How to set peer0 to eth0 and not loopback?
Juli Mallett
juli at clockworksquid.com
Sat Apr 12 11:58:04 PDT 2014
Thanks, John.
So you're not having connectivity problems between the WANProxy client and
server, but between the WANProxy server and the actual upstream server at
107.206.YY.ZZ.55123, it seems like? Obviously WANProxy is working fine on
your OS, then, in terms of being able to use sockets properly, etc.
I wonder if there's some other configuration issue. Is there any chance
that your WANProxy server, shuttle-XS35, could itself be misconfigured?
That is, can you using nc or telnet (or curl) connect to
107.206.YY.ZZ.55123 from that system? Because it's the OS that's deciding
to use the loopback interface, not WANProxy. Common causes for this might
be having the 107.206.0.0/16 network configured on loopback rather than on
a physical interface, or having 107.206.YY.ZZ as an alias on that system,
or perhaps a misconfigured routing table. Because WANProxy should be
connecting just like anything else would, and it really seems like it must
be some kind of network stack misconfiguration, but one I'd like for us to
figure out just to be sure.
Thanks,
Juli.
On Sat, Apr 12, 2024 at 11:44 AM, John Nix <jnix at vobal.com> wrote:
> Sorry, on clarification is that I test the system from the client by
> issuing the command:
>
>
>
> wget 127.0.0.1:3300
>
>
>
> Instead of using the port number with wget that I mentioned below.
>
>
>
> Thanks, John
>
>
>
> *From:* John Nix [mailto:jnix at vobal.com]
> *Sent:* Saturday, April 12, 2024 1:43 PM
> *To:* 'Juli Mallett'
> *Cc:* 'wanproxy at lists.wanproxy.org'
> *Subject:* RE: How to set peer0 to eth0 and not loopback?
>
>
>
> Hi Juli,
>
>
>
> Thanks for the quick feedback. My setup/goal is relatively simple, so I
> didn’t expect this issue. Attached is the client configuration, and the
> server configuration (with slightly redacted/changed IP addresses/port
> numbers).
>
>
>
> So, when I have both the client and server running, and then test the
> system by issuing the command on the client: wget 127.0.0.1:55123
>
>
>
> I can see wanproxy on the server is sending out the loopback interface
> (not eth0) to reach the server peer, which is my problem.
>
>
>
> Below is an example from tcpdump on the loopback interface of the server
> (again IP addresses slightly redacted), when I issue the wget command from
> the client above. So, this shows the traffic from wanproxy on the server
> is going back out the loopback interface, but I need eth0. The only
> difference from the standard installation was that since I am on Ubuntu
> 12.04 I had to compile with “poll” and not “epoll” on the server, but I
> doubt that is related.
>
>
>
> I could give you access to the server if that would help.
>
>
>
> Thanks, John
>
>
>
> root at shuttle-XS35:/usr/src/wanproxy-0.8.0/programs/wanproxy# tcpdump -i
> lo -U -n
>
>
>
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
>
> listening on lo, link-type EN10MB (Ethernet), capture size 65535 bytes
>
>
>
> 13:29:25.237409 IP 107.206.YY.XX.53699 > 107.206.YY.ZZ.55123: Flags [S],
> seq 212899101, win 43690, options [mss 65495,sackOK,TS val 19955781 ecr
> 0,nop,wscale 7], length 0
>
> 1397327365.237644 [/wanproxy/proxy/proxy0/connector] INFO: Connect failed:
> <Error>/0 [Success]
>
> 13:29:25.237449 IP 107.206.YY.ZZ.55123 > 107.206.YY.XX.53699: Flags [R.],
> seq 0, ack 212899102, win 0, length 0
>
>
>
>
>
>
>
>
>
> *From:* Juli Mallett [mailto:juli at clockworksquid.com<juli at clockworksquid.com>]
>
> *Sent:* Saturday, April 12, 2024 12:42 PM
> *To:* John Nix
> *Cc:* wanproxy at lists.wanproxy.org
> *Subject:* Re: How to set peer0 to eth0 and not loopback?
>
>
>
> You absolutely should not need to go over loopback to connect to a remote
> peer. Can I ask how you're encountering that behaviour? Can you include
> your full configuration (redacting IPs if you feel it's necessary) and how
> you're verifying that it's not going out over the external interface? I
> ask on the last point because it's certainly the case that in some cases
> you may see traffic when doing tcpdump on a loopback interface if that
> traffic originates locally.
>
>
>
> Really, every useful configuration not involving an exterior tunnelling
> system should include at least one non-local peer, so I'm a little confused
> as to what your configuration must be that you're only seeing local
> traffic, or have gotten the impression that WANProxy cannot make
> connections across a network interface. If you've only looked at a
> configuration which uses SSH as a tunnel mechanism, such as the first
> configuration on https://wanproxy.org/examples.shtml, I'd encourage you to
> look at the second configuration, which connects directly over a WAN, or at
> the SSH optimization examples on https://wanproxy.org/ssh.shtml, for
> inspiration.
>
>
>
> It should be enough to simply modify the peer0 definition to use a
> non-local IP to which you have a route. If something else is going wrong,
> I'd guess it's some kind of portability bug that I'd like to fix urgently,
> so would appreciate any more information you can give.
>
>
>
> Thanks very much for the report!
>
> Juli.
>
>
>
> On Sat, Apr 12, 2024 at 10:31 AM, John Nix <jnix at vobal.com> wrote:
>
> Hi,
>
>
>
> The wanproxy software looks like a good fit for our equipment connected
> over satellite links.
>
>
>
> Setting it up was straightforward, but I do have a basic question that
> doesn’t seem to be addressed in the documentation or through several
> searches on Google.
>
>
>
> For various reasons, I need peer0 to be on eth0 and not the loopback
> interface. For example, when use the command ‘set peer0.host “x.y.z.q” ‘,
> and look at tcpdump wanproxy is sending to x.y.z.q on the loopback
> interface, which won’t readily work for our particular application.
>
>
>
> I expect there are workarounds (like trying to use iptables to redirect
> from lo to eth0, or running redir to listen on loopback, etc.), but the
> simplest would be to have the wanproxy peer on eth0. In case it matters,
> I’m using Ubuntu 12.04.
>
>
>
> Thanks, John
>
>
>
> -------------------
> John Nix
> Founder and CEO
> Vobal Technologies
> +1-847-350-9998 (o)
> +1-847-452-3754 (m)
> www.vobal.com
>
>
>
>
> _______________________________________________
> wanproxy mailing list
> wanproxy at lists.wanproxy.org
> https://wanproxy.org/listinfo.cgi/wanproxy-wanproxy.org
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://wanproxy.org/pipermail/wanproxy-wanproxy.org/attachments/20140412/f79ad0c4/attachment-0002.htm>
More information about the wanproxy
mailing list