OpenVZ Forum: Support » NATed GRE packets does not reach VETH (NAT,GRE,VETH)

Home » General » Support » NATed GRE packets does not reach VETH (NAT,GRE,VETH)

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: NATed GRE packets does not reach VETH (NAT,GRE,VETH) [message #33713 is a reply to message #33695]

Sun, 02 November 2008 18:54

a1bert
Messages: 9
Registered: October 2007
Location: .cz

Junior Member

maratrus wrote on Fri, 31 October 2008 11:07

- are we talking about VE? Are previous outputs from inside the VE?

yes, it's all from inside VE

maratrus wrote on Fri, 31 October 2008 11:07

- could you please show "ip a l" from inside the VE and also "ip rule list".

1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: venet0: <BROADCAST,POINTOPOINT,NOARP> mtu 1500 qdisc noop 
    link/void 
3: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc noqueue 
    link/ether 00:19:51:32:02:01 brd ff:ff:ff:ff:ff:ff
    inet 10.24.127.8/24 brd 10.24.127.255 scope global eth0
    inet 2.2.2.2/27 scope global eth0 
    inet6 fe80::219:51ff:fe32:201/64 scope link 
       valid_lft forever preferred_lft forever

2.2.2.2 is on different A network than 1.1.1.1

there is no special source routing:

# ip ru
0:      from all lookup 255 
32766:  from all lookup main 
32767:  from all lookup default

Quote:

- I don't quite understand the following thing: have you masked ip address "1.1.1.1" that are shown in tcpdump ouput. Should your VE forward that packets?

yes real addres is masked as 1.1.1.1 and is routable , everything works except proto 47 (GRE) packets. NATed ip is trying to establish pptp connection with 1.1.1.1, tcp handshake (port 1723) is succesfully established but not GRE ...

Quote:

- why do you need "-A POSTROUTING -s 10.24.127.8 -o eth0 -j RETURN " rule?

to not to NAT locally originating packets (10.24.127.8 is bind on eth0 interface)

Quote:

- could you please show "ip r get "1.1.1.1""

ip ro get 1.1.1.1
1.1.1.1 via 10.24.127.1 dev eth0  src 10.24.127.8 
    cache  mtu 1500 advmss 1460 hoplimit 64

As I said above 1.1.1.1 is routable , everything (UDP,TCP,ICMP) works except GRE

Quote:

- could you please also run tcpdump on lo interface

I have tried also lo, no GRE packets enters lo interface, GRE packets just disapear Sad

, that is why I have created this thread

Report message to a moderator

[Message index]

		NATed GRE packets does not reach VETH (NAT,GRE,VETH) By: a1bert on Fri, 31 October 2008 12:10
		Re: NATed GRE packets does not reach VETH (NAT,GRE,VETH) By: maratrus on Fri, 31 October 2008 13:47
		Re: NATed GRE packets does not reach VETH (NAT,GRE,VETH) By: a1bert on Fri, 31 October 2008 14:36
		Re: NATed GRE packets does not reach VETH (NAT,GRE,VETH) By: maratrus on Fri, 31 October 2008 16:07
		Re: NATed GRE packets does not reach VETH (NAT,GRE,VETH) By: a1bert on Sun, 02 November 2008 18:54

Previous Topic:	SSH and IPTABLES
Next Topic:	Install OS without a OSTemplate?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Sun Sep 01 21:52:04 GMT 2024

Total time taken to generate the page: 0.05651 seconds