|
To: |
cipe-l,AT,inka,DOT,de |
|
Subject: |
Establishing tunnel fails (after working for weeks) |
|
From: |
Marius Flage <marius,AT,flage,DOT,nu> |
|
Date: |
Tue, 2 Dec 2003 02:04:36 +0100 (CET) |
Hi there
I'm experiencing problems establishing a tunnel between a NAT-ed box and
a server on the inet.
Both versions are 1.5.4 compiled from source and 2.4.22.
When I issue pkcipe -c remote:pkcipe on the NAT-ed box I get the
following in syslog:
(client)
Dec 2 01:57:33 hobbiton pkcipe[18942]: starting /usr/local/sbin/ciped-cb for
peer tahiti
Dec 2 01:57:33 hobbiton ciped-cb[18944]: CIPE daemon vers 1.5.4 (c) Olaf
Titz 1996-2000
Dec 2 01:57:33 hobbiton kernel: cipcb: read_lock(&tasklist_lock) at
../cipe/device.c:216
Dec 2 01:57:33 hobbiton kernel: cipcb: read_unlock(&tasklist_lock) at
../cipe/device.c:220
Dec 2 01:57:33 hobbiton ciped-cb[18944]: kxchg: recv: Connection refused
Dec 2 01:57:33 hobbiton last message repeated 2 times
Dec 2 01:58:03 hobbiton ciped-cb[18944]: keepalive timeout
Dec 2 01:58:03 hobbiton ciped-cb[18944]: Interface stats 0 0
0 0 0 0 0 0 0 0 0 0 0 0
0 0
Dec 2 01:58:03 hobbiton ciped-cb[18944]: KX stats: rreq=0, req=1, ind=0,
indb=0, ack=0, ackb=0, unknown=0
Dec 2 01:58:03 hobbiton ciped-cb[18944]: cipcb0: daemon exiting
Dec 2 01:58:03 hobbiton kernel: cipcb: read_lock(&tasklist_lock) at
../cipe/device.c:216
Dec 2 01:58:03 hobbiton kernel: cipcb: read_unlock(&tasklist_lock) at
../cipe/device.c:220
(server)
Dec 2 01:57:31 tahiti pkcipe[2838]: connect from <client's official ip>
Dec 2 01:57:33 tahiti pkcipe[2838]: starting /usr/local/sbin/ciped-cb for
peer hobbiton
Dec 2 01:57:33 tahiti ciped-cb[2840]: CIPE daemon vers 1.5.4 (c) Olaf Titz
1996-2000
Dec 2 01:57:33 tahiti kernel: cipcb0: alloc
Dec 2 01:57:33 tahiti kernel: cipcb: read_lock(&tasklist_lock) at
../cipe/device.c:216
Dec 2 01:57:33 tahiti kernel: cipcb: read_unlock(&tasklist_lock) at
../cipe/device.c:220
Dec 2 01:57:33 tahiti kernel: cipcb0: setpar
Dec 2 01:57:33 tahiti kernel: cipcb0: setpar 0.0.0.0:0 1000 60000 0200 0
Dec 2 01:57:33 tahiti kernel: cipcb0: setkey
Dec 2 01:57:33 tahiti kernel: cipcb0: attach
Dec 2 01:57:33 tahiti kernel: cipcb0: opened
Dec 2 01:57:33 tahiti kernel: cipcb0: cipe_sendmsg
Dec 2 01:57:33 tahiti kernel: ip_finish_output: bad owned skb = c3a8ea40:
POST_ROUTING
Dec 2 01:57:33 tahiti kernel: skb: pf=2 (owned) dev=eth0 len=92
Dec 2 01:57:33 tahiti kernel: PROTO=17 <server>:1103 <client>:61953 L=92
S=0x00 I=55150 F=0x4000 T=64
Dec 2 01:57:33 tahiti kernel: cipcb0: cipe_recvmsg
Dec 2 01:57:52 tahiti kernel: cipcb1: cipe_recvmsg
Dec 2 01:58:03 tahiti kernel: cipcb0: cipe_sendmsg
Dec 2 01:58:03 tahiti kernel: ip_finish_output: bad owned skb = c7d7d140:
POST_ROUTING
Dec 2 01:58:03 tahiti kernel: skb: pf=2 (owned) dev=eth0 len=188
Dec 2 01:58:03 tahiti kernel: PROTO=17 <server>:1103 <client>:61953 L=188
S=0x00 I=55152 F=0x4000 T=64
Dec 2 01:58:03 tahiti kernel: cipcb0: cipe_recvmsg
Dec 2 01:58:03 tahiti kernel: cipcb0: cipe_sendmsg
Dec 2 01:58:03 tahiti kernel: ip_finish_output: bad owned skb = c7d7d140:
POST_ROUTING
Dec 2 01:58:03 tahiti kernel: skb: pf=2 (owned) dev=eth0 len=380
Dec 2 01:58:03 tahiti kernel: PROTO=17 <server>:1103 <client>:61953 L=380
S=0x00 I=55153 F=0x4000 T=64
Dec 2 01:58:03 tahiti kernel: cipcb0: setkey
Dec 2 01:58:03 tahiti kernel: cipcb0: cipe_recvmsg
Dec 2 01:58:23 tahiti ciped-cb[2840]: keepalive timeout
Dec 2 01:58:23 tahiti kernel: cipcb0: cipe_recvmsg
And then the interface dies on the client end, but it still stays up on
the server.
I can establish connections between other boxes (both NAT-ed and not) to
the server, so I'm guessing the problem is at the client end. Anyone
that can shed some light on this issue?
I've got:
pkcipe 963/tcp # pkcipe
in /etc/services on both sides, so I have the correct port#.
Great thanks in advance
Marius