Re: GRE-NAT broken - SOLVED

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi again :)

Am 06.02.2018 um 00:10 schrieb Grant Taylor:
>
>> Then I tried a working tunnel:
>>
>> Set up a ping, flushed the entry, but:
>> root@unimatrixzero ~ # conntrack -D -s 185.66.194.1
>> conntrack v1.4.3 (conntrack-tools): 0 flow entries have been deleted.
>> root@unimatrixzero ~ # conntrack -D -d 185.66.194.1
>> gre      47 179 src=192.168.10.62 dst=185.66.194.1 srckey=0x0
>> dstkey=0x0 src=185.66.194.1 dst=176.9.38.150 srckey=0x0 dstkey=0x0
>> [ASSURED] mark=0 use=1
>> conntrack v1.4.3 (conntrack-tools): 1 flow entries have been deleted.
>>
>> The not working tunnel seems to have a conntrack entry based on the
>> remote IP as source. The working tunnel seems to have a conntrack
>> entry based on the remote IP as destination.
>
> You might be onto something.  This may come back to the race condition
> that I was referring to.
Indeed. But I still don't understand why the exact same entries in the
conntrack table sometimes work and sometimes not.
>
> Are the tunnels that had the persistent ping running still working
> correctly?
>
The ones, that had a running ping, didn't break down. I made all tunnels
working now by repeatedly deleting the conntrack entries till every
single tunnel came up.

For the first time, since we started writing here, every single of the
seven tunnels works at the same time. I set up pings for every single
one of them. So in theory this should be stable until the next reboot.

One thing noticing though: In once case, the ping went though the tunnel
correctly, but BGP couldn't establish a connection. Only after deleting
the entry for a couple of times, BGP came up aswell. I don't know yet
what this means.

ffrl_fra0 BGP      ffnet    up     23:43:55    Established  
ffrl_fra1 BGP      ffnet    up     2018-02-01  Established  
ffrl_ber0 BGP      ffnet    up     2018-02-05  Established  
ffrl_ber1 BGP      ffnet    up     23:36:19    Established  
ffrl_dus0 BGP      ffnet    up     23:38:22    Established  
ffrl_dus1 BGP      ffnet    up     2018-02-05  Established  
ibgp_gw02 BGP      ffnet    up     2018-02-05  Established  

As you can see, the other tunnels have been running for quite some time
now.

Bye,

Matthias
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux