I'm curious as to how long you waited when trying port 25. There is a five-second delay after the connection is established before it issues the 220 greeting
I noticed that. But on 44.137.40.2 the TCP connection does not even establish.
I tried from home (44.137.41.97) and from the gw-44-137 (44.137.0.1) and both were able to connect:
telnet 44.0.0.1 25 Trying 44.0.0.1... Connected to 44.0.0.1. Escape character is '^]'. 220 gw.ampr.org ESMTP Sendmail 8.15.2/8.15.2; Thu, 13 Jul 2017 09:20:58 -0700 (PDT) quit 221 2.0.0 gw.ampr.org closing connection Connection closed by foreign host.
However, on 44.137.40.2:
telnet 44.0.0.1 25 Trying 44.0.0.1...
(and nothing more. probably an error when I wait a minute or so)
When running tshark on tunl0 I see the SYN+ACK packets from 44.0.0.1 to 44.137.40.2 and when I do an insert of a rule matching source address 44.0.0.1 before all other firewall rules I see it matching, but still no ACK is going back. I have no idea what is going on there. Ping works OK.
Rob
Maybe the problem lies in the return path. It goes out one path (ipip) and comes back on another interface (via bgp routing) which makes almost all statefull firewalls and operating systems go bonkers and drop the packet?
Ruben - ON3RVH
On 13 Jul 2017, at 19:07, Rob Janssen pe1chl@amsat.org wrote:
I'm curious as to how long you waited when trying port 25. There is a five-second delay after the connection is established before it issues the 220 greeting
I noticed that. But on 44.137.40.2 the TCP connection does not even establish.
I tried from home (44.137.41.97) and from the gw-44-137 (44.137.0.1) and both were able to connect:
telnet 44.0.0.1 25 Trying 44.0.0.1... Connected to 44.0.0.1. Escape character is '^]'. 220 gw.ampr.org ESMTP Sendmail 8.15.2/8.15.2; Thu, 13 Jul 2017 09:20:58 -0700 (PDT) quit 221 2.0.0 gw.ampr.org closing connection Connection closed by foreign host.
However, on 44.137.40.2:
telnet 44.0.0.1 25 Trying 44.0.0.1...
(and nothing more. probably an error when I wait a minute or so)
When running tshark on tunl0 I see the SYN+ACK packets from 44.0.0.1 to 44.137.40.2 and when I do an insert of a rule matching source address 44.0.0.1 before all other firewall rules I see it matching, but still no ACK is going back. I have no idea what is going on there. Ping works OK.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
The strange thing is that ping works ok when TCP doesn't connect. My first suspicion would be a stateful firewall, but I'm sure you checked that. Could it be a TTL problem? I'm just guessing here. - Brian
On Thu, Jul 13, 2017 at 07:07:21PM +0200, Rob Janssen wrote:
I'm curious as to how long you waited when trying port 25. There is a five-second delay after the connection is established before it issues the 220 greeting
I noticed that. But on 44.137.40.2 the TCP connection does not even establish.
I tried from home (44.137.41.97) and from the gw-44-137 (44.137.0.1) and both were able to connect:
telnet 44.0.0.1 25 Trying 44.0.0.1... Connected to 44.0.0.1. Escape character is '^]'. 220 gw.ampr.org ESMTP Sendmail 8.15.2/8.15.2; Thu, 13 Jul 2017 09:20:58 -0700 (PDT) quit 221 2.0.0 gw.ampr.org closing connection Connection closed by foreign host.
However, on 44.137.40.2:
telnet 44.0.0.1 25 Trying 44.0.0.1...
(and nothing more. probably an error when I wait a minute or so)
When running tshark on tunl0 I see the SYN+ACK packets from 44.0.0.1 to 44.137.40.2 and when I do an insert of a rule matching source address 44.0.0.1 before all other firewall rules I see it matching, but still no ACK is going back. I have no idea what is going on there. Ping works OK.
Rob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
-
Brian Kantor -
Rob Janssen -
Ruben ON3RVH