Are you up for a challenge?
I have been going crazy for the past two weeks, so I am turning to you for support... Normally I just search the net until I find a solution, however this time i have been unsuccessful after many hours of searching
It all started three weeks ago when I decided to reinstall my server and switch from Debian to Gentoo. After some bumps and glitches I managed to get it back up and running.
I did some testing at my home, which all seemed fine and brought it to some friends. (The server is located there because they don't use a lot of bandwidth and don't mind having the server there.)
The main packets I have currently installed and running are Apache and Teamspeak.
My problem is now that when I connect to the server using apache or SSH, it all works fine, however when I use Teamspeak the first time it usually works, but when I disconnect and then reconnect I get a timeout.
Then I have to wait some time (sometimes 10 minutes, sometimes 2 days) and I can connect once again.
Now comes the weird part: two of my friends can connect no problem, however a third friend has the same problem as me!
I tried a lot of things, but the only thing working form me is to set my home router to "Full featured NAT" specifying that my workstation should receive all incoming connections. (and effectively preventing all other machines from accessing the Internet)
This would point me to the conclusion that something is wrong with my NAT or router settings, a theory which is also supported by sniffing packets. Basically what I saw was that, when things go wrong:
- The workstation sends a login packet to the server (from port x1 to port y1) with y1 being the normal Teamspeak server port
- The router translates this packet to an outside port (say x2) and sends it through to the server (from x2 to y1)
- The server returns a response that the login is correct (from y1 to x2)
- The router receives the packet and sends it through to the workstation (from y1 to x2)
The packet goes through the router without changing destination port: the router doesn't perform the NAT translation on the return packet.
Of course my workstation does not see that this is a response to the earlier send packet and it is dropped.
The thing is that I can't find anything wrong with the router, this combined with the fact that nothing changed there since my working Debian setup an the fact that after the reinstall my friend started having problems leads me only the option that something on the server-side must have changed....
This is the setup I am talking about:
- PIII 800 with 384 MB of SD RAM etc...
- Gentoo 2.6.28-r9 hardened kernel
- Teamspeak2 2.0.24.01-r1 server (from portage)
- Apache and Teamspeak are each installed in their own jailroot
- Grsecurity is used for hardening
- My workstation in Vista x64 with a Teamspeak2 2.0.33.7 client installed
- My (home) router is a ZyXEL P-2602R-D1A
- On neither machines are firewalls installed/enabled at the moment. (I know... I plan to install iptables as soon as I have this problem fixed)
