[tclug-list] Debian sarge kernel/networking issue

Thu Jun 30 21:47:22 CDT 2005

I have several systems that I recently upgraded from Debian woody to
sarge.  On systems where I've upgraded the kernel, I have a strange
networking issue.  I do secondary MX for a friend (we'll call his host
friendmail) and after the OS upgrades on my end, I started spooling
mail for him.  I contacted him thinking his mail server was down but
it turned out that from my Debian mail server, I couldn't telnet to
friendmail:25.  I could not telnet to any other open ports on his IP,
80, 22, etc.  I was able to telnet to other random hosts on various
ports just fine.

My first thought was this was a firewall issue but even removing all
firewalls on my end I still couldn't telnet to friendmail:25,22,80
etc.  We both tested from other external systems and were able to
connect to friendmail:25 and got the mailserver banner.  What's
strange is that my Debian mailserver could telnet to other hosts on
various ports (22,25,80, etc) and it worked just fine.

I have one Debian sarge box still runs the woody default 2.4.18-bf2.4
kernel.  That box could telnet to friendmail:25.  This led me to think
it was a kernel issue.  Sure enough, I booted my mailserver back to
the woody 2.4.18-bf2.4 kernel and I could telnet to friendmail:25.  So
it would seem any custom kernel I build on a sarge box has this broken
telnet to friendmail's IP, yet works to other random hosts.  I can
only assume that other telnet to other host/ports might also be broken
but I won't know it.

I've experimented with manually building kernels using sources from
ftp.kernel.org (2.4.18 through 2.4.31), as well as Debian
kernel-source pkgs (kernel-source-2.4.18 and kernel-source-2.4.27). 
It seems any custom kernel I build on a sarge box has this issue where
it just hangs when I telnet to friendmail:25,22, 80 etc... and
eventually it times out.  It never connects.  These custom kernels are
able to telnet to other hosts/ports just fine.

I installed the Debian binary kernel-image-2.4.27-2-686 on a sarge box
and that kernel can telnet to friendmail:25,22,80,etc in addition to
other random host/ports on the internet.

I've been over the kernel .config files but can't find anything that
would break telnet to one particular IP yet allow it to others.  I'm
compiling a Debian kernel using the kernel-source-2.4.27 pkg and an
unmodified .config file from the kernel-image-2.4.27-2-686 pkg (the
one that can telnet to friendmail:25) to see what it's results are.

My friend is on a dynamic IP on a cable modem if that matters.

Does anyone have any ideas?

Scot