All,
So, I managed to make the working IP Rule for my gateway - but I am not receiving reply
traffic from
ns.ardc.net. It confused me for a day or so. The same appears to be occurring
with DNS. I'm wondering if anyone else is experiencing it:
---
config rule
option dest '44.1.1.44/32'
option lookup '44'
option priority '21'
option in 'loopback'
---
root@OpenWrt:~# tcpdump -vvvn -i tunl0 udp and port 123 and host 44.1.1.44
tcpdump: listening on tunl0, link-type RAW (Raw IP), snapshot length 262144 bytes
07:07:41.623308 IP (tos 0x48, ttl 64, id 33889, offset 0, flags [DF], proto UDP (17),
length 76)
44.60.44.254.37651 > 44.1.1.44.123: [bad udp cksum 0x86b0 -> 0x977a!] NTPv4,
Client, length 48
Leap indicator: (0), Stratum 0 (unspecified), poll 0 (1s), precision 0
Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID: (unspec)
Reference Timestamp: 0.000000000
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 4164246549.287667102 (2031-12-17T07:09:09Z)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 4164246549.287667102 (2031-12-17T07:09:09Z)
---
root@OpenWrt:~# ping 44.1.1.44 -I tunl0 -c 4
PING 44.1.1.44 (44.1.1.44): 56 data bytes
--- 44.1.1.44 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
---
root@OpenWrt:~# tcpdump -vvvn -i tunl0 host 44.1.1.44
tcpdump: listening on tunl0, link-type RAW (Raw IP), snapshot length 262144 bytes
07:19:43.277743 IP (tos 0x0, ttl 64, id 6493, offset 0, flags [DF], proto ICMP (1), length
84)
44.60.44.254 > 44.1.1.44: ICMP echo request, id 14603, seq 0, length 64
07:19:44.278254 IP (tos 0x0, ttl 64, id 6512, offset 0, flags [DF], proto ICMP (1), length
84)
44.60.44.254 > 44.1.1.44: ICMP echo request, id 14603, seq 1, length 64
07:19:45.278696 IP (tos 0x0, ttl 64, id 6558, offset 0, flags [DF], proto ICMP (1), length
84)
44.60.44.254 > 44.1.1.44: ICMP echo request, id 14603, seq 2, length 64
07:19:46.279205 IP (tos 0x0, ttl 64, id 6589, offset 0, flags [DF], proto ICMP (1), length
84)
44.60.44.254 > 44.1.1.44: ICMP echo request, id 14603, seq 3, length 64
---
DNS seems to also have an issue (note: the IP Rule didn't affect DNS-MDC traffic, as
the inbound interface != lo):
07:21:11.105609 IP (tos 0x0, ttl 63, id 21778, offset 0, flags [none], proto UDP (17),
length 65)
44.60.44.3.61466 > 44.1.1.44.53: [udp sum ok] 50184 SOA? 108.44.in-addr.arpa. (37)
07:21:13.949674 IP (tos 0x0, ttl 63, id 22073, offset 0, flags [none], proto UDP (17),
length 80)
44.60.44.3.61466 > 44.1.1.44.53: [udp sum ok] 61634 [1au] SOA? 114.44.in-addr.arpa.
ar: . OPT UDPsize=2048 [EXPIRE] (52)
07:21:24.369570 IP (tos 0x0, ttl 63, id 22677, offset 0, flags [none], proto UDP (17),
length 65)
44.60.44.3.61466 > 44.1.1.44.53: [udp sum ok] 64002 SOA? 168.44.in-addr.arpa. (37)
07:21:28.957619 IP (tos 0x0, ttl 63, id 23673, offset 0, flags [none], proto UDP (17),
length 65)
44.60.44.3.61466 > 44.1.1.44.53: [udp sum ok] 24199 SOA? 114.44.in-addr.arpa. (37)
- KB3VWG