Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.0k views
in Technique[技术] by (71.8m points)

ip - Terminal not seeing ping messages from TUN port

Hi I'm working on a project and I had a question involving ping commands and how they interface over network TUN ports.

Basically I'm sending out ping requests which are routed to my TUN port and the reply's are sent to the TUN port over the VPN. There are no other internet interfaces (i.e. no wifi/ethernet). Using wireshark and tcpdump I can see that the correct reply messages are seen on the TUN0 port but terminal does not see the replys and instead shows 100% drop rate. The issue seems to be that the TUN0 port is not properly linking back to the kernal? (total guess I'm quite new to IP routing).

The IP address of the TUN is 10.0.0.73 and I am pinging a computer with IP address 10.0.0.28

Bellow is a snippet from the tcpdump on TUN0 this is a request and reply that to my untrained eye should work:

23:08:52.257566 IP (tos 0x0, ttl 64, id 11185, offset 0, flags [DF], proto ICMP (1), length 84)
    10.0.0.73 > 10.0.0.28: ICMP echo request, id 24667, seq 2, length 64

23:09:11.508002 IP (tos 0x0, ttl 64, id 13315, offset 0, flags [none], proto ICMP (1), length 84)
    10.0.0.28 > 10.0.0.73: ICMP echo reply, id 24667, seq 2, length 64

Based on other posts I checked my ip route list and the output is as such

pi@raspberrypi:~$ sudo ip route list
10.0.0.0/24 dev tun0 proto kernel scope link src 10.0.0.73

and the ifconfig is this:

pi@raspberrypi:~$ ifconfig tun0
tun0    Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
        inet addr:10.0.0.73 P-t-P 10.0.0.73  Mask:255.255.255.0
        ...
question from:https://stackoverflow.com/questions/65865694/terminal-not-seeing-ping-messages-from-tun-port

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Turns out the issue was that the replies were showing up in incorrect orders and greatly delayed, when I fixed the network connections this issue went away without changing any configurations in the iptables


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...