search

Ysurac / openmptcprouter

OpenMPTCProuter is an open source solution to aggregate multiple internet connections using Multipath TCP (MPTCP) on OpenWrt
https://www.openmptcprouter.com/
GNU General Public License v3.0
1.91k stars 273 forks source link

NAT Loopback #3518

Open FPi-sh opened 2 months ago

FPi-sh commented 2 months ago

Expected Behavior

Reaching exposed services on public ip from LAN should work.

Current Behavior

Connection is reset

Possible Solution

policy based routes?

Steps to Reproduce the Problem

  1. Expose a service
  2. From internet it works, from lan does not work

Context (Environment)

Specifications

Ysurac commented 2 months ago

Can you check on your destination if you have traffic using tcpdump ?

FPi-sh commented 2 months ago

Here's my network topology:

OMR LAN (192.168.101.1/24) <--> LinuxVM (192.168.101.200/24), PC (192.168.101.148/24) Port forwarding: OMR.PUBL.IP:8081 to 192.168.101.200:80 (where there's httpd listening)

When I try curl from an host inside my lan, I don't see any request reaching server's interface (tcpdump is empty).

From OMR on eth0 I see this:

root@OpenMPTCProuter:~# tcpdump -ni eth0 port 8081
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:59:41.046713 IP 192.168.101.148.47800 > OMR.PUBL.IP.8081: Flags [S], seq 1595500041, win 65535, options [mss 1460,sackOK,TS val 4245108839 ecr 0,nop,wscale 9], length 0
21:59:41.046877 IP OMR.PUBL.IP.8081 > 192.168.101.148.47800: Flags [S.], seq 21635800, ack 1595500042, win 43440, options [mss 1460,sackOK,TS val 3999143332 ecr 4245108839,nop,wscale 9], length 0
21:59:41.053178 IP 192.168.101.148.47800 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245108863 ecr 3999143332], length 0
21:59:41.053178 IP 192.168.101.148.47800 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245108863 ecr 3999143332], length 373
21:59:41.053369 IP OMR.PUBL.IP.8081 > 192.168.101.148.47800: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143338 ecr 4245108863], length 0
21:59:41.123226 IP OMR.PUBL.IP.8081 > 192.168.101.148.47800: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143408 ecr 4245108863], length 0
21:59:41.129841 IP 192.168.101.148.47800 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245108940 ecr 3999143408], length 0
21:59:41.129990 IP OMR.PUBL.IP.8081 > 192.168.101.148.47800: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143415 ecr 4245108940], length 0
21:59:41.131399 IP 192.168.101.148.47804 > OMR.PUBL.IP.8081: Flags [S], seq 2233263747, win 65535, options [mss 1460,sackOK,TS val 4245108941 ecr 0,nop,wscale 9], length 0
21:59:41.131576 IP OMR.PUBL.IP.8081 > 192.168.101.148.47804: Flags [S.], seq 2296785639, ack 2233263748, win 43440, options [mss 1460,sackOK,TS val 3999143416 ecr 4245108941,nop,wscale 9], length 0
21:59:41.134651 IP 192.168.101.148.47804 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245108946 ecr 3999143416], length 0
21:59:41.134651 IP 192.168.101.148.47804 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245108946 ecr 3999143416], length 373
21:59:41.134877 IP OMR.PUBL.IP.8081 > 192.168.101.148.47804: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143420 ecr 4245108946], length 0
21:59:41.197145 IP OMR.PUBL.IP.8081 > 192.168.101.148.47804: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143482 ecr 4245108946], length 0
21:59:41.203240 IP 192.168.101.148.47804 > OMR.PUBL.IP.8081: Flags [.], ack 2, win 128, options [nop,nop,TS val 4245109014 ecr 3999143482], length 0
21:59:41.203240 IP 192.168.101.148.47804 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109014 ecr 3999143482], length 0
21:59:41.203477 IP OMR.PUBL.IP.8081 > 192.168.101.148.47804: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143488 ecr 4245109014], length 0
21:59:41.205896 IP 192.168.101.148.47808 > OMR.PUBL.IP.8081: Flags [S], seq 4136874738, win 65535, options [mss 1460,sackOK,TS val 4245109015 ecr 0,nop,wscale 9], length 0
21:59:41.206110 IP OMR.PUBL.IP.8081 > 192.168.101.148.47808: Flags [S.], seq 1817016729, ack 4136874739, win 43440, options [mss 1460,sackOK,TS val 3999143491 ecr 4245109015,nop,wscale 9], length 0
21:59:41.209928 IP 192.168.101.148.47808 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109020 ecr 3999143491], length 0
21:59:41.209928 IP 192.168.101.148.47808 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109021 ecr 3999143491], length 373
21:59:41.210200 IP OMR.PUBL.IP.8081 > 192.168.101.148.47808: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143495 ecr 4245109021], length 0
21:59:41.276113 IP OMR.PUBL.IP.8081 > 192.168.101.148.47808: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143561 ecr 4245109021], length 0
21:59:41.283210 IP 192.168.101.148.47808 > OMR.PUBL.IP.8081: Flags [.], ack 2, win 128, options [nop,nop,TS val 4245109094 ecr 3999143561], length 0
21:59:41.283210 IP 192.168.101.148.47808 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109094 ecr 3999143561], length 0
21:59:41.283457 IP OMR.PUBL.IP.8081 > 192.168.101.148.47808: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143568 ecr 4245109094], length 0
21:59:41.286165 IP 192.168.101.148.47814 > OMR.PUBL.IP.8081: Flags [S], seq 3819683432, win 65535, options [mss 1460,sackOK,TS val 4245109096 ecr 0,nop,wscale 9], length 0
21:59:41.286449 IP OMR.PUBL.IP.8081 > 192.168.101.148.47814: Flags [S.], seq 203606993, ack 3819683433, win 43440, options [mss 1460,sackOK,TS val 3999143571 ecr 4245109096,nop,wscale 9], length 0
