My desktop box acts as Wi-Fi router:
- xl2tpd to connect to internet,
- hostapd, dhcpd, itpables postrouting masquerade to share.
And this config works fine.
But i tried to zypper refresh from my laptop one day - and found that its not possible(zypper waits for answer for a long time then timeout occurs), while from box its works.
A this point i found
laptop:~ # curl -v download.opensuse.org/repositories/* Adding handle: conn: 0xeb5200
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0xeb5200) send_pipe: 1, recv_pipe: 0
* About to connect() to download.opensuse.org port 80 (#0)
* Trying 195.135.221.134...
* Connected to download.opensuse.org (195.135.221.134) port 80 (#0)
> GET /repositories/ HTTP/1.1
> User-Agent: curl/7.32.0
> Host: download.opensuse.org
> Accept: */*
>
^C
box:~ # curl -v download.opensuse.org/repositories/
* Adding handle: conn: 0x1584170
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1584170) send_pipe: 1, recv_pipe: 0
* About to connect() to download.opensuse.org port 80 (#0)
* Trying 195.135.221.134...
* Connected to download.opensuse.org (195.135.221.134) port 80 (#0)
> GET /repositories/ HTTP/1.1
> User-Agent: curl/7.32.0
> Host: download.opensuse.org
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Fri, 23 May 2014 04:55:57 GMT
* Server Apache/2.2.12 (Linux/SUSE) is not blacklisted
< Server: Apache/2.2.12 (Linux/SUSE)
< X-Prefix: 94.230.224.0/20
< X-AS: 29385
< Transfer-Encoding: chunked
< Content-Type: text/html;charset=ISO-8859-1
<
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Index of /repositories</title>
<link rel="stylesheet" href="http://st
...
<img src="/icons/folder.png" alt="[DIR]" /> <a href="./zypp:/">zypp:/</a> 19-Feb-2014 22:26 -
<hr /></pre>
<address>Apache/2.2.12 (Linux/SUSE) Server at download.opensuse.org Port 80</address>
<br/><address><a href="http://mirrorbrain.org/">MirrorBrain</a> powered by <a href="http://httpd.apache.org/">Apache</a></address>
</body></html>
* Connection #0 to host download.opensuse.org left intact
OK at this point i thought that its may be firewall and it was disables on both - unfortunately with same result.
After this i’ve captured tcpdump from both(wlp2s0 on laptop, ppp0 on box) and found that first packets of response is missing from both dumps only when Wi-Fi clients(android phones also, not only laptop) tries to get anything from download.opensuse.org while from box its works just fine.
Someone please help me to find and fix this.
PS
download.opensuse.org is the only host i found with this behavior. I think that more hosts can be affected, but i didnt found any.