问题
I see UDP packets arriving on my Linux box (via tcpdump) with destination port set to 25555. However:
nc -l -u 25555
shows no traffic.
I've already checked:
- iptables is off
- destination MAC address matches the incoming interface
- destination IP address matches the incoming interface
- IP checksum is OK
- UDP checksum is OK
Also, all the packets are being dropped, thus it's not a problem with overlowing rx buffers.
Any ideas what else may cause the pakcets to be dropped?
回答1:
You have another process on your machine which is reading the datagrams arriving on port 25555. We can see it from your /proc/net/udp
:
sl local_address rem_address st tx_queue rx_queue tr rexmits tm->when uid timeout inode ref pointer drops
104: 00000000:63D3 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 1779298 2 fff810266fe0c 0
So the process which is "stealing" the datagrams you want is owned by root (uid=0). And the inode of the socket is 1779298, which you can search for under /proc/PID/fd
for the PIDs owned by root. Once you figure out what process is listening there, you'll need to decide whether to terminate it so nc
can listen instead.
Unicast UDP datagrams will only end up going to a single process on a Linux system, even if there are multiple processes trying to read from that same address.
回答2:
In the end it turned out that the packets were dropped by RPF filtering. See net.ipv4.all.rp_filter setting in Linux.
来源:https://stackoverflow.com/questions/22610003/what-are-the-reasons-for-udp-packets-to-be-dropped-by-the-network-stack