| View previous topic :: View next topic |
| Author |
Message |
alatar
n00b
Joined: 12 Feb 2009
Posts: 61
|
 Posted: Wed Apr 01, 2009 7:40 am Post subject: pptp, GRE flooding |
 |
|
After starting ppp with command sudo pon unlim I have the following output after 30 seconds:
| Code: | eth0 Link encap:Ethernet HWaddr 00:19:db:ef:74:57
inet addr:172.16.104.3 Bcast:172.16.104.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29209 errors:0 dropped:0 overruns:0 frame:0
TX packets:3902 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13298356 (12.6 MiB) TX bytes:278864 (272.3 KiB)
Interrupt:219
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.3.255.86 P-t-P:10.3.11.113 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1460 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:5427423 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:66 (66.0 B) TX bytes:1938409620 (1.8 GiB) |
It is strange because I have only 256kb/s connection. Though pppd works and the IP I get is right I can not ping nothing outside. When trying to run sudo tcpdump -i ppp0 > log I get the following output:
| Code: | 10:16:14.139060 IP 172.16.104.3 > 10.3.11.113: gre
10:16:14.576504 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854631, length 72: IP 172.16.104.3 > 10.3.11.113: gre
10:16:14.576552 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854632, length 108: IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854618, length 72: IP [|ip]
10:16:14.576560 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854637, length 720: IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854623, length 684: IP [|ip]
10:16:14.576567 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854638, length 1440: IP truncated-ip - 36 bytes missing! 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854624, length 1440: IP [|ip]
10:16:14.576574 IP 172.16.104.3 > 10.3.11.113: gre
10:16:14.576608 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854639, length 72: IP 172.16.104.3 > 10.3.11.113: gre
10:16:14.576643 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854640, length 108: IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854625, length 72: IP [|ip]
10:16:14.576650 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854641, length 144: IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854626, length 108: IP [|ip]
10:16:14.576657 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854644, length 252: IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854629, length 216: IP [|ip]
10:16:14.576663 IP 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854645, length 1440: IP truncated-ip - 36 bytes missing! 172.16.104.3 > 10.3.11.113: GREv1, call 45657, seq 1854630, length 1440: IP [|ip]
10:16:14.576670 IP 172.16.104.3 > 10.3.11.113: gre |
Note that this block is recurring, the whole size of log file after 40 seconds is almost 600MiB (!).
Here is the output of my /etc/ppp/peers/unlim file:
| Code: | pty "pptp unlim.d5.khai.edu --nolaunchpppd --debug"
name dep
remotename pptp
require-mschap-v2
nomppe
lock
noauth
nobsdcomp
nodeflate
defaultroute
usepeerdns
debug |
Please help, I need unlimited ppp connection to update my Gentoo box 
P.S. 'nomppe' option is required by my provider, because compression has been disabled.
Last edited by alatar on Fri Apr 03, 2009 8:17 am; edited 1 time in total |
|
| Back to top |
|
 |
alatar
n00b
Joined: 12 Feb 2009
Posts: 61
|
| Posted: Thu Apr 02, 2009 6:51 pm Post subject: |
|
|
| I had tried to disable GRE support in kernel, but nothing really changed. The same output, the same problem. I think I am missing something very easy, but very important. Any variants? |
|
| Back to top |
|
|
alatar
n00b
Joined: 12 Feb 2009
Posts: 61
|
| Posted: Fri Apr 03, 2009 7:43 am Post subject: |
|
|
I think I found out the problem. Google told that the reason is in some kind of loop when my ppp0 is up. All packets should be sent to the eth0 interface while they are sent to the virtual ppp0. That is why I have a lot of packets sent but very little received.
Here is my route output after receiving IP from dhcp server:
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.104.0 * 255.255.255.0 U 0 0 0 eth0
172.16.0.0 172.16.104.1 255.255.0.0 UG 0 0 0 eth0
10.0.0.0 172.16.104.1 255.0.0.0 UG 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo |
And here is the output after sudo pon unlim command:
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.3.11.113 * 255.255.255.255 UH 0 0 0 ppp0
172.16.104.0 * 255.255.255.0 U 0 0 0 eth0
172.16.0.0 172.16.104.1 255.255.0.0 UG 0 0 0 eth0
10.0.0.0 172.16.104.1 255.0.0.0 UG 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo |
I had tried setting default route before ppp0, but the problem is still there when ppp0 is up:
| Code: | Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.3.11.113 * 255.255.255.255 UH 0 0 0 ppp0
172.16.104.0 * 255.255.255.0 U 0 0 0 eth0
172.16.0.0 172.16.104.1 255.255.0.0 UG 0 0 0 eth0
10.0.0.0 172.16.104.1 255.0.0.0 UG 0 0 0 eth0
loopback * 255.0.0.0 U 0 0 0 lo
default * 0.0.0.0 U 0 0 0 eth0 |
My ip address: 172.16.104.3
default gateway: 172.16.104.1
vpn server: 10.3.11.113
What am I missing? |
|
| Back to top |
|
|
mrness
Retired Dev
Joined: 17 Feb 2004
Posts: 375
Location: bucharest.ro
|
| Posted: Sat Apr 04, 2009 12:38 pm Post subject: |
|
|
Your VPN server is badly configured. It should never report its external IP address to its PPP clients as remote IP address, instead it should report the address configured on its internal network interface.
There is a workaround if you cannot fix your VPN server configuration. Just add commands in your /etc/ppp/ip-up script that removes the PPP host route and replace it with a route like this:
| Code: |
ip route del 10.3.11.113/32 dev ppp0
ip route add 192.168.0.0/24 dev ppp0
|
Note: replace 192.168.0.0/24 with the network prefix behind your VPN server. |
|
| Back to top |
|
|
alatar
n00b
Joined: 12 Feb 2009
Posts: 61
|
| Posted: Sun Apr 05, 2009 5:34 am Post subject: |
|
|
The IP I get for ppp0 interface is 10.3.255.86. So right commands in /etc/ppp/ip-up are the following:
| Code: | ip route del 10.3.11.113/32 dev ppp0
ip route add 10.3.255.0/24 dev ppp0 |
Am I right? Or 'network prefix behind your VPN server' means something else? |
|
| Back to top |
|
|
mrness
Retired Dev
Joined: 17 Feb 2004
Posts: 375
Location: bucharest.ro
|
| Posted: Sun Apr 05, 2009 7:55 am Post subject: |
|
|
| Strictly speaking that prefix could be something else - IP address pool used for VPN clients could be allocated from a different prefix than the one used by LAN. You could try use this prefix; if you can't get access to services available for VPN clients, ask your admin about the correct prefix. |
|
| Back to top |
|
|
alatar
n00b
Joined: 12 Feb 2009
Posts: 61
|
| Posted: Sun Apr 05, 2009 9:35 am Post subject: |
|
|
| Thanks for you help. I will try this as soon as I get home. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
