7

I have two machines each with two valid network interfaces, an Ethernet interface eth0 and a tun/tap interface gr0. The goal is to start a TCP connection on machine A using interface gr0 but then have the responses (ACKs, etc) from machine B come back over the Ethernet interface, eth0. So, machine A sends out a SYN on gr0 and machine B receives the SYN on its own gr0 but then sends its SYN/ACK back through eth0. The tun/tap device is a GNU Radio wireless link and we just want the responses to come through the Ethernet.

What's the easiest way to accomplish this? I need to research more on TCP/IP, but I was initially thinking that source-spoofing outgoing packets would tell the receiver to respond to the spoofed address (which should get routed to eth0). This would involve routing the IPs from the tun/tap interfaces through gr0 and leave the other traffic to eth0.

We are using Linux and a Python solution would be preferable.

Thanks for looking!

Mr. Shickadance
  • 5,283
  • 9
  • 45
  • 61
  • Also, what is a good method of identifying what the kernel does with a received packet? Does it discard it? Send it to `/dev/null`? Yes, this is probably better as a separate question. – Mr. Shickadance May 25 '11 at 14:19
  • Output of `netstat -s` might give you an idea of what kernel does with the packets (dropped/delivered/connection counts), though on aggregate level only. Use `tcpdump` or `wireshark` to look at what's going on on the wire. – Nikolai Fetissov May 25 '11 at 14:30
  • 1
    Well, with my spoofing approached, I see the packets received, but no response is generated. It seems as though the kernel silently discards the packets for some reason. – Mr. Shickadance May 25 '11 at 14:37
  • 2
    I bet you'll find that asymmetric routing like this is either (a) not possible, or (b) such a hassle that it's not worth the trouble. I'd be curious to hear why you [think you] need it. – Nikolai Fetissov May 25 '11 at 14:49
  • I think you are right that it is not worth the hassle. To satisfy your curiosity: we are testing a GNU Radio program which tunnels IP traffic over a wireless radio link. We are currently having problems where we have many duplicate ACKs and retransmissions. It was suggested to us that routing responses back over Ethernet would allows us to further identify the core problem. While it was a knowledgeable networking person that made the suggestion, I don't think he fully thought through the steps involved to perform such routing. – Mr. Shickadance May 25 '11 at 14:59
  • is there any natting/load balancing going on anywhere? if so, the async routes will upset whatever is doing that. – linuts May 25 '11 at 22:39

2 Answers2

5

You could add an additional address to the lo interface on each system and use these new addresses as the TCP connection endpoints. You can then use static routes to direct which path each machine takes to get to the other machine's lo address.

For example:

Machine A:
  ip addr add 1.1.1.1/32 dev lo
  ip route add 2.2.2.2/32 dev eth0 via <eth0 default gateway>

Machine B:
  ip addr add 2.2.2.2/32 dev lo
  ip route add 1.1.1.1/32 dev gr0

Then bind to 1.1.1.1 on machine A and connect to 2.2.2.2.

eater
  • 2,697
  • 1
  • 21
  • 24
2

You may be interested in enabling logging of martian packets net.ipv4.conf.all.log_martians, and disable reverse path filtering net.ipv4.conf.<interface>.rp_filter on the affected interfaces.

This sysctl vars are accesible via the sysctl utility and/or the /proc filesystem.

ninjalj
  • 42,493
  • 9
  • 106
  • 148