[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UDP Network Trouble

To: metal@ztivax.siemens.com (Oliver Gajek)
Subject: UDP Network Trouble
From: barmar@Think.COM (Barry Margolin)
Date: Tue, 29 Jan 1991 12:20:00 -0500
Cc: slug@ai.sri.com
In-reply-to: <9101290907.AA04923@ztivax.uucp>

    Date: Tue, 29 Jan 91 10:07:49 +0100
    From: metal@ztivax.siemens.com (Oliver Gajek)

    Every now and then (and more and more often) my XL400 (TCP/IP, no NFS)
    goes away with network traffic for 4-5 seconds.  The network meters
    indicate an unusually high rate of UDP packets.  How do I find the
    culprit?  I assume it's some Unix box with NFS?

The best way is to use a network monitor, such as Spider Systems's
SpiderMonitor or Network General's Sniffer.  If you have Sun
workstations on the network you can use the "etherfind" command to
capture and display packets (there's also a more sophisticated, and
slightly portable, program called "tcpdump" that is available via
anonymous FTP).

If you want to do it all on the Lispm, and you have source, you can
patch some of the low-level functions in the TCP/IP software to provide
more information about packets that are being discarded.  For instance,
you can patch (FLAVOR:METHOD :RECEIVE-IP-PACKET TCP::UDP-PROTOCOL) to
record the broadcasts that it is throwing away, with something like

	(pushnew (list (send network :unparse-address source) destination-port)
		 *bad-broadcasts* :test #'equal)

Here are some of the common UDP broadcasts that some Unix machines send
out: RWHO (a list of logged in users), YPBIND (looking for a new Yellow
Pages server), RIP (routing table updates), TIMED or NTP (clock
synchronization).  However, none of these should come at such a rate
that they would swamp an XL400 (or even a 36xx).  If they are, there may
be a configuration problem in your network that is causing a broadcast
storm.  For instance, there may be a router that is echoing broadcasts
back onto the network from which they came; I've seen this happen,
causing the packet to reverberate on the network until its time-to-live
drops to 0.  Another common cause of broadcast storms is machines with
an incorrect notion of the broadcast address (the original BSD
networking implementation used a host portion of all 0's rather than all
1's, and this has been inherited by many derivatives, and SunOS still
seems to default to the wrong address).

                                                barmar

References:
- UDP Network Trouble
  - From: metal@ztivax.siemens.com (Oliver Gajek)

Prev by Date: Print spooler problems [was: UDP Network Trouble]
Next by Date: Statice internals question answered
Previous by thread: Print spooler problems [was: UDP Network Trouble]
Next by thread: Re: udp network trouble
Index(es):
- Date
- Thread