On 25/01/2020 00:34, Steve L via 44Net wrote:
Bill,
What does your start script with your ip routes and ip rules look like? Something is wrong in there. What Lynwood said, that error means a non-44 ip is leaking over your tunnel. And the ucsd router is dropping it (a good thing)
Hi, Thanks for looking. Here's my startup:
#!/bin/sh /usr/local/sbin/amprd sleep 15 iptables -A INPUT -iampr0 -ptcp --dport 22 -j ACCEPT iptables -A INPUT -iampr0 -ptcp --dport 80 -j ACCEPT iptables -A INPUT -iampr0 -ptcp --dport 119 -j ACCEPT iptables -A INPUT -iampr0 -picmp -j ACCEPT iptables -A INPUT -iampr0 -j DROP exit 0
And the /etc/amprd.conf:
[ampr0] prefix = 44.131.170.1 rip_receive = yes rip_save = yes rip_password = rip_ignore = 90.155.50.1 call_home = M1BKF@JO02pp
Can you get a reply ping from 44.92.21.50? This is a host of mine that is only reachable via an amprnet tunnel And 44.92.21.35 should be reachable from everywhere
The interface, ifconfig ampr0:
ampr0: flags=4291<UP,BROADCAST,RUNNING,NOARP,MULTICAST> mtu 1500 inet 44.131.170.1 netmask 255.0.0.0 broadcast 44.255.255.255 inet6 fe80::9061:b6ff:fe6e:dfe prefixlen 64 scopeid 0x20<link> ether 92:61:b6:6e:0d:fe txqueuelen 1000 (Ethernet) RX packets 332930 bytes 112896180 (107.6 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 75117 bytes 5880354 (5.6 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Some pings:
ping -c3 -Iampr0 44.92.21.50 PING 44.92.21.50 (44.92.21.50) from 44.131.170.1 ampr0: 56(84) bytes of data. --- 44.92.21.50 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2042ms
ping -c3 -Iampr0 44.92.21.35 PING 44.92.21.35 (44.92.21.35) from 44.131.170.1 ampr0: 56(84) bytes of data. --- 44.92.21.35 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2080ms
ping -c3 -Ieth0 44.92.21.35 PING 44.92.21.35 (44.92.21.35) from 192.168.1.2 eth0: 56(84) bytes of data. 64 bytes from 44.92.21.35: icmp_seq=1 ttl=51 time=211 ms 64 bytes from 44.92.21.35: icmp_seq=2 ttl=51 time=211 ms 64 bytes from 44.92.21.35: icmp_seq=3 ttl=51 time=213 ms --- 44.92.21.35 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 211.747/212.304/213.251/0.673 ms
ping -c3 -Iampr0 44.0.0.1 PING 44.0.0.1 (44.0.0.1) from 44.131.170.1 ampr0: 56(84) bytes of data. 64 bytes from 44.0.0.1: icmp_seq=1 ttl=62 time=145 ms 64 bytes from 44.0.0.1: icmp_seq=2 ttl=62 time=145 ms 64 bytes from 44.0.0.1: icmp_seq=3 ttl=62 time=145 ms --- 44.0.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 145.258/145.636/145.984/0.531 ms
And the routing:
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 44.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 ampr0 44.94.17.129 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 44.130.104.1 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 44.130.105.1 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 44.130.106.1 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 44.130.107.1 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 vk4aa.ampr.org 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
So something's not right, and I thought this was working!
Bill (M1BKF)