multipath kinda workiing, but tcpdump suggests otherwise

All of lore.kernel.org
 help / color / mirror / Atom feed

* multipath kinda workiing, but tcpdump suggests otherwise
@ 2008-09-30 10:34 Brent Clark
  0 siblings, 0 replies; only message in thread
From: Brent Clark @ 2008-09-30 10:34 UTC (permalink / raw)
  To: 'Mail List - Netfilter'

Hi

Im trying to get multipath routing, so that a connection to my openvpn 
(sits on router / fw). Can enter as well as leave the ISP that it came in.

Below is my workings as well as the relavent log.

        $IPT -t mangle -A PREROUTING -i eth2 -p udp -j MARK --set-mark 0x2
        $IPT -t mangle -A PREROUTING -i eth2 -p udp -j CONNMARK --save-mark
        $IPT -t mangle -A PREROUTING -s $LAPTOP -j LOG --log-prefix 
"[PRER_MANGLE]: "

Sep 30 12:08:56 cptgate kernel: [755598.816009] [PRER_MANGLE]: IN=eth2 
OUT= MAC=00:50:ba:be:21:30:00:1d:7e:aa:22:4a:08:00 SRC=41.4.71.213 
DST=192.168.10.101 LEN=42 TOS=0x00 PREC=0x00 TTL=120 ID=42547 PROTO=UDP 
SPT=1323 DPT=1194 LEN=22 MARK=0x2

        $IPT -t mangle -A INPUT -i eth2 -p udp -j MARK --set-mark 0x2
        $IPT -t mangle -A INPUT -i eth2 -p udp -j CONNMARK --save-mark
        $IPT -t mangle -A INPUT -s $LAPTOP -j LOG --log-prefix 
"[I_MANGLE]: "

Sep 30 12:08:57 gate kernel: [755599.774064] [I_MANGLE]: IN=eth2 OUT= 
MAC=00:50:ba:be:21:30:00:1d:7e:aa:22:4a:08:00 SRC=41.4.71.213 
DST=192.168.10.101 LEN=42 TOS=0x00 PREC=0x00 TTL=120 ID=42548 PROTO=UDP 
SPT=1323 DPT=1194 LEN=22 MARK=0x2

        $IPT -t mangle -A OUTPUT -p udp --sport 1194 -j MARK --set-mark 0x2
        $IPT -t mangle -A OUTPUT -p udp --sport 1194 -j CONNMARK --save-mark
        $IPT -t mangle -A OUTPUT -p udp -d $LAPTOP -j LOG --log-prefix 
"[O_MANGLE]: "
Sep 30 12:09:00 cptgate kernel: [755602.324518] [O_MANGLE]: IN= OUT=eth0 
SRC=196.36.10.114 DST=41.4.71.213 LEN=42 TOS=0x00 PREC=0x00 TTL=64 ID=0 
DF PROTO=UDP SPT=1194 DPT=1323 LEN=22 MARK=0x2

        $IPT -A POSTROUTING -t mangle -p udp -d $LAPTOP -j LOG 
--log-prefix "[POSTR_MANGLE]: "

Sep 30 12:09:00 cptgate kernel: [755602.324693] [POSTR_MANGLE]: IN= 
OUT=eth2 SRC=196.36.10.114 DST=41.4.71.213 LEN=42 TOS=0x00 PREC=0x00 
TTL=64 ID=0 DF PROTO=UDP SPT=1194 DPT=1323 LEN=22 MARK=0x2

        $IPT -t nat -A POSTROUTING -o eth0 -s $INTERNAL_MASK -j SNAT 
--to $SNAT1ADDRESS
        $IPT -t nat -A POSTROUTING -o eth2 -d $LAPTOP -j LOG 
--log-prefix "[PRE NAT]: "
        $IPT -t nat -A POSTROUTING -o eth2 -j SNAT --to $SNAT2ADDRESS
        $IPT -t nat -A POSTROUTING -p udp --sport 1194 -j LOG 
--log-prefix "[POST NAT]: "

Sep 30 12:23:58 cptgate kernel: [756500.448344] [PRE NAT]: IN= OUT=eth2 
SRC=196.36.10.114 DST=41.4.71.213 LEN=54 TOS=0x00 PREC=0x00 TTL=64 ID=0 
DF PROTO=UDP SPT=1194 DPT=1343 LEN=34 MARK=0x2

Heres the part I cant understand

with

root@cptgate:/root# tcpdump -i eth2 port 1194
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
12:30:17.090895 IP 41.4.71.213.1349 > 192.168.10.101.openvpn: UDP, length 14
12:30:19.556264 IP 41.4.71.213.1349 > 192.168.10.101.openvpn: UDP, length 14
12:30:20.752803 IP 41.4.71.213.1349 > 192.168.10.101.openvpn: UDP, length 14
12:30:23.093120 IP 41.4.71.213.1349 > 192.168.10.101.openvpn: UDP, length 14

Its just one way traffic

*BUT*

if i run

root@cptgate:/root# tcpdump -n -i eth2 | grep "41.4.71.213"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
12:31:59.194900 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14
12:31:59.522035 IP 41.4.71.213.1350 > 192.168.10.101.1194: UDP, length 14
12:32:01.741988 IP 41.4.71.213.1350 > 192.168.10.101.1194: UDP, length 14
12:32:01.743000 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14
12:32:04.058917 IP 41.4.71.213.1350 > 192.168.10.101.1194: UDP, length 14
12:32:04.059921 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14
12:32:06.146476 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14
12:32:06.525866 IP 41.4.71.213.1350 > 192.168.10.101.1194: UDP, length 14
12:32:08.614499 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14
12:32:09.016984 IP 41.4.71.213.1350 > 192.168.10.101.1194: UDP, length 14
12:32:10.062674 IP 192.168.10.101.1031 > 41.4.71.213.1350: UDP, length 14

Regards
Brent

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2008-09-30 10:34 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-09-30 10:34 multipath kinda workiing, but tcpdump suggests otherwise Brent Clark

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.