Ubuntu Networking :: VPN Interface MTU Size \ The Packets Come With The Don't Fragment Bit Set?
Feb 20, 2010
For learning purposes i've set up a vpn between a laptop (running ubuntu) and a pc (running windows). The 2 computers are on the same lan. The VPN server is set on the laptop, and as a guide i used this tutorial:The problem is that the mtu on the ppp0 interface is 1396 and the mtu on the eth0 interface is 1492 so in order to pass packets from the et0 if to the ppp0 if, the laptop needs to fragment the packets, and here is where the problem appears: the packets come with the don't fragment bit set. I've tried lowering the mtu of the eth0 if but that didn't work. The only way i managed to make this work is setting the ppp0 mtu size to 1492. The thing is that setting the mtu and mru in the pptpd-options file to 1492 doesn't do anything (at least to solve this problem) and the only way to set the mtu of the ppp0 if is to manually set it using: Code:sudo ifconfig ppp0 mtu 1492 The issue with this is that every time the connection resets i have to enter the command.
View 2 Replies
ADVERTISEMENT
Oct 13, 2010
I want to build a topology of this kind:
|eth0 (a.a.a.a) |
Linux PC |<----------------> | ROUTER
|eth1 (b.b.b.b) |
|<----------------->|
the linux machine has two interfaces eth0 (a.a.a.a) and eth1 (b.b.b.b) connnected to two interfaces of a router. Now that if I send any packet destined to b.b.b.b from a.a.a.a interface on the linux machine, it should take the folowing path: eth0->router->eth1 . and it should be the same for vice versa.
View 1 Replies
View Related
Mar 30, 2011
I have a linux box with two interfaces: eth0 is a builtin and eth1 is a USB-LAN.
There is an IP configured on eth1.
eth0 is up but no IP is configured. This interface is used for sniffing with tcpdump.
The problem is that eth0 frequently stops receiving packets -- my tcpdump captures are empty, and if I look at the interface stats with ifconfig, I can see that no packets are received.
If I bounce the interface (ifconfig eth0 down; ifconfig eth0 up), it starts receiving packets again.
View 1 Replies
View Related
Feb 9, 2011
I'm a student who is working on a wireless research project. I have a madwifi driver for Atheros chipset on Debian Linux. With having the wireless interface get into monitor mode, I want to forward the captured packets from the wireless interface to the other Ethernet interface so that a different computer which is connected to this machine via Ethernet receives those packets. I checked that alll packets are received in the wireless interface using TCPDUMP. I tried to forward those packets with IPTABLES like 'iptables -p FORWARD -i ath0 -o eth2 -j ACCEPT' However, I couldn't see any packets forwarded to eth2 using TCPDUMP.
View 5 Replies
View Related
Mar 22, 2010
I am trying to do something outlandish with iptables (or so I think!).I have a source sending udp packets to a destination (say dst11). Using port mirroring I am able to get all these packets to a different machine (say dst22). I am able to see these packets on dst22 interface using tcpdump.I want to analyze the packets on dst22. So what I do is put dst22 interface in promiscuous mode (using ifconfig eth0 promisc). This in theory should get the packet through the MAC layer. Now using iptables I am trying to DNAT the packets in nat prerouting to change the packets destination IP to dst22's interface and change the destination port.
View 2 Replies
View Related
Sep 15, 2010
As is known, there is a queue lies between the kernel subsystem and the network driver for incoming data. And if data come when this queue has no space for it, the data got dropped by kernel. Is there some way to see how many packets are dropped due to this buff penury? I tried netstat -s but could not find something useful. On the other hand, I found this 12176 packets collapsed in receive queue due to low socket buffer from netstat -s. I think this is something related to the per-socket buffer, but not the incoming queue between the network driver and kernel. Is this right?
View 1 Replies
View Related
Oct 7, 2010
I have a RHEL 4 server delivering long messages to several RHEL 4 clients. They work fine.I am trying a RHEL 5 client running the same client application as the RHEL 4 clients. The RHEL 5 client looses most messages. have tried with two other clients running CentOS 5 with similar results. The server indicates write failure or blocked. The messages are typically 50 kilobytes. I have changed many parameters in sysctl.conf Has anyone encountered similar problems?
View 3 Replies
View Related
Feb 8, 2010
i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.
i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
View 8 Replies
View Related
Aug 30, 2010
i need to write a program in c that can sniff packets from Ethernet and distinguish RTP packets from Non-RTP packets, i have no idea what should i do
View 9 Replies
View Related
Sep 27, 2010
I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.
