tinc-pre* between gentoo and raspbian
Mathias
mathiaswe at gmx.de
Fri Dec 6 13:15:57 CET 2019
Dear all,
I have a bit of a complicated tinc setup yielding weird results that I
cannot explain. I would be glad if maybe someone here could help me out.
I have 3 machines (with IP addresses in my tinc network)
machine A (10.0.0.2) runs gentoo, tinc-1.1_pre17, behind router Y
machine B (10.0.0.3) runs gentoo, tinc-1.1pre15, behind router X
machine C (10.0.0.1) runs raspbian, tinc-1.1pre15, behind router X
router X is set to forward 655 to (C) and 24000 to (B)
Now, my problem is that, from (A) I cannot use any services of (C).
Here's what I can and cannot do:
1) from machine (A), I can ping both (B) and (C)
2) nmap from (A) to (C) shows all open ports correctly
3) nc from (A) cannot establish a connection to any port of (C)
4) nc from (A) can access all services of (B) correctly
5) nc from (B) can access all services of (C) correctly
connections are (tinc -n <netname> dump connections)
(A): (C) at <IP of X> port 655 options 700000c socket 14 status 100
(B): (C) at <IP of X> port 655 options 700000c socket 13 status 100
(C): (B) at <IP of X> port 34998 options 700000c socket 12 status 100
(A) at <IP of Y> port 32820 options 700000c socket 9 status 100
tshark capture on (A) of "curl 10.0.0.1" from (A)
> 1 0.000000000 10.0.0.2 → 10.0.0.1 TCP 60 46736 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=3299780639 TSecr=0 WS=128
> 2 0.039290163 10.0.0.1 → 10.0.0.2 TCP 60 80 → 46736 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1385 SACK_PERM=1 TSval=3219761779 TSecr=3299780639 WS=64
> 3 0.039333808 10.0.0.2 → 10.0.0.1 TCP 52 46736 → 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=3299780678 TSecr=3219761779
> 4 0.039510768 10.0.0.2 → 10.0.0.1 HTTP 124 GET / HTTP/1.1
> 5 0.072584019 10.0.0.1 → 10.0.0.2 TCP 52 80 → 46736 [ACK] Seq=1 Ack=73 Win=28992 Len=0 TSval=3219761814 TSecr=3299780679
> 6 5.089388544 10.0.0.1 → 10.0.0.2 TCP 52 [TCP Previous segment not captured] 80 → 46736 [FIN, ACK] Seq=522 Ack=73 Win=28992 Len=0 TSval=3219766827 TSecr=3299780679
> 7 5.089412034 10.0.0.2 → 10.0.0.1 TCP 64 [TCP Dup ACK 3#1] 46736 → 80 [ACK] Seq=73 Ack=1 Win=64256 Len=0 TSval=3299785728 TSecr=3219761814 SLE=522 SRE=523
tshark capture on (C) of the same "curl 10.0.0.1"
> 1 0.000000000 10.0.0.2 → 10.0.0.1 TCP 60 46736 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1385 SACK_PERM=1 TSval=3299780639 TSecr=0 WS=128
> 2 0.000236995 10.0.0.1 → 10.0.0.2 TCP 60 80 → 46736 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=3219761779 TSecr=3299780639 WS=64
> 3 0.034262240 10.0.0.2 → 10.0.0.1 TCP 52 46736 → 80 [ACK] Seq=1 Ack=1 Win=64256 Len=0 TSval=3299780678 TSecr=3219761779
> 4 0.034526234 10.0.0.2 → 10.0.0.1 HTTP 124 GET / HTTP/1.1
> 5 0.034783228 10.0.0.1 → 10.0.0.2 TCP 52 80 → 46736 [ACK] Seq=1 Ack=73 Win=28992 Len=0 TSval=3219761814 TSecr=3299780679
> 6 0.040449102 10.0.0.1 → 10.0.0.2 HTTP 573 HTTP/1.1 301 Moved Permanently (text/html)
> 7 0.313040054 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219762092 TSecr=3299780679
> 8 5.048481980 10.0.0.1 → 10.0.0.2 TCP 52 80 → 46736 [FIN, ACK] Seq=522 Ack=73 Win=28992 Len=0 TSval=3219766827 TSecr=3299780679
> 9 5.083993192 10.0.0.2 → 10.0.0.1 TCP 64 [TCP Dup ACK 3#1] 46736 → 80 [ACK] Seq=73 Ack=1 Win=64256 Len=0 TSval=3299785728 TSecr=3219761814 SLE=522 SRE=523
> 10 5.084198187 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219766863 TSecr=3299785728
> 11 5.333075665 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219767112 TSecr=3299785728
> 12 5.823118792 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219767602 TSecr=3299785728
> 13 6.863072716 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219768642 TSecr=3299785728
> 14 8.863081338 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219770642 TSecr=3299785728
> 15 12.783077356 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219774562 TSecr=3299785728
> 16 14.143988159 N/A → N/A N/A 32 Raw packet data
> 17 20.543097166 10.0.0.1 → 10.0.0.2 TCP 573 [TCP Retransmission] 80 → 46736 [PSH, ACK] Seq=1 Ack=73 Win=28992 Len=521 TSval=3219782322 TSecr=3299785728
seems to me that the answer of 10.0.0.1 (machine C) never makes it back
to 10.0.0.2 (machine A).
Observe:
1. (gentoo + 1.15) - (raspbian + 1.15) works
2. (gentoo + 1.17) - (gentoo + 1.15) works
3. (gentoo + 1.17) - (raspbian + 1.15) breaks
Thanks & best regards
-Mathias
More information about the tinc
mailing list