search

Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.85k stars 266 forks source link

How to debug OMR-bypass? #1203

Closed Adorfer closed 3 years ago

Adorfer commented 4 years ago

Expected Behavior

OMR bypass either "to dedicated modem" (lan-port), or "to master port" (if bypassuplink left empty)

Current Behavior

OMR does not seem to work

verified by mtr and traceroute client uses DNS (v4, v6) of OMR client is win10 and ubuntu18.04 had been working on 0.55beta3(?). Setup was not NOT upgraded, but fresh install on 0.55.1

Possible Solution

switching off VPS routes directly via uplink

Steps to Reproduce the Problem

unknown how do describe. please provide instruction how to debug locally.

Context (Environment)

OMR with 3 uplinks (2x VDSL, 1x DOCSIS)

Specifications

note: had been working on 0.55beta3(?). Setup was not NOT upgraded, but fresh install on 0.55.1

Ysurac commented 4 years ago

Simple check, add domain ifconfig.co in domain bypass, and from the router via SSH curl ifconfig.co do you get VPS IP or WAN IP ?

Adorfer commented 4 years ago

put ifconfig.co in domain-exception, validated and reloaded.

curl for ifconfig.co on OMR cli gives VPS-IP, not WAN3-IP.

Ysurac commented 4 years ago

check in State->System log if there is no firewall/iptables error.

Adorfer commented 4 years ago

logread |grep "error"

exclusivly strings like

Thu Sep 3 00:05:58 2020 user.notice ModemManager: hotplug: error: parent device sysfspath not found

and one about a problem in vnstat-settings. 


root@LES-OpenMPTCP:~# logread |grep firewall
Thu Sep  3 00:05:49 2020 user.notice firewall: Reloading firewall due to ifup of lan (eth0)
Thu Sep  3 00:05:49 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/luci-splash
Thu Sep  3 00:05:49 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/qos
Thu Sep  3 00:05:49 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/miniupnpd
Thu Sep  3 00:05:49 2020 user.notice ucitrack: Setting up /etc/config/firewall reload dependency on /etc/config/sqm
Thu Sep  3 00:05:49 2020 user.notice firewall: Reloading firewall due to ifup of wan1 (eth1)
Thu Sep  3 00:05:53 2020 user.notice firewall: Reloading firewall due to ifup of wan2 (eth2)
Thu Sep  3 00:05:57 2020 user.notice firewall: Reloading firewall due to ifup of wan3 (eth3)
Thu Sep  3 00:05:58 2020 user.notice firewall: Reloading firewall due to ifup of wan4 (eth4)
Thu Sep  3 00:05:59 2020 user.notice firewall: Reloading firewall due to ifup of omrvpn (tun0)
Thu Sep  3 00:06:00 2020 user.notice firewall: Reloading firewall due to ifup of omr6in4 (6in4-omr6in4)
root@LES-OpenMPTCP:~# logread |grep iptables

[none]

Ysurac commented 4 years ago

what is the result of iptables-save and ipset list via SSH from the router ?

Adorfer commented 4 years ago

settings
uci show |grep omr-bypass https://termbin.com/sn0f

iptables-save https://termbin.com/ku78

and ipset list https://termbin.com/mah3

Ysurac commented 4 years ago

I don't think this will fix the problem, but there is errors:

omr-bypass.@ips[4].ip='217.10.68.145 '
omr-bypass.@ips[6].ip=' 94.79.131.221'

(the space after first IP and space before last ip)

Adorfer commented 4 years ago

fixed those issues, but as expected, did not resolve the issue.

btw: i would expect "ifconfig.co" or his 94.79.131.221 somewhere in the output of iptables-save or the ipset list

Ysurac commented 4 years ago

ifconfig.co ip is 172.67.133.228 and 2606:4700:3032::681c:125e both are in ipset. 94.79.131.221 is also in ipset. What is the result of ip rule ?

Adorfer commented 4 years ago

ip rule : https://termbin.com/r6b6

Ysurac commented 4 years ago

And what is the result of ip r show table 991337 and ip r show table 1 ?

Adorfer commented 4 years ago

not much: 

root@LES-OpenMPTCP:~# ip r show table 991337
default via 192.168.12.1 dev eth3
root@LES-OpenMPTCP:~# ip r show table 1
Dump terminated

only table 0 is a bit more: https://termbin.com/0u07

Ysurac commented 4 years ago

I should have asked table 4, 5 and 6. They shouldn't be empty. But as table 991337 is not empty all should be ok here.

What is the result of iptables -vL -t nat ?

Adorfer commented 4 years ago

Viola!

ip r show table 4 https://termbin.com/pv5x0

ip r show table 5 https://termbin.com/na2b

ip r show table 6 https://termbin.com/h1f5

iptables -vL -t nat https://termbin.com/pqkc

Ysurac commented 4 years ago

Strange, all seems to work here.

Adorfer commented 4 years ago

What can i do? do a fresh install?

Ysurac commented 4 years ago

You can try yes, because I have no more idea. You don't use multiple public IPs on the VPS ?

Adorfer commented 4 years ago

single IPv4 (/32) and IPv6 is /64 on the vps.

Adorfer commented 4 years ago

i did fresh install on a completly new device. only OMR-rule is "ifconfig.co"

still the same, 

curl http://ifconfig.co

returns the vps-ip.

grafik

Ysurac commented 4 years ago

Where do you run the command ? You get VPS IPv4 or IPv6 ? If it's IPv6, try curl -4 ifconfig.co

Adorfer commented 4 years ago

i run the command on the OMR shell, and the result is IPv4 of the VPS.

github-actions[bot] commented 3 years ago

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days