Re: cipe-win32 not answering, am I stupid???|
Erik Wallin <erikw,AT,sec,DOT,se>|
Sun, 29 Apr 2001 20:00:14 +0200|
> > (Don't worry this will be fixed in a later release. :-)
> Oh, so I am not the only one with the problem?
Well I don't know. I was referring to the problem of computers being stupid
that may improve in later version of your computer. Sorry, I'll never try to
funny again. Promise.:-)
Anyway. I think you might have spotted a problem in CIPE Win32.
Your home Linux machine does not have a fixed IP address if I understand
right. When it connects to the W2K machine, the cipe-server on the W2K will
a new peer IP and port number. It will register this and start using it for
traffic from the W2K to the home Linux. At least this is what is supposed to
happen. But, I'm not sure this has been implemented yet.
Of course, if the IP of your home Linux changes without any traffic from it,
machine with fixed IP (your W2K) won't be able to reach it.
To see this in action - look in the log-files of a working Linux-CIPE. You'll
a message saying something like "New peer 123.456.789.123 port 4711"
peer gets a new IP or when it connects for the first time.
> But I am sorry, I REALLY AM stupid, since I changed the addresses in the
> netstat result (did not want to show my work address, but I made a mistake
> the first line and forgot changing it, well... :-)
No problem, I just wanted to verify this before I gave you a definite answer.
> > Can you ping the Linux-machine on the physical inteface from the Win2K
> > machine?
> No, the Linux-machine does not reply to echo requests, I made our firewall
> not answering them. But I swear the port 1716 is open! :-)
I guess this is not a problem since the Linux-machine can send packets to the
machine. So the port must be open.
> > What does tracert say when you do a trace from the W2K to the Linux?
> Traceroute done from a Sun in the same subnet, since I am at home now.
> traceroute to p3E9ED073.dip.t-dialin.net (22.214.171.124) 30 hops max, 38
> byte packets
> 1 csr1cz.lrz-muenchen.de (126.96.36.199) 1.90 ms 78.5 ms 0.897 ms
> 14 p3E9ED073.dip.t-dialin.net (188.8.131.52) 72.2 ms (ttl=243!) 67.8 ms
> (ttl=243!) 68.6 ms (ttl=243!)
Seems ok to me.
> > What networks do you have (including router address and netmask)?
> Work: 184.108.40.206/24, my address is assigned by DHCP, usually host 68 (but
> only when I am working there, laptop), router 254
Ok, so you don't have any PAT (IP masquerading) in the firewall?
> Home: dynamic IP, get it over PPPoE, MTU of ppp0 is 1492
Ok, this might be the problem. If CIPE Win32 doesn't register the adress of
peer dynamically it would give the same symptoms that you are describing.
> > What are the physical/PPP interfaces on the three computers?
> ppp0 via PPPoE (DSL) over a 3com card (eth1 below) (using rp-pppoe from
> roaring penguin)
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:220.127.116.11 P-t-P:192.168.254.1
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
> RX packets:202804 errors:0 dropped:0 overruns:0 frame:0
> TX packets:142381 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:3
> eth1 is directly plugged into a DSL-modem and gets raw PPPoE data
> eth1 Link encap:Ethernet HWaddr 00:10:5A:XX:XX:XX
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:666678 errors:0 dropped:0 overruns:0 frame:0
> TX packets:413166 errors:0 dropped:0 overruns:0 carrier:0
> collisions:19 txqueuelen:100
> Interrupt:12 Base address:0x330
Ok, just wanted to understand if you are on a local net, but you are not.
> Work (my laptop): Win2K with an Intel 8255x
> ipconfig /all returns the following:
> Ethernetadapter "Ethernet":
> Verbindungsspezifisches DNS-Suffix: home
> Beschreibung. . . . . . . . . . . : Intel 8255x-basierter
> PCI-Ethernetadapter (10/100)
> Physikalische Adresse . . . . . . : 00-00-XX-XX-XX-XX
> DHCP-aktiviert. . . . . . . . . . : Ja
> Autokonfiguration aktiviert . . . : Ja
> IP-Adresse. . . . . . . . . . . . : 18.104.22.168
> Subnetzmaske. . . . . . . . . . . : 255.255.255.0
> Standardgateway . . . . . . . . . : 22.214.171.124
> DHCP-Server . . . . . . . . . . . : 129.187.12.XXX
> DNS-Server. . . . . . . . . . . . : 126.96.36.199
Ok. Now I understand the connections.
> Second working Linux machine:
> eth1 Link encap:Ethernet HWaddr 00:00:XX:XX:XX:XX
> inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:202371 errors:0 dropped:0 overruns:0 frame:0
> TX packets:162468 errors:0 dropped:0 overruns:0 carrier:0
> collisions:4 txqueuelen:100
> Interrupt:11 Base address:0x2000
> This machine is behind a Netpipe DSL router which does NAT, eth1 gets normal
> ethernet data and their public address is mapped to the 192.168.0.2.
Ok, so this machine has a public address. When you connect to that using your
home-Linux it works?
Can you connect the second Linux machine to the W2K machine? That would verify
that the problem is in the dynamically assigned IP.
I'll eventually get to that part of the CIPE Win32-code, so I might have an
answer. I'm reviewing (on my own initiative) the code to try to find
bugs in order to improve the stability. Right now however I'm focusing on the
driver (the part of the code that goes into the kernel) to make sure it
crash the OS. The next step is to look at the service which does the actual
Let me know how you do, and if you solve the problem.