* port based routing - help with tcpdump
@ 2010-11-08 9:51 Ilo Lorusso
2010-11-08 10:14 ` Pascal Hambourg
0 siblings, 1 reply; 6+ messages in thread
From: Ilo Lorusso @ 2010-11-08 9:51 UTC (permalink / raw)
To: netfilter
Hi,
I implement port based routing using a howto I found from a website
(http://www.sparksupport.com/blog/tag/port-based-routing),
which I can see is working based on various tcpdumps from
various boxes. The problem is the port I route out to the alternate
interface does not connect even though I do see the traffic comeback
so I know the routing is working fine.
Below is a tcpdump when I try conenct to port 80 which I routed though
my alternated GW 10.0.2.1 and as you can see the traffic does come
back just does not connect? any Idea why..
@ilo-desktop ~]# telnet 74.125.79.104 80
Trying 74.125.79.104...
11:01:30.358990 IP 10.0.2.1.59816 > 74.125.79.104.http: Flags [S], seq
111773512 9, win 5840,
options [mss 1460,sackOK,TS val 991674177 ecr 0,nop,wscale 5], leng
th 0
11:01:30.625464 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342305044 ecr
991 674177,nop,wscale 6],
length 0
11:01:30.986013 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342305404 ecr
991 674177,nop,wscale 6],
length 0
11:01:31.586854 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342306005 ecr
991 674177,nop,wscale 6],
length 0
11:01:32.787899 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342307207 ecr
991 674177,nop,wscale 6],
length 0
11:01:33.358763 IP 10.0.2.1.59816 > 74.125.79.104.http: Flags [S], seq
111773512 9, win 5840,
options [mss 1460,sackOK,TS val 991677177 ecr 0,nop,wscale 5], leng
th 0
11:01:33.624065 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342308043 ecr
991 674177,nop,wscale 6],
length 0
11:01:35.191210 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342309609 ecr
991 674177,nop,wscale 6],
length 0
11:01:39.358765 IP 10.0.2.1.59816 > 74.125.79.104.http: Flags [S], seq
111773512 9, win 5840,
options [mss 1460,sackOK,TS val 991683177 ecr 0,nop,wscale 5], leng
th 0
11:01:39.625087 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342314043 ecr
991 674177,nop,wscale 6],
length 0
11:01:39.999634 IP 74.125.79.104.http > 10.0.2.1.59816: Flags [S.],
seq 14219171 55, ack
1117735130, win 5672, options [mss 1380,sackOK,TS val 1342314415 ecr
991 674177,nop,wscale 6],
length 0
11:02:05.826188 IP 10.0.2.1.59817 > 74.125.79.104.http: Flags [S], seq
168233514 2, win 5840,
options [mss 1460,sackOK,TS val 991709644 ecr 0,nop,wscale 5], leng
th 0
11:02:06.106506 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101745572 ecr
991 709644,nop,wscale 6],
length 0
11:02:06.497469 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101745980 ecr
991 709644,nop,wscale 6],
length 0
11:02:07.096684 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101746580 ecr
991 709644,nop,wscale 6],
length 0
11:02:08.296750 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101747780 ecr
991 709644,nop,wscale 6],
length 0
11:02:08.825773 IP 10.0.2.1.59817 > 74.125.79.104.http: Flags [S], seq
168233514 2, win 5840,
options [mss 1460,sackOK,TS val 991712644 ecr 0,nop,wscale 5], leng
th 0
11:02:09.088040 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101748572 ecr
991 709644,nop,wscale 6],
length 0
11:02:10.696694 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101750180 ecr
991 709644,nop,wscale 6],
length 0
11:02:14.825755 IP 10.0.2.1.59817 > 74.125.79.104.http: Flags [S], seq
168233514 2, win 5840,
options [mss 1460,sackOK,TS val 991718644 ecr 0,nop,wscale 5], leng
th 0
11:02:15.089043 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101754572 ecr
991 709644,nop,wscale 6],
length 0
11:02:15.498657 IP 74.125.79.104.http > 10.0.2.1.59817: Flags [S.],
seq 14990426 74, ack
1682335143, win 5672, options [mss 1380,sackOK,TS val 2101754980 ecr
991 709644,nop,wscale 6],
length 0
