Bug 48284

Summary: Port forwarding (+masq?) can freeze kernel
Product: [Retired] Red Hat Linux Reporter: stone
Component: kernelAssignee: David Miller <davem>
Status: CLOSED CURRENTRELEASE QA Contact: Brock Organ <borgan>
Severity: high Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-07-30 23:45:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description stone 2001-07-10 02:31:54 UTC 
Description of Problem:
Set up Masq + port forwarding in rc.local:
---snip---
echo "NAT..."
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

EXT=194.xxx.xxx.xxx
INT=192.168.201.103
DPORT=6346

iptables -A PREROUTING -t nat -p tcp -d $EXT --dport $DPORT -j DNAT --to $INT:$DPORT
iptables -A OUTPUT -t nat -p tcp -d $EXT --dport $DPORT -j DNAT --to $INT:$DPORT

echo 1 > /proc/sys/net/ipv4/ip_forward
---end---

use the port forwarding for a while, watch it work fine (LimeWire on a win2k box)
kernel will hang, no oops, nothing in logs, nothing on screen. no response to pings

How Reproducible:
when running gnutella on a box behind the machine, It stays up maybe 5-20minutes.
when not running gnutella (but lots of other network traffic) it stays up indefinitely

Steps to Reproduce:
1. 
2. 
3. 

Actual Results:


Expected Results:


Additional Information:
Standard RH7.1 installation, all updates installed. Kernel "2.4.3-12 #1 Fri Jun 8 15:05:56 EDT 2001 i686 unknown"	
iptables-1.2.1a-1
50 ip aliases were present on eth1 (200-250), the box forwarded to, was on the subnet with eth1:201 as gateway
Comment 1 stone 2001-07-24 02:25:15 UTC 
seems to be related to having 2 realtek network cards installed, switching to hp100 cards seems to have resolved problem.
The realteks also caused problems (same total hang as above) when routing between two alias interfaces (eth1:100 and eth1:200).
Comment 2 David Miller 2003-07-30 04:34:43 UTC 
Can you retry with current errata kernels? :-)
Comment 3 stone 2003-07-30 17:54:28 UTC 
sorry, I don't have that old box anymore...
but I'm doing similar stuff now on a newer kernel with no problems.