Subject: Re: [44net] Iperf server for public use From: "Marc, LX1DUC" lx1duc@laru.lu Date: 07/24/2015 09:44 PM
To: AMPRNet working group 44net@hamradio.ucsd.edu
I have a BGP feed and the IPIP mesh (loaded from API).
These are the relevant routing entries for 44.137.40.2.
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADb 0.0.0.0/0 46.29.abc.xyz 250 1 A S 44.137.0.0/16 ampr-213.222.de... 210 2 Db 44.137.0.0/16 46.29.abc.xyz 250 3 A S 44.137.40.2/32 ampr-89.18.def.ghi 210
Rule #0 and #2 are BGP routes, rule #1 and #3 are static rules added via script parsing API output.
As you can see I prefer IPIP routes over BGP.
Traceroute looks fine:
marconi:~# traceroute -I 44.137.40.2 traceroute to 44.137.40.2 (44.137.40.2), 30 hops max, 60 byte packets 1 lx0bgp-18.ampr.org (44.161.204.1) 0.390 ms 0.493 ms 0.652 ms 2 tunnels.lx0bgp.ampr.org (44.161.230.255) 7.681 ms 7.743 ms 7.878 ms 3 sys2.pe1chl.ampr.org (44.137.40.2) 24.655 ms 24.666 ms 25.041 ms
73 de Marc, LX1DUC
Hi Marc,
I can ping you OK from both systems. What you tried above is via tunnel, and e.g. to 44.137.0.1 can be via BGP or Tunnel. Both will work.
But when I ping Brian N1URO from 44.137.0.1 I see the outgoing traffic via tunnel and I never see a reply coming back. No idea what is wrong. It cannot be a firewall at my end because I would see the reply when tracing (tshark operates before the filter).
Interesting is that he can ping me. And I can communicate with many systems, both those that use tunnels and those that have direct BGP routing. No idea where the issue is.
Rob
I am seeing the exact same thing with brian as well. Last week he was able to ping me 44.56.6.1-3 is what I had him test, but I am not able to ping him, but others I can. I can't see his services on the 44 net either.
I also see some people using the 44 network for asterisk repeaters. I can not ping them inside the network at all. I can see them outside but not inside. Are there just a lot of people not routing right? I mean if I am on the 44 network and can't reach them but I can in the public, that just doesn't sound right to me.
Corey. N3FE
On Jul 25, 2015, at 3:12 PM, Rob Janssen pe1chl@amsat.org wrote:
(Please trim inclusions from previous messages) _______________________________________________
Subject: Re: [44net] Iperf server for public use From: "Marc, LX1DUC" lx1duc@laru.lu Date: 07/24/2015 09:44 PM
To: AMPRNet working group 44net@hamradio.ucsd.edu
I have a BGP feed and the IPIP mesh (loaded from API).
These are the relevant routing entries for 44.137.40.2.
# DST-ADDRESS PREF-SRC GATEWAY DISTANCE 0 ADb 0.0.0.0/0 46.29.abc.xyz 250 1 A S 44.137.0.0/16 ampr-213.222.de... 210 2 Db 44.137.0.0/16 46.29.abc.xyz 250 3 A S 44.137.40.2/32 ampr-89.18.def.ghi 210
Rule #0 and #2 are BGP routes, rule #1 and #3 are static rules added via script parsing API output.
As you can see I prefer IPIP routes over BGP.
Traceroute looks fine:
marconi:~# traceroute -I 44.137.40.2 traceroute to 44.137.40.2 (44.137.40.2), 30 hops max, 60 byte packets 1 lx0bgp-18.ampr.org (44.161.204.1) 0.390 ms 0.493 ms 0.652 ms 2 tunnels.lx0bgp.ampr.org (44.161.230.255) 7.681 ms 7.743 ms 7.878 ms 3 sys2.pe1chl.ampr.org (44.137.40.2) 24.655 ms 24.666 ms 25.041 ms
73 de Marc, LX1DUC
Hi Marc,
I can ping you OK from both systems. What you tried above is via tunnel, and e.g. to 44.137.0.1 can be via BGP or Tunnel. Both will work.
But when I ping Brian N1URO from 44.137.0.1 I see the outgoing traffic via tunnel and I never see a reply coming back. No idea what is wrong. It cannot be a firewall at my end because I would see the reply when tracing (tshark operates before the filter).
