4

I have a program (written by me) that creates a tun0 device and sets up a route so that packets destined for the 172.16.1.0/24 subnet can be read from this device. I'm trying to go in the other direction now and write packets to the tun device that can be received by

My first effort, just changing the source and destination address and ports worked fine. I can run the following: 

nc -u -s MY_IP -p 4001 172.16.1.3 4000

and my input gets echoed.

My second effort, actually generating output packets from scratch, is currently failing.

I can run tcpdump -i tun0 and see the packets that I've written:

11:30:14.433489 IP (tos 0x0, ttl 32, id 0, offset 0, flags [none], proto UDP (17), length 56) 172.16.1.2.54167 > Ubuntu-dbacher.local.4011: [udp sum ok] UDP, length 28

But my listener (nc -l -u -s MY_IP -p 4011) doesn't see anything.

I suspect there's something wrong that's preventing the tun0 device from routing its packets out, but I don't know how to get visibility into where the packets are being dropped.

$ ifconfig tun0
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:172.16.1.1  P-t-P:172.16.1.1  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
172.16.1.0      172.16.1.1      255.255.255.0   UG    0      0        0 tun0
10.10.48.0      0.0.0.0         255.255.255.0   U     1      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 eth0
0.0.0.0         10.10.48.1      0.0.0.0         UG    0      0        0 eth0

$ cat /proc/sys/net/ipv4/ip_forward
1

How do I debug where the tun packets are being dropped?

(BTW, all packets are UDP.)

Dave Bacher
  • 151
  • 1
  • 1
  • 6
  • could you solve your problem? I can read packets from tun device but when I write to it (I can see them on tcpdump), I think they are just dropped (although I have masquerade rules) because they are not routed over eth0. – ram Jan 01 '18 at 13:51

2 Answers2

6

just a hunch - does linux allow packet routing?

run cat /proc/sys/net/ipv4/ip_forward - you expect to see 1. if it's 0 run:

echo 1 > /proc/sys/net/ipv4/ip_forward

also check your iptables - at the beginning you probably want to have ACCEPT for FORWARD chain:

iptables -P FORWARD ACCEPT
iptables -F FORWARD

when troubleshooting routing / firewalls i most often use tcpdump [ which you've mentioned ].

pQd
  • 29,981
  • 6
  • 66
  • 109
  • I should have mentioned that `ip_forward` is 1. iptables shows "Chain FORWARD (policy ACCEPT)" but no targets are listed, so I think that's OK. – Dave Bacher Feb 03 '10 at 22:48
  • Thanks for the iptables mention. I added some LOG actions to try to catch where the packets were being dropped. – Dave Bacher Feb 05 '10 at 04:50
3

Maybe this helps:

ip route get 198.51.100.1

or:

ip route get to 198.51.100.1 from 192.168.0.2 iif eth0

Source of this: http://www.microhowto.info/troubleshooting/troubleshooting_the_routing_table.html

guettli
  • 3,591
  • 17
  • 72
  • 123
  • The linked site is not up, but it is [archived](https://web.archive.org/web/20200222013113/http://www.microhowto.info/troubleshooting/troubleshooting_the_routing_table.html). – Jack Wasey Oct 18 '20 at 09:42