View 3 Replies
View Related
Oct 23, 2010
Just happened after the latest updates on MM
select applications, it loads the menu but it wont go away, pieces of it stay on the screen
solved by reinstalling the nvidia driver.
View 2 Replies
View Related
Mar 23, 2010
if its possible to change font size or style on CLI.
View 9 Replies
View Related
Feb 14, 2010
I just had an ATT Uverse RG installed. However my Smoothwall router that previously worked fine with the ADSL SpeedStream is no longer accepting an address assignment DHCP ip address from this new gateway. (3800HGV-B)Any thoughts ideas or experience working with this hardware? ATT only supports Windows and Mac
View 2 Replies
View Related
Jul 18, 2011
I have a ppp0 entry with post-up options like this
mapping ppp0
map none photon-plus motorola
map timeout: 12
[code]...
View 8 Replies
View Related
Apr 5, 2010
I'm trying to install Kubuntu on an old Windows system. I am getting tons of errors such as:
I/O error
SQUASHFS error:unable to read page, block XXXXXX
SQUASHFS error: unable to read fragment cache block
It then reports that it's loading ACPI modules and starting the ACPI services, starting the system log daemon, doing Wacom setup, starting kernel log daemon.....and then it reads sb_bread failed reading block umptysquat.I have a feeling that this hard drive is toast. I can't get it to install Windoze or Linux. I can't even get a prompt so I can do a low-level format. Unfortunately, I'm not super savvy with Linux and don't know what to do next.
View 2 Replies
View Related
Jan 14, 2010
I am new to Ubuntu almost installed it after windows showed blue screen 4 ever n ever. However after installing ubuntu whenever I log in windows it doesnt detect any network connection but when I use Ubuntu it automatically does can it be that Ubuntu is causing any problem? And how to check how many packets are being sent and received through my wired network and do I have to install any drivers for my modem in Ubuntu.
View 5 Replies
View Related
Mar 13, 2010
I am using ubuntu 9.10. Configuring my firewall using guarddog. I have setup a rule to allow traffic OUT on port 7078 UDP, and just because i'm having problems i added an IN rule.
# Create the filter chains
# Create chain to filter traffic going from 'Internet' to 'Local'
ipchains -N f0to1
[code]....
View 2 Replies
View Related
Jul 6, 2011
is there any way to point certain packets from my outgoing traffic to a LAN : port ?
can iptables do this ? if yes how ?some like this [URL] ?
View 1 Replies
View Related
Sep 6, 2010
My setup is...I have a wireless access point using laptop as a gateway. The AP is also connected to a switch as is the laptop. So the laptop has two interfaces one wireless and one wired. A third device is using the AP to connect to a server on the internet. The AP sends the packets to my laptop where they are dropped. I've been looking for a solution to this problem without success. Basically is there a way for my laptop to forward all packets it sees from a certain IP address to whatever destination address they have?To clarify, my laptop is just the gateway of the AP and none of the packets are addressed to it at all, it just picks them up using a sniffer or similar tool.
View 1 Replies
View Related
Dec 3, 2010
using layer 7 filtering how to block the ftp packets?..
In My router i am going to add a below rule.... iptables -A OUTPUT -m layer7 --l7proto tcp --dport 20 -j DROP
above statement will it work in my router?.
View 1 Replies
View Related
Oct 17, 2010
1) i have to find the source and destination address in the ip and ethernet headers of a packet that go from my machine to the router.2) Then i have to do the same for the packet that goes from the router to my partner's machine.Then I have to answer the above questions but now for the echo replay.How could i see these address?The result could be found in the output of a tcpdump?
[guest@shakti guest]$ sudo tcpdump -en host 128.238.62.101 and 128.238.61.101
tcpdump: listening on eth0
20:27:36.662737 0:4:75:b5:20:bc 0:3:e3:2a:4a:60 ip 42: 128.238.61.101 > 128.238.62.101: icmp: echo request
[code]....
View 2 Replies
View Related
Feb 15, 2010
I've a ssh server on FEDORA 12. It was going well but now it's overloaded with ARP traffic and is unable to run ssh. normally i'm getting about 150 packets in just 3 second
View 1 Replies
View Related
Aug 30, 2010
I've setup ufw rules on my system but noticed that the rule i created to allow traffic from my local network is still dropping some RST packets.here's part of the output of dmesg
[43627.361500] [UFW BLOCK] IN=wlan0 OUT= MAC=00:16:ea:03:9c:3a:00:1f:a7:3d:d5:eb:08:00 SRC=192.168.0.4 DST=192.168.0.3 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=2210 PROTO=TCP SPT=59521 DPT=9000 WINDOW=0 RES=0x00 RST URGP=0
[code]....
