Problems when outgoing source port is altered by router
yeahh at gmx.ch
yeahh at gmx.ch
Mon Sep 22 18:34:43 CEST 2003
hi folks
well, tinc is a really nice tool and we implemented it on 3 linux servers
and 2 mobile clients (XP notebooks) so far.
one of the 3 tinc servers is making troubles, when a connection is initiated
from
this server over a zyxel 642 adsl router out to the other 2 servers in the
internet. the logfiles of the other 2 servers shows:
> tinc[1398]: Received UDP packet from unknown source [ip-addr] port
[random port number, but not 655]
when we monitor the udp ports of the connections that work, all servers
always use source
and destination port 655, but this particular server behind the zyxel router
sends
out from port 655 and the zyxel thingy changes the source port to some
random
port e.g. 513. thus the other tinc servers cant recognize the incoming
request properly
because the source port is not 655 as expected. thats pretty annoying.
if one of the two other servers is initiating the connection, then the
source and destination port is as expected 655 and the connection to this server
behind the zyxel is working smoothly. (port forwarding 655)
the same problem appears using the two XP notebooks. the connection to all 3
tinc servers
usually works fine using a direct internet connection or behind most
routers, but if
you sit with your notebook behind a router that changes the outgoing port of
your requests, the udp connection to the tinc
server will fail, again with the message "..unknown source.." in the target
server log.
changing to indirectdata / tcponly is not an option for us, because voice
over ip traffic
without udp is a nightmare :(
any thoughts?
thanks! ;) flx
--
+++ GMX - die erste Adresse für Mail, Message, More! +++
Getestet von Stiftung Warentest: GMX FreeMail (GUT), GMX ProMail (GUT)
(Heft 9/03 - 23 e-mail-Tarife: 6 gut, 12 befriedigend, 5 ausreichend)
Jetzt selbst kostenlos testen: http://www.gmx.net
Tinc: Discussion list about the tinc VPN daemon
Archive: http://mail.nl.linux.org/lists/
Tinc site: http://tinc.nl.linux.org/
More information about the Tinc
mailing list