It is currently Sun Jun 25, 2017 6:56 pm

All times are UTC




Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Tue Aug 23, 2016 6:02 pm 

Joined: Tue Aug 23, 2016 5:41 pm
Posts: 1
Hi,

I have a Centos 7 VM running Softether. I have linux based clients via SSTP. Behind the Softether on the server side I have servers that need to reach out to the SSTP clients and vice versa. As such I cannot use NAT. I cannot bridge the to the interface as I'm in a cloud provider that will not allow it. I use the DHCP function only with no ACLs. When I ping from a server to the client the packet reaches the client but does not some back. I have confirmed this with capture on the client. Clients can currently ping each other. They can also ping the ip address on the TAP interface. They cannot however ping to subnets behind it and the packets dont reach the TAP interface.

See tcpdump showing first successful ping from the client(192.168.76.11/24) to the TAP interface on the linux server(192.168.76.254/24). Then when the server(172.30.5.166) pings the client the packet goes over the tap and gets to client, the client sends it back(see below) but the packets are dropped in the softether process it seems.

[root@ip-172-30-5-96 centos]# tcpdump -i tap_test-tap0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap_test-tap0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:52:00.139038 IP 192.168.76.11 > 192.168.76.254: ICMP echo request, id 33025, seq 0, length 36
17:52:00.139058 IP 192.168.76.254 > 192.168.76.11: ICMP echo reply, id 33025, seq 0, length 36
17:52:01.149591 IP 192.168.76.11 > 192.168.76.254: ICMP echo request, id 33025, seq 256, length 36
17:52:01.149613 IP 192.168.76.254 > 192.168.76.11: ICMP echo reply, id 33025, seq 256, length 36
17:54:51.272523 IP 172.30.5.166 > 192.168.76.11: ICMP echo request, id 1, seq 2156, length 40
17:54:56.119905 IP 172.30.5.166 > 192.168.76.11: ICMP echo request, id 1, seq 2157, length 40
17:55:01.128812 IP 172.30.5.166 > 192.168.76.11: ICMP echo request, id 1, seq 2158, length 40
17:55:06.119907 IP 172.30.5.166 > 192.168.76.11: ICMP echo request, id 1, seq 2162, length 40

Client capture:

# TIME IN.. SRC-ADDRESS DST-ADDRESS IP-.. SIZE CPU FP
0 3.186 ss.. 172.30.5.166 192.168.76.11 icmp 60 0 no
1 3.186 ss.. 192.168.76.11 172.30.5.166 icmp 60 0 no
2 4.325 ss.. 192.168.76.11 192.168.76.1 icmp 94 0 no
3 7.999 ss.. 172.30.5.166 192.168.76.11 icmp 60 0 no
4 7.999 ss.. 192.168.76.11 172.30.5.166 icmp 60 0 no
5 9.586 ss.. 192.168.76.11 192.168.76.1 icmp 94 0 no
6 13 ss.. 172.30.5.166 192.168.76.11 icmp 60 0 no
7 13 ss.. 192.168.76.11 172.30.5.166 icmp 60 0 no
8 14.6 ss.. 192.168.76.11 192.168.76.1 icmp 94 0 no


Partial output of ip addr:

2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:22:40:86:4d:e5 brd ff:ff:ff:ff:ff:ff
inet 172.30.5.96/24 brd 172.30.5.255 scope global dynamic eth0
valid_lft 2056sec preferred_lft 2056sec
inet6 fe80::422:40ff:fe86:4de5/64 scope link
valid_lft forever preferred_lft forever
5: tap_test-tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 00:ac:08:9a:d0:37 brd ff:ff:ff:ff:ff:ff
inet 192.168.76.254/24 scope global tap_test-tap0
valid_lft forever preferred_lft forever
inet6 fe80::2ac:8ff:fe9a:d037/64 scope link
valid_lft forever preferred_lft forever

ROUTE TABLE of softether server:

[root@ip-172-30-5-96 centos]# ip route
default via 172.30.5.1 dev eth0
172.30.5.0/24 dev eth0 proto kernel scope link src 172.30.5.96
172.30.20.0/24 dev eth1 proto kernel scope link src 172.30.20.96
192.168.76.0/24 dev tap_test-tap0 scope link
192.168.76.0/24 dev tap_test-tap0 proto kernel scope link src 192.168.76.254
[root@ip-172-30-5-96 centos]#

Any help would be appreciated. I cant find any documentation on how softether does internal routing. I have tried to add a 'Layer 3 Switch' and tried lots of different configurations, but nothing worked. Thanks a lot.

Chris


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Return to www.softether.org