Develop Reference

Can not read packets from a tun interface

My plan is to read from one tun interface and write to another.
Here are my command when I set up the interface:
sudo ip tuntap add dev router0 mod tun
sudo ip addr add 10.0.0.138/24 dev router0
sudo ip link set dev router0 up
Here is the output of ip addr show dev router0
8: router0: <NO-CARRIER,POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 500
link/none
inet 10.0.0.138/24 scope global router0
valid_lft forever preferred_lft forever
When I try to ping 10.0.0.138 listen on the interface using tshark via sudo tshark -i router0, nothing happens.
Here is my ping 10.0.0.138 output:
PING 10.0.0.138 (10.0.0.138) 56(84) bytes of data.
64 bytes from 10.0.0.138: icmp_seq=1 ttl=64 time=0.063 ms
64 bytes from 10.0.0.138: icmp_seq=2 ttl=64 time=0.058 ms
Here is my sudo tshark -i router0 output:
Capturing on 'router0'
Nothing is coming through
What is the problem?

Wifi has IP by DHCP but no internet access

I have installed a new USB Wifi network card in Debian 9.
After configuring it, the router assigns me an IP via DHCP but I don't have internet access.
It is the Alpha Network AWUS036NH (Ralink RT3070 Chipset) Wifi network card.
It is on a Debian 9 without a graphical environment.
I have installed the firmware-ralink package and it is using the rt2800usb driver.
I have tried the next commands:
iwconfig
eth1 no wireless extensions.
eth0 no wireless extensions.
wlan0 IEEE 802.11 ESSID:"CAMIONES"
Mode:Managed Frequency:2.437 GHz Access Point: 74:AC:B9:21:3C:E5
Bit Rate=1 Mb/s Tx-Power=20 dBm
Retry short limit:7 RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=70/70 Signal level=-37 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:1 Invalid misc:4 Missed beacon:0
lo no wireless extensions.
ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.80.4.2 netmask 255.255.255.0 broadcast 10.80.4.255
ether 4c:02:89:12:c0:be txqueuelen 1000 (Ethernet)
RX packets 5002 bytes 631414 (616.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5510 bytes 882802 (862.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xd0600000-d06fffff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1 (Local Loopback)
RX packets 6146 bytes 509679 (497.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6146 bytes 509679 (497.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.200.18 netmask 255.255.255.0 broadcast 192.168.200.255
ether 00:c0:ca:5a:00:60 txqueuelen 1000 (Ethernet)
RX packets 8 bytes 1170 (1.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 58 bytes 7704 (7.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.80.4.1 0.0.0.0 UG 0 0 0 eth0
10.80.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
traceroute -i wlan0 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 *^C
I have tried to add a static route so that when I use wlan0 it will find its gateway:
route add default gw 192.168.200.1 dev wlan0
The rule is added but it does not work and I also lose internet access through eth0
ping -c2 -I wlan0 www.google.fr
PING www.google.fr (216.58.209.67) from 192.168.200.18 wlan0: 56(84) bytes of data.
--- www.google.fr ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1032ms
Contents of the configuration files:
/etc/resolv.conf
nameserver 80.58.61.250
nameserver 8.8.8.8
nameserver 80.58.61.254
/etc/network/interfaces.d/wlan0
allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-ssid CAMIONES
wpa-psk pass
gateway 192.168.200.1
dns-nameservers 192.168.200.1
/etc/wpa_supplicant/wpa_supplicant.conf
network={
ssid="CAMIONES"
psk="pass"
}
I have tried connecting to another router and have the same problem.
What problem can I have with the configuration?
Thank you very much.

Your default route is set to go out via eth0 so all traffic will leave the eth0 interface, unless you have a specific(non default) route set to go out via wlan0.
Try this and see if you get a response:
route add -net 8.8.8.0 netmask 255.255.255.0 gw 192.168.200.1 dev wlan0
ping 8.8.8.8

Cannot ping gateway for external Openstack network

I installed Openstack Ansible, Pike version. There is a separate network controller and on it one physical network interface. We created VLAN 139 that leads the traffic to gateway. Config file for that part looks like:
/etc/network/interfaces
...
auto eno1.139
iface eno1.139 inet manual
vlan-raw-device eno1
# OpenStack Networking VLAN bridge
auto br-vlan
iface br-vlan inet manual
bridge_stp off
bridge_waitport 0
bridge_fd 0
bridge_ports eno1.139
We created an external Openstack network using:
openstack network create --external --share --provider-physical-network vlan --provider-network-type vlan --provider-segment 139 provider1
and all the other steps (subnet, router, etc)
As per documentation, first test should be pinging default gateway from router namespace. When I try that it is not working:
root#infra1-neutron-agents-container-e800e983:/# ip netns exec qrouter-eb842b12-9a35-4a93-baa9-38cc73531d9f ping 139.25.25.193
When I do TCP dump on physical network interface of controller node I can see packets going out without any problem:
openstackadmin#clcontroller:~$ sudo tcpdump -i eno1 --immediate-mode -e -n | grep 139.25.25.193
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eno1, link-type EN10MB (Ethernet), capture size 262144 bytes
16:30:09.182894 fa:16:3e:d4:b6:a1 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 50: vlan 139, p 0, ethertype 802.1Q, vlan 139, p 0, ethertype ARP, Request who-has 139.25.25.193 tell 139.25.25.200, length 28
I see ARP request getting to gateway that has 139.25.25.193 and I am trying to ping:
hpadmin#hos-gw01:~$ sudo tcpdump -i any --immediate-mode -e -n | grep 139.25.25.193
[sudo] password for hpadmin:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
15:53:29.857281 B fa:16:3e:d4:b6:a1 ethertype 802.1Q (0x8100), length 62: vlan 139, p 0, ethertype 802.1Q, vlan 139, p 0, ethertype ARP, Request who-has 139.25.25.193 tell 139.25.25.200, length 38
15:53:29.857281 B fa:16:3e:d4:b6:a1 ethertype 802.1Q (0x8100), length 58: vlan 139, p 0, ethertype ARP, Request who-has 139.25.25.193 tell 139.25.25.200, length 38
but what is confusing is my gateway is not responding to those ARP requests.
If I try to do same thing from stand alone Linux machine connected to same network segment and same VLAN everything works perfect.
Any idea what the problem might be? Thanks in advance.