eth0 Link encap:Ethernet HWaddr 00:15:58:DB:64:0F
inet addr:172.69.128.97 Bcast:172.69.128.127 Mask:255.255.255.128
inet6 addr: fe80::215:58ff:fedb:640f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4547216 errors:0 dropped:0 overruns:0 frame:0
TX packets:4630235 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2953576440 (2.7 GiB) TX bytes:3492554030 (3.2 GiB)
Interrupt:17
neta Link encap:UNSPEC HWaddr
AC-45-80-62-00-00-71-72-00-00-00-00-00-00-00-00
inet addr:10.0.2.1 P-t-P:10.0.2.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1
RX packets:2975 errors:0 dropped:0 overruns:0 frame:0
TX packets:6405 errors:170 dropped:0 overruns:0 carrier:0
collisions:170 txqueuelen:0
RX bytes:141060 (137.7 KiB) TX bytes:384796 (375.7 KiB)
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: port based routing - help with tcpdump
2010-11-08 9:51 port based routing - help with tcpdump Ilo Lorusso
@ 2010-11-08 10:14 ` Pascal Hambourg
[not found] ` <AANLkTimeCfv9i13L9PFpOxTRbzG4c4Qpa7XO5quK2CEY@mail.gmail.com>
0 siblings, 1 reply; 6+ messages in thread
From: Pascal Hambourg @ 2010-11-08 10:14 UTC (permalink / raw)
To: Ilo Lorusso; +Cc: netfilter
Hello,
Ilo Lorusso a écrit :
>
> I implement port based routing using a howto I found from a website
> (http://www.sparksupport.com/blog/tag/port-based-routing),
> which I can see is working based on various tcpdumps from
> various boxes. The problem is the port I route out to the alternate
> interface does not connect even though I do see the traffic comeback
> so I know the routing is working fine.
Any filtering rules in INPUT which may drop the replies ?
Is rp_filter disabled the alternate interface ?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: port based routing - help with tcpdump
[not found] ` <AANLkTimeCfv9i13L9PFpOxTRbzG4c4Qpa7XO5quK2CEY@mail.gmail.com>
@ 2010-11-09 13:19 ` Ilo Lorusso
2010-11-09 16:05 ` Pascal Hambourg
0 siblings, 1 reply; 6+ messages in thread
From: Ilo Lorusso @ 2010-11-09 13:19 UTC (permalink / raw)
To: Pascal Hambourg, netfilter
Hi ,,
im having simalar problem , i set the below up for traffic that gets
forward though my linux box..
I can see the traffic returning though the alternate interface yet the
port does not connect..
I have turned of RP_filtering on all my interfaces and there is are no
conflicting Deny statements on my iptables .. is there anything else
that I would cause this?
On Mon, Nov 8, 2010 at 12:36 PM, Ilo Lorusso <sneak147@gmail.com> wrote:
> thanks it was the RP_filter on the alt interface..
>
> Awesome.
>
>
> On Mon, Nov 8, 2010 at 12:14 PM, Pascal Hambourg
> <pascal.mail@plouf.fr.eu.org> wrote:
>> Hello,
>>
>> Ilo Lorusso a écrit :
>>>
>>> I implement port based routing using a howto I found from a website
>>> (http://www.sparksupport.com/blog/tag/port-based-routing),
>>> which I can see is working based on various tcpdumps from
>>> various boxes. The problem is the port I route out to the alternate
>>> interface does not connect even though I do see the traffic comeback
>>> so I know the routing is working fine.
>>
>> Any filtering rules in INPUT which may drop the replies ?
>> Is rp_filter disabled the alternate interface ?
>>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: port based routing - help with tcpdump
2010-11-09 13:19 ` Ilo Lorusso
@ 2010-11-09 16:05 ` Pascal Hambourg
2010-11-09 16:34 ` Ilo Lorusso
0 siblings, 1 reply; 6+ messages in thread
From: Pascal Hambourg @ 2010-11-09 16:05 UTC (permalink / raw)
To: Ilo Lorusso; +Cc: netfilter
Ilo Lorusso a écrit :
>
> im having simalar problem , i set the below up for traffic that gets
> forward though my linux box..
> I can see the traffic returning though the alternate interface yet the
> port does not connect..
>
> I have turned of RP_filtering on all my interfaces and there is are no
> conflicting Deny statements on my iptables .. is there anything else
> that I would cause this?
