0

I have two machines A and B. I want to send iperf traffic from A to B, but first have it route through a userspace program on A. I did this with a tunneling device: therefore, I used the command ip route add *B address* dev tun77.

However, this command is preventing connections from B to A: for example, I cannot from SSH B to A. This is creating problems with my project, especially with TCP traffic.

I assumed that ip route would only affect packets leaving machine A. However, it seems to be affecting connections from B to A. Is this because incoming packets are being routed, or is it the responses from A to B that are preventing the connection from happening (like SYNACK messages)? How do you fix this?

I tried marking packets on the output chain with an iptable and creating a route for that with this link, but for some odd reason it isn't working.

Any help would be appreciated, thanks!

EDIT: When I try running tcpdumps on A and B, all I see are ARP packets from B are arriving at A; in addition, I don't see any traffic out of A that responds to these.

`

Ashkay
  • 101
  • 3
  • The handshake responses from A never arrive at B because you've diverted them. Why can't you send the iperf traffic to another IP address instead of B's address? – wurtel Jun 25 '15 at 12:41
  • This is a simplified model of the setup, but essentially, I need the iperf traffic to go from A to B because I want to measure loss at B on this route. When I try a TCP connection, A sends a SYN to B, then B sends ARP requests to A but no SYNACK or anything, and a connection is never made. – Ashkay Jun 25 '15 at 13:58
  • My point is that if you send to address C, you can have your userspace program listen on C and then it could forward the data onwards to B, no need for diverting all traffic to B. – wurtel Jun 26 '15 at 06:41

0 Answers0