Interesting is that he can ping me. And I can communicate with many systems, both those that use tunnels and those that have direct BGP routing. No idea where the issue is.
Rob
Does traceroute tell you where the routing stops?
- Richard, VE7CVS
On 7/25/15 2:04 PM, Corey Dean wrote:
(Please trim inclusions from previous messages) _______________________________________________ I am seeing the exact same thing with brian as well. Last week he was able to ping me 44.56.6.1-3 is what I had him test, but I am not able to ping him, but others I can. I can't see his services on the 44 net either.
I also see some people using the 44 network for asterisk repeaters. I can not ping them inside the network at all. I can see them outside but not inside. Are there just a lot of people not routing right? I mean if I am on the 44 network and can't reach them but I can in the public, that just doesn't sound right to me.
Corey. N3FE
Nope. Stops at my gateway and goes no further. I will have to log into the gateway and look at the route.
Corey
On Jul 25, 2015, at 9:34 PM, Richard Chycoski ve7cvs@chycoski.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ Does traceroute tell you where the routing stops?
- Richard, VE7CVS
On 7/25/15 2:04 PM, Corey Dean wrote: (Please trim inclusions from previous messages) _______________________________________________ I am seeing the exact same thing with brian as well. Last week he was able to ping me 44.56.6.1-3 is what I had him test, but I am not able to ping him, but others I can. I can't see his services on the 44 net either.
I also see some people using the 44 network for asterisk repeaters. I can not ping them inside the network at all. I can see them outside but not inside. Are there just a lot of people not routing right? I mean if I am on the 44 network and can't reach them but I can in the public, that just doesn't sound right to me.
Corey. N3FE
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
this is what a traceroute shows to n1uro.ampr.org (all the following is being done from the gateway machine)
root@stimpy:~# traceroute 44.88.0.9 traceroute to 44.88.0.9 (44.88.0.9), 30 hops max, 60 byte packets 1 * * * 2 * * * 3 * * *
This is what the ip route shows. root@stimpy:~# ip route show table 44 | grep 44.88.0 44.88.0.0/27 via 76.28.121.159 dev tunl0 proto 44 onlink window 840 44.88.0.2 via 76.28.121.159 dev tunl0 proto 44 onlink window 840 44.88.0.192/29 via 76.28.121.159 dev tunl0 proto 44 onlink window 840 44.88.0.200 via 66.162.28.8 dev tunl0 proto 44 onlink window 840 44.88.0.201 via 66.162.28.8 dev tunl0 proto 44 onlink window 840
Now if I traceroute 44.137.0.1, here is the result.
root@stimpy:~# traceroute 44.137.0.1 traceroute to 44.137.0.1 (44.137.0.1), 30 hops max, 60 byte packets 1 gw-44-137.ampr.org (44.137.0.1) 96.312 ms 96.248 ms 96.257 ms
root@stimpy:~# ip route show table 44 | grep 44.137.0 44.137.0.0/16 via 213.222.29.194 dev tunl0 proto 44 onlink window 840 44.137.0.49 via 77.175.246.216 dev tunl0 proto 44 onlink window 840
I have tested with some others on the list and I have no problems, but that doesn't explain how n1uro can ping me, but I can't ping him.
Corey N3FE
On Sat, Jul 25, 2015 at 9:34 PM, Richard Chycoski ve7cvs@chycoski.com wrote:
(Please trim inclusions from previous messages) _______________________________________________ Does traceroute tell you where the routing stops?
- Richard, VE7CVS
On 7/25/15 2:04 PM, Corey Dean wrote:
(Please trim inclusions from previous messages) _______________________________________________ I am seeing the exact same thing with brian as well. Last week he was able to ping me 44.56.6.1-3 is what I had him test, but I am not able to ping him, but others I can. I can't see his services on the 44 net either.
I also see some people using the 44 network for asterisk repeaters. I can not ping them inside the network at all. I can see them outside but not inside. Are there just a lot of people not routing right? I mean if I am on the 44 network and can't reach them but I can in the public, that just doesn't sound right to me.
Corey. N3FE
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
-
Corey Dean -
Richard Chycoski -
Rob Janssen