It seems that problem was that external OpenStack network was set up to be on VLAN 139. Once we changed it to be flat everything started working without any problems. I am still confused, though, why gateway did not sent ARP responses.

libvirt DHCP fails from host

I am having trouble setting up a PXE VM. It is sending DHCP requests and the server is sending responses, but the VM does not appear to be processing the response. I am unsure as to the cause.
I did confirm physical machines are working just fine with the same DHCP and PXE settings and the DHCP requests and responses are the same as with the VM.
The DHCP server is provided by MaaS and is on the host.
Below is an image of the error.
The VM is created with: virt-install --name=maas-node-1 --connect=qemu:///system --ram=15360 --vcpus=8 --hvm --virt-type=kvm --pxe --boot network,hd --os-variant=ubuntu16.04 --graphics vnc --os-type=linux --accelerate --disk=/var/lib/libvirt/images/maas-node-1.qcow2,bus=virtio,format=qcow2,cache=none,sparse=true,size=60 --network=bridge:br0,model=virtio
The network are configured as:
auto br0
iface br0 inet static
address 192.168.10.2
network 192.168.10.0
broadcast 192.168.10.255
netmask 255.255.255.0
gateway 192.168.10.1
dns-nameservers 192.168.10.2
bridge_ports bond0
bridge_stp off
bridge_fd 0
bridge_maxwait 0
auto bond0
iface bond0 inet manual
mtu 1500
bond-miimon 100
bond-downdelay 200
bond-updelay 200
bond-mode 0
bond-slaves none
post-up ifenslave bond0 eno1 eno2 eno3 eno4
pre-down ifenslave bond0 eno1 eno2 eno3 eno4
...
DHCP request is:
steel.maas.bootpc > 255.255.255.255.bootps: [udp sum ok] BOOTP/DHCP, Request from 18:03:73:f8:ea:c9 (oui Unknown), length 257, xid 0xf97e014f, Flags [Broadcast] (0x8000)
Client-Ethernet-Address 18:03:73:f8:ea:c9 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 6: ieee1394 03:73:f8:ea:c9
Parameter-Request Option 55, length 3:
Default-Gateway, Subnet-Mask, Domain-Name-Server
DHCP Reply is:
steel.maas.bootps > 255.255.255.255.bootpc: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0xf97e014f, Flags [Broadcast] (0x8000)
Your-IP steel.maas
Server-IP steel.maas
Client-Ethernet-Address 18:03:73:f8:ea:c9 (oui Unknown)
file "pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: steel.maas
Lease-Time Option 51, length 4: 600
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.10.1
Domain-Name-Server Option 6, length 4: steel.maas

The problem was that ARP was not being responded to due to a trait of using bond-mode 0 with no trunking on the switch. Switching to balance-tlb fixed the issues.
This helped narrow the problem down: https://bugs.launchpad.net/ubuntu/+source/qemu-kvm/+bug/785668

ipv6 i can't connect from the outside

I'm testing IPv6 networking (using FreeBSSD .0, VMWare, NAT), but I can't connect from outside (localhost) via an IPv6 address(using IPv4, it works fine). How can I set up the network properly?
[root# /home/osmund]# cat /etc/rc.conf
hostname=""
ipv6_activate_all_interfaces="YES"
ifconfig_em1_ipv6="inet6 2001:db8:1::1 prefixlen 64"
#ipv6_enable="YES"
ipv6_network_interface="em1"
ifconfig_le0="DHCP"
sshd_enable="YES"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
[root# /home/osmund]# ifconfig
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0c:29:8f:45:74
inet6 2001:db8:1::1 prefixlen 64
inet6 fe80::20c:29ff:fe8f:4574%em1 prefixlen 64 scopeid 0x2
inet 192.168.124.133 netmask 0xffffff00 broadcast 192.168.124.255
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet autoselect
status: active
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> metric 0 mtu 1500
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
[root# /home/osmund]# ping6 2001:db8:1::1
PING6(56=40+8+8 bytes) 2001:db8:1::1 --> 2001:db8:1::1
16 bytes from 2001:db8:1::1, icmp_seq=0 hlim=64 time=0.529 ms
16 bytes from 2001:db8:1::1, icmp_seq=1 hlim=64 time=0.133 ms
^C
--- 2001:db8:1::1 ping6 statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.133/0.331/0.529/0.198 ms
[root# /home/osmund]#

Have you tried to use bridged network instead?