View 3 Replies
View Related
Jun 7, 2011
we are using Red hat enterprise 5.4 for our internet connection with following ip's
eth0: 192.168.1.2 (local lan)
eth1: 114.143.28.240 (static ip address for 1st isp)
eth2: 192.168.100.149 (2nd isp modem connected with lan cable)
first isp i.e tata internet connected to the internet and working very well
now i want 2nd isp to work when the first isp goes down, i had configured all dns in the resolve.conf and squid.conf, when i switch off the 1st isp for checking that failover is working or not i cannot get internet packets from the second isp.
View 5 Replies
View Related
Jun 10, 2010
my Linux does not workDoes not accept incoming connectionsiptable disabledping is a network but cannot nor at 22 nor at any other connectsHow do I check what is blocking the connection
thnx alot.OS Ubuntu 9.4
View 4 Replies
View Related
Oct 1, 2010
One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.
View 5 Replies
View Related
Jan 11, 2010
I've recently installed Ubunter 9.10 Server Edition to use as a NAT firewall for the lab I run. I'm using iptables to do NAT forwarding and everything works great except that, occasionally, connections seem to break. Ssh connections close with "Connection reset by peer" and HTTP connections just stall out.I believe this has to do with the firewall's internal network interface occasionally dropping packets.
View 2 Replies
View Related
Mar 11, 2010
I have two NIC's interfaces on my linux machine(eth1 and eth2). Each have different IP addresses(10.0.0.1, 10.67.7.1). These two interfaces are connected together through hub. Here is the my question?
1) If I 'ping 10.0.0.1', it should go out through network interface eth2 and through hub and enter on eth1 and response also travel through similar direction.
2) If I 'ping 10.67.7.1', it should go out through network interface eth1 and through hub and enter on eth2.
How can setup routing table for this,I have tried setting up routing and iptables, etc.. nothing helped.
If any one good router/networking guy, you should know this one.I am doing a project, I want this way to handle this.
View 9 Replies
View Related
Jun 11, 2009
I have a network like
Node A to Vlan Switch
Node B to Vlan Switch
Node C to Vlan Switch
Node B is set up to be a middle man between A and C.
All nodes have 1 NIC.
They are all linux boxes. Node B can ping Node C. When I try to ping Node C from Node A, the ping just hangs forever.
When I use Wireshark to sniff What's going on with Node B during a ping from Node A to Node C, I can see an ICMP request with src = Node A and dest = Node C. I'd like to know if that ICMP packet was received by B from A or if it is going out. If it's going out, that makes no sense since B knows how to send to C. If B is only getting the requests but not forwarding them, then I know there is something wrong with B's configuration.
So I'd like to be able to sniff incoming packets only, or outgoing packets only. Is there a way to do this?
View 1 Replies
View Related
Apr 16, 2010
I have a legacy application that communicates status to a remote server over UDP. The server app replies back to the client with UDP as well, using the IP address it obtains from the sockaddr parameter of the recvfrom() method.
Code:
[----------------] [----------------]
[ client <->(udp)]<----- Ethernet -----> [(udp)<-> server ]
[----------------] [----------------]
I'm trying to replace the underlying use of ethernet, with a RS232 based radio/modem device - without making any src changes to the legacy apps. i.e. apps would still create and transmit UDP packets addressed to a remote IP address and listening port, and the receiver wouldn't know any difference. I'm relatively new to this level of network programming, but my first attempt has been to write an app that sniffs out outbound raw UDP packets (using pcap), transmit that data over the radio, and re-injects the UDP unchanged on the remote end.
Code:
[----------------] [----------------]
[ client <->(udp)] [(udp)<-> server ]
[ | ] [ ^ ]
[ v ] [ | ]
[ /capture/]<---- Radio XMIT ----> [/reinject/ ]
[----------------] [----------------]
My 'capture' app intercepts the UDP packets just fine when the machine is 'plugged' in, but as soon as I disconnect my network cable to test wireless, outbound packets addressed to a remote IP (ie. the server) are no longer captured (tho local UDP packets are picked up ok). Wireshark also does not report the original outbound packet, but it does show an ICMP packet reporting 'Host Unreachable'. I understand the host isn't reachable, but I'm confused as to why the packet isn't at least making it to the interface/network card. Is there anyway to get the force the kernel to 'transmit' the UDP packet anyway so that my capture app can intercept it? or is there a better/easier solution (again, w/o making source changes to the client/server)?
View 4 Replies
View Related
