13 Jul
2017
13 Jul
'17
12:45 p.m.
Maybe the problem lies in the return path. It goes out one path (ipip) and comes back on
another interface (via bgp routing) which makes almost all statefull firewalls and
operating systems go bonkers and drop the packet?
Ruben - ON3RVH
On 13 Jul 2017, at 19:07, Rob Janssen <pe1chl(a)amsat.org> wrote:
I'm
curious as to how long you waited when trying port 25. There
is a five-second delay after the connection is established before
it issues the 220 greeting
I noticed that. But on 44.137.40.2 the TCP connection does not even
establish.
I tried from home (44.137.41.97) and from the gw-44-137 (44.137.0.1)
and both were able to connect:
telnet 44.0.0.1 25
Trying 44.0.0.1...
Connected to 44.0.0.1.
Escape character is '^]'.
220 gw.ampr.org ESMTP Sendmail 8.15.2/8.15.2; Thu, 13 Jul 2017 09:20:58 -0700 (PDT)
quit
221 2.0.0 gw.ampr.org closing connection
Connection closed by foreign host.
However, on 44.137.40.2:
telnet 44.0.0.1 25
Trying 44.0.0.1...
(and nothing more. probably an error when I wait a minute or so)
When running tshark on tunl0 I see the SYN+ACK packets from 44.0.0.1 to 44.137.40.2
and when I do an insert of a rule matching source address 44.0.0.1 before all
other firewall rules I see it matching, but still no ACK is going back.
I have no idea what is going on there. Ping works OK.
Rob
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net