21:59:41.290273 IP 192.168.101.148.47814 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109101 ecr 3999143571], length 0
21:59:41.290273 IP 192.168.101.148.47814 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109101 ecr 3999143571], length 373
21:59:41.290575 IP OMR.PUBL.IP.8081 > 192.168.101.148.47814: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143575 ecr 4245109101], length 0
21:59:41.350172 IP OMR.PUBL.IP.8081 > 192.168.101.148.47814: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143635 ecr 4245109101], length 0
21:59:41.357001 IP 192.168.101.148.47830 > OMR.PUBL.IP.8081: Flags [S], seq 1670467046, win 65535, options [mss 1460,sackOK,TS val 4245109168 ecr 0,nop,wscale 9], length 0
21:59:41.357221 IP OMR.PUBL.IP.8081 > 192.168.101.148.47830: Flags [S.], seq 942883749, ack 1670467047, win 43440, options [mss 1460,sackOK,TS val 3999143642 ecr 4245109168,nop,wscale 9], length 0
21:59:41.357001 IP 192.168.101.148.47814 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109167 ecr 3999143635], length 0
21:59:41.357384 IP OMR.PUBL.IP.8081 > 192.168.101.148.47814: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143642 ecr 4245109167], length 0
21:59:41.363874 IP 192.168.101.148.47830 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109174 ecr 3999143642], length 0
21:59:41.363874 IP 192.168.101.148.47830 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109174 ecr 3999143642], length 373
21:59:41.364160 IP OMR.PUBL.IP.8081 > 192.168.101.148.47830: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143649 ecr 4245109174], length 0
21:59:41.432441 IP OMR.PUBL.IP.8081 > 192.168.101.148.47830: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143717 ecr 4245109174], length 0
21:59:41.440682 IP 192.168.101.148.47830 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109251 ecr 3999143717], length 0
21:59:41.440864 IP OMR.PUBL.IP.8081 > 192.168.101.148.47830: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143726 ecr 4245109251], length 0
21:59:41.442147 IP 192.168.101.148.47832 > OMR.PUBL.IP.8081: Flags [S], seq 2709185055, win 65535, options [mss 1460,sackOK,TS val 4245109252 ecr 0,nop,wscale 9], length 0
21:59:41.442265 IP OMR.PUBL.IP.8081 > 192.168.101.148.47832: Flags [S.], seq 1163787270, ack 2709185056, win 43440, options [mss 1460,sackOK,TS val 3999143727 ecr 4245109252,nop,wscale 9], length 0
21:59:41.452605 IP 192.168.101.148.47832 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109257 ecr 3999143727], length 0
21:59:41.452605 IP 192.168.101.148.47832 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109257 ecr 3999143727], length 373
21:59:41.452832 IP OMR.PUBL.IP.8081 > 192.168.101.148.47832: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143738 ecr 4245109257], length 0
21:59:41.514005 IP OMR.PUBL.IP.8081 > 192.168.101.148.47832: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143799 ecr 4245109257], length 0
21:59:41.521703 IP 192.168.101.148.47832 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109332 ecr 3999143799], length 0
21:59:41.521866 IP OMR.PUBL.IP.8081 > 192.168.101.148.47832: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143807 ecr 4245109332], length 0
21:59:41.522699 IP 192.168.101.148.47838 > OMR.PUBL.IP.8081: Flags [S], seq 2074433340, win 65535, options [mss 1460,sackOK,TS val 4245109333 ecr 0,nop,wscale 9], length 0
21:59:41.523017 IP OMR.PUBL.IP.8081 > 192.168.101.148.47838: Flags [S.], seq 2477023079, ack 2074433341, win 43440, options [mss 1460,sackOK,TS val 3999143808 ecr 4245109333,nop,wscale 9], length 0
21:59:41.527378 IP 192.168.101.148.47838 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109338 ecr 3999143808], length 0
21:59:41.527378 IP 192.168.101.148.47838 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109339 ecr 3999143808], length 373
21:59:41.527653 IP OMR.PUBL.IP.8081 > 192.168.101.148.47838: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143813 ecr 4245109339], length 0
21:59:41.590626 IP OMR.PUBL.IP.8081 > 192.168.101.148.47838: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143876 ecr 4245109339], length 0
21:59:41.599769 IP 192.168.101.148.47838 > OMR.PUBL.IP.8081: Flags [.], ack 2, win 128, options [nop,nop,TS val 4245109410 ecr 3999143876], length 0
21:59:41.599769 IP 192.168.101.148.47838 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109410 ecr 3999143876], length 0
21:59:41.600153 IP OMR.PUBL.IP.8081 > 192.168.101.148.47838: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143885 ecr 4245109410], length 0
21:59:41.600973 IP 192.168.101.148.47844 > OMR.PUBL.IP.8081: Flags [S], seq 707384180, win 65535, options [mss 1460,sackOK,TS val 4245109412 ecr 0,nop,wscale 9], length 0
21:59:41.601200 IP OMR.PUBL.IP.8081 > 192.168.101.148.47844: Flags [S.], seq 2209563401, ack 707384181, win 43440, options [mss 1460,sackOK,TS val 3999143886 ecr 4245109412,nop,wscale 9], length 0
21:59:41.610889 IP 192.168.101.148.47844 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109421 ecr 3999143886], length 0
21:59:41.610889 IP 192.168.101.148.47844 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109422 ecr 3999143886], length 373
21:59:41.611123 IP OMR.PUBL.IP.8081 > 192.168.101.148.47844: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143896 ecr 4245109422], length 0
21:59:41.682002