.html files. the problem is, when i browse to server 1, I am still seeing its index page rather than being forwarded to the index page of server 2. how can i achieve the traffic forwarding from server 1 to server 2 when my browser pointing to server 1?

View 3 Replies View Related

Networking :: Packet Redirecting To Another Interface Of The Box

Nov 19, 2010

I have to interfaces eth0( and wlan1( in my box. An application is listening (say, udp socket) at

Now if someone sends packet at, I want to forward them to

I have tried this - iptables -t nat -A PREROUTING -p udp --dport 5888 -d -j DNAT --to-destination

But Packets(with destination addr are not received by the application (But they are received by the box, I have checked using wireshark). I have also enabled ip_forwarding.

View 1 Replies View Related

Networking :: Transparent Packet Monitor On One Leg Of A Tap?

Jun 29, 2011

Internet ---> Tap A--> Traffic Monitor
B--> Firewall --> Internal Network

I was hoping to make a server with Windows and "Colasoft Capsa" to capture and record all traffic. Is there a way to make it unaddressable so that I don't have to worry about someone getting into it? Like, put it in promiscuous mode, read and capture all traffic, without having an IP address or something like that?

View 2 Replies View Related

Networking :: UDP Use Packet Sequence Number?

Jul 13, 2011

Does udp use Packet Sequence Number?

View 2 Replies View Related

Networking :: IP And MAC Andresses Of A Packet What Went From PC To The Bridge?

Oct 8, 2010

it's one of the first time I'm using linux! For a report I have to answer to the question (the title) but it's very strange! A packet has an ip address? or does it referer to the IP address of the destination? And in particular this is the output of tcpdump -en ip proto 1 (while I'm sending ping -sv remote_machine)which are:

What are IP and Mac andress of a packet that went from my machine to the bridge? and what are the IP and mac of a packet that went from the router to my partner's machine? And how could i find the average delay that a packet experience in the bridge?


View 1 Replies View Related

Ubuntu Networking :: Shrew VPN Packet Loss

May 29, 2010

I am just starting my adventure into Ubuntu. After installing and configuring Shrew Soft in Ubuntu 10.04 64Bit, I am having some serious packet loss issues. The LAN is wireless, however the only packet loss I experience is over the tunnels. I have tried different algorithms, and it seems as I fiddle with the MTU client side, it clears a bit, but the best I have managed is 23% loss average.

View 2 Replies View Related

Networking :: Userspace Ethernet Packet Queue

Feb 12, 2010

I am a windows programmer. There I wrote a firewall and VPN System. It was easy. Simply, I USED WINPKFilter by I need is to GET, Edit, and Send the raw Layer 2 packet before reaching to IP Stack.My friends were saying that linux is Ideal for Networking purposes. But for now I say that Linux is very bad in this field and I should say that windows is much better (I beg your pardon)After tens of hours for searching I got nothing good. The hook system of IPtables is not GOOD for me because it has not Ethernet header and also the packets are defragmented when I caught them.

I tried ebtables but it has no user space queue like IPTABLES. What I exactly need is to be able to reach to the chain of raw Ethernet packets and be able to modify them and resend or inject some ethernet packet packet. I Dont Want to go inside the KERNEL. (As windows I want a userspcae library). Dear linux expert I beg your help. Do not let me turn back to windows.

View 1 Replies View Related

Networking :: Arriving Packet (UDP) Never Reaches Process?

Apr 14, 2010

I don't know if this is related to a problem I have run into and posted elsewhere regarding 2 (or more) ethernet ports. But I encountered this while trying to solve the other problem (which I thought was Linux not setting correct routes for 2 interfaces). As suggested by someone when trying to solve the other problem, I switched to using the same IP address (it's a secondary address) on BOTH interfaces. So thus I have configured on both eth0:1 and eth1:1. I am running the NSD program (an authoritative-only name server) listening on port 53 of Some computers are getting the MAC address of eth0 for their ARP requests. Others are getting the MAC address of eth1 for their ARP requests. So this is determining which ethernet port their DNS queries will arrive on.

Those that send their DNS queries to the eth0 MAC address work fine. The NSD process gets the requests and answers them. The answers get back to where the query was sent from. HOWEVER ... those that send their DNS queries to the eth1 MAC address do not work. Using tcpdump, I see that the queries actually do arrive on the server. Using strace, I see that the NSD process never gets them. There are no iptables in effect.

Any idea why the kernel is deciding to not deliver the DNS query UDP datagram to the NSD process? It sure seems that the kernel just doesn't handle more than 1 ethernet interface (at least in the same subnet) correctly. IMHO, when an ARP request is received on 2 or more different interfaces, it should at least answer on both, each answer with the respective MAC address of that interface. It cannot know, and should not assume, any specific physical topology of the network beyond those interfaces.

View 1 Replies View Related

Networking :: Packet Capturing On Remote Machine

May 19, 2010

How can I configure, the packet capturing mechanism to allow non - privileged users to use it...

View 2 Replies View Related

Networking :: Packet Loss On 2nd Network Card

Jan 23, 2010

I try to setup a locale network between 10 (Web) Servers (openSuse 11.2), each Server is connected to the internet (eth0) which works fine on all servers.

A 2nd NIC eth1 (1GBit rtl-8169) on each Server is connect to a Switch and should function as a LAN. I installed/configured the 2nd NIC with yast, and than added a route for the local network ( to use eth1. So far every thing works (ssh for example), but I have a packet loss of 10%-60% (ping) on the local network, and I cant find the reason for the packet loss. I already installed a Debian Lenny on 2 Servers (just to test) but I have the same problem on Debian.

No firewall or any other application is in the way. With tcpdump I could figure out that the packages are send but never show up on the destination server.

I put some more information about how I configured the LAN below. I have not done this my first time and from my experience if something is wrong with the network configuration (wrong routing, firewall in the way, etc.) this usually leads to a packet loss of 100% or the destination is simply not reachable.

The 2nd NIC is installed with either yast on suse , or by editing /etc/network/interfaces on debian. The Kernel module rtl8169 is loaded.

They are configured with the following values:

Route is added by:

Output example. of ifconfig :

Output of route (same on all servers):

Output of ping:

View 14 Replies View Related

Networking :: Packet Payload From Pcap Files

Aug 25, 2010

As part of a research experiment, we need to use a web proxy and direct certain users from their computers through that web-proxy. Given that we do not have access to DHCP logs (this is on a college campus), we have asked each user to go through the proxy using a different port number so we can differentiate between them. Now as a result of doing this, the entire TCP packet is encapsulated as payload data within the captured packet (using tshark to capture the packets). Now I need to be able to parse the payload for statistics including the URL. I am not sure how best to proceed. I cannot find a utility that will just output the payload and then I can probably parse the output.

View 1 Replies View Related

Fedora Networking :: UDP Short Packet - 5 Messages Suppressed

Mar 24, 2011

I have written the Client-Server program to test my ethernet by using UDP protocol.
Server IP :
Client IP :
While Running the program I am getting some printk messages on Server machine.

What is the meaning of following statement that I am getting from debug statements
( /var/log/messages )
UDP: short packet: From 418/416 to
printk: 5 messages suppressed.
UDP: short packet: From 556/553 to
printk: 4 messages suppressed.

Only printk messages are printing in my Server console ( IP : ).
printk: 5 messages suppressed.
printk: 5 messages suppressed.
printk: 4 messages suppressed.
printk: 2 messages suppressed.
printk: 4 messages suppressed.

View 2 Replies View Related

Ubuntu Networking :: Forward A Copy Of Each Packet Transferred?

Feb 23, 2010

I manage a small home network of 5-6 PCs and other devices. One of the PCs is used as a multipurpose server, as well as the gateway to outside.

Sometimes, I need to know what traffic goes in/out of my network (for troubleshooting, etc).

Is there a quick and dirty way to forward a copy of all the packets on the external interface to my own ip when I want to?

View 2 Replies View Related

Ubuntu Networking :: Avahi Causing The Packet Loss?

May 5, 2010

I got a new X201 which is running Ubuntu 10.04. While at home, everything is fine, at work, I encounter some issues with wireless. the signal cuts in and out repeatedly.Here's the output of ping. I set it to ping a server every 90 seconds, 10 times. So this is a snapshot of 15 minutes of network activity...


PING (REDACTED) bytes of data.
64 bytes from (REDACTED): icmp_seq=1 ttl=252 time=1.50 ms
64 bytes from (REDACTED): icmp_seq=2 ttl=252 time=2.13 ms
64 bytes from (REDACTED): icmp_seq=3 ttl=252 time=1.38 ms


Also I tried this (from a 2 year old thread which was most relevant solution I could find):


Changing AVAHI_DAEMON_DETECT_LOCAL=1 to AVAHI_DAEMON_DETECT_LOCAL=0 in /etc/default/avahi-daemon has got rid of the irritating pop-up. Basically, every 5 minutes or so, for a solid 60 seconds or so I get no signal. I've tried updating the kernel, and doing apt-get remove avant-daemon, but still have problems.

View 1 Replies View Related

Ubuntu Networking :: Any Software For Wireless Packet Capture?

May 29, 2010

Does ubuntu have anything similar to window's program Cain & Abel for wireless packet capture?

View 1 Replies View Related

Ubuntu Networking :: How To Enable Packet Injection In Broadcom

Mar 18, 2011

enable packet injection on ubuntu. My card was perfectly running fine(though monitor mode and packet injection not working).I had got bcm-sta wireless drivers installed.

When i run lspci --nn command, i found out my driver to be as below::

Network controller [0280]: Broadcom Corporation Device [14e4:4727] (rev 01)
when i run " airmon-ng "
it displays


I need to get packet injection working desperately. Also , do i need to patch my drivers or something like that?

View 2 Replies View Related

Copyrights 2005-15, All rights reserved