With tcpdump, can you see the return traffic going out the LAN interface
? If no, can you "see" it in the FORWARD chain (insert a LOG rule at the
beginning of the chain) ?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: port based routing - help with tcpdump
2010-11-09 16:05 ` Pascal Hambourg
@ 2010-11-09 16:34 ` Ilo Lorusso
2010-11-09 19:43 ` Pascal Hambourg
0 siblings, 1 reply; 6+ messages in thread
From: Ilo Lorusso @ 2010-11-09 16:34 UTC (permalink / raw)
To: Pascal Hambourg, netfilter
Yes I can see the traffic coming back when I do a tcpdump...
you can see 172.69.128.107 access 74.125.79.104.http and then
74.125.79.104.http talks back to 172.69.128.107 ,
now this is encapsulated in a GRE tunnel as my alt interface is a GRE
tunnel but it works for the local box.. as per my previous post a
couple days ago...
below is the sample of the tcpdump,
18:26:21.722567 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
172.69.128.107.elatelink > 74.125.79.104.http: Flags [S], seq
224859509, win 65535, options [mss 1460,nop,nop,sackOK], length 0
18:26:21.982269 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.982316 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.983569 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.983597 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.984834 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.984858 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.986352 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.986374 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.988881 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.988904 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.990462 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.990485 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.991905 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.991929 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.994654 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.994688 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.996482 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.996507 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.997861 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.997885 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.999130 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:21.999153 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.000445 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.000467 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.001692 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.001714 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.002989 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.003012 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.004233 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.004255 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.005617 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.005640 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.006876 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.006921 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.008526 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.008557 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.011507 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.011532 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.013672 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.013695 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.014960 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.014986 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.016381 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.016404 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.017907 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.017934 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.019239 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.019263 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.021600 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.021625 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.022862 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.022911 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.024111 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.531715 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.531759 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.533097 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.533133 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.534376 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.534402 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.535716 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.535739 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.536991 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.537015 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.538242 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.538266 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
18:26:22.539501 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
length 0
On Tue, Nov 9, 2010 at 6:05 PM, Pascal Hambourg
<pascal.mail@plouf.fr.eu.org> wrote:
> Ilo Lorusso a écrit :
>>
>> im having simalar problem , i set the below up for traffic that gets
>> forward though my linux box..
>> I can see the traffic returning though the alternate interface yet the
>> port does not connect..
>>
>> I have turned of RP_filtering on all my interfaces and there is are no
>> conflicting Deny statements on my iptables .. is there anything else
>> that I would cause this?
>
> With tcpdump, can you see the return traffic going out the LAN interface
> ? If no, can you "see" it in the FORWARD chain (insert a LOG rule at the
> beginning of the chain) ?
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: port based routing - help with tcpdump
2010-11-09 16:34 ` Ilo Lorusso
@ 2010-11-09 19:43 ` Pascal Hambourg
0 siblings, 0 replies; 6+ messages in thread
From: Pascal Hambourg @ 2010-11-09 19:43 UTC (permalink / raw)
To: Ilo Lorusso; +Cc: netfilter
Ilo Lorusso a écrit :
> Yes I can see the traffic coming back when I do a tcpdump...
>
> you can see 172.69.128.107 access 74.125.79.104.http and then
> 74.125.79.104.http talks back to 172.69.128.107 ,
> now this is encapsulated in a GRE tunnel as my alt interface is a GRE
> tunnel but it works for the local box.. as per my previous post a
> couple days ago...
>
> below is the sample of the tcpdump,
>
> 18:26:21.722567 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
> 172.69.128.107.elatelink > 74.125.79.104.http: Flags [S], seq
> 224859509, win 65535, options [mss 1460,nop,nop,sackOK], length 0
> 18:26:21.982269 IP 57.24.98.42 > 172.69.128.98: GREv0, length 52: IP
> 74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
> 192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
> length 0
> 18:26:21.982316 IP 172.69.128.98 > 57.24.98.42: GREv0, length 52: IP
> 74.125.79.104.http > 172.69.128.107.elatelink: Flags [S.], seq
> 192453115, ack 224859510, win 5720, options [mss 1380,nop,nop,sackOK],
> length 0
This is the same SYN/ACK segment that was just received, encapsulated
and sent again and received again and sent again...
Looks like you have a loop. Check your routing rules.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2010-11-09 19:43 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-11-08 9:51 port based routing - help with tcpdump Ilo Lorusso
2010-11-08 10:14 ` Pascal Hambourg
[not found] ` <AANLkTimeCfv9i13L9PFpOxTRbzG4c4Qpa7XO5quK2CEY@mail.gmail.com>
2010-11-09 13:19 ` Ilo Lorusso
2010-11-09 16:05 ` Pascal Hambourg
2010-11-09 16:34 ` Ilo Lorusso
2010-11-09 19:43 ` Pascal Hambourg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).