Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have been doing a lot reading on the subject recently, mainly because I have network problems, but I still don't think I understand what is happening in the stack.
So, I hope someone may be able try and explain what is happening with my packets?
Example setup;
I have a program that wants to send a packet to an outside internet address, and then on to my server ...
The packet needs to flow through a vpn program and then flow through a local proxy program before it exits to the outside internet.
The flow would look something like this ...
[client ping (1)-> vpn (2)-> proxy (3)->] internet [(4)-> server proxy (5)-> vpn (6)->] internet -> remote host.
Some communication happens via the kernel and some via the stack?
Example; information from ping to vpn does not show up on the stack so kernel handles it?
Now if I watch this happen with tcpdump then what should I expect see?
The program is ping 8.8.8.8 directed through an openvpn tunnel which is then directed through an obfuscation proxy before leaving my laptop on its way to my server.
Once the tunnel is up I lose contact with the outside internet addresses.
I checked firewall rules, routing, conf files but can not identify what the problem is ...
I started watching packets with tcpdump to try and identify where the problem is, but I am not sure what I should expect to see in the tcpdump output, and this is the reason for my question?
The vpn tunnel has worked previously without the obfsproxy but it is difficult to know for sure when it is and isn't configured correctly because vpn is very unreliable in my host country.
mabo@debian:~$ sudo ip route list table all
default via 192.168.20.1 dev wlan0 proto static metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.20.0/24 dev wlan0 proto kernel scope link src 192.168.20.103 metric 600
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.20.0 dev wlan0 table local proto kernel scope link src 192.168.20.103
local 192.168.20.103 dev wlan0 table local proto kernel scope host src 192.168.20.103
broadcast 192.168.20.255 dev wlan0 table local proto kernel scope link src 192.168.20.103
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
local ::1 dev lo table local proto none metric 0 pref medium
local fe80::3ea9:f4ff:fea7:da8c dev lo table local proto none metric 0 pref medium
ff00::/8 dev wlan0 table local metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
After connecting vpn;
Code:
mabo@debian:~$ sudo ip route list table all
default via 10.8.0.34 dev tun0 proto static metric 50
default via 192.168.20.1 dev wlan0 proto static metric 600
10.8.0.1 via 10.8.0.34 dev tun0 proto static metric 50
10.8.0.33 dev tun0 proto kernel scope link src 10.8.0.33 metric 50
10.8.0.34 dev tun0 proto kernel scope link src 10.8.0.33
127.0.0.1 via 192.168.20.1 dev wlan0 proto static metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.20.0/24 dev wlan0 proto kernel scope link src 192.168.20.103 metric 600
local 10.8.0.33 dev tun0 table local proto kernel scope host src 10.8.0.33
broadcast 10.8.0.33 dev tun0 table local proto kernel scope link src 10.8.0.33
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.20.0 dev wlan0 table local proto kernel scope link src 192.168.20.103
local 192.168.20.103 dev wlan0 table local proto kernel scope host src 192.168.20.103
broadcast 192.168.20.255 dev wlan0 table local proto kernel scope link src 192.168.20.103
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
local ::1 dev lo table local proto none metric 0 pref medium
local fe80::3ea9:f4ff:fea7:da8c dev lo table local proto none metric 0 pref medium
ff00::/8 dev wlan0 table local metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
extra info;
Code:
mabo@debian:~$ ip route get 8.8.8.8
8.8.8.8 via 10.8.0.34 dev tun0 src 10.8.0.33
cache
Here is routing table with vpn connected without the obfsproxy;
VPN works without obfsproxy in some geographic areas.
Code:
mabo@debian:~$ sudo ip route list table all
default via 10.8.0.34 dev tun0 proto static metric 50
default via 192.168.20.1 dev wlan0 proto static metric 600
10.8.0.1 via 10.8.0.34 dev tun0 proto static metric 50
10.8.0.33 dev tun0 proto kernel scope link src 10.8.0.33 metric 50
10.8.0.34 dev tun0 proto kernel scope link src 10.8.0.33
VPN_Server_IP via 192.168.20.1 dev wlan0 proto static metric 600
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.20.0/24 dev wlan0 proto kernel scope link src 192.168.20.103 metric 600
local 10.8.0.33 dev tun0 table local proto kernel scope host src 10.8.0.33
broadcast 10.8.0.33 dev tun0 table local proto kernel scope link src 10.8.0.33
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.20.0 dev wlan0 table local proto kernel scope link src 192.168.20.103
local 192.168.20.103 dev wlan0 table local proto kernel scope host src 192.168.20.103
broadcast 192.168.20.255 dev wlan0 table local proto kernel scope link src 192.168.20.103
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
local ::1 dev lo table local proto none metric 0 pref medium
local fe80::3ea9:f4ff:fea7:da8c dev lo table local proto none metric 0 pref medium
ff00::/8 dev wlan0 table local metric 256 pref medium
unreachable default dev lo table unspec proto kernel metric 4294967295 error -101 pref medium
Code:
mabo@debian:~$ ip route get 8.8.8.8
8.8.8.8 via 10.8.0.34 dev tun0 src 10.8.0.33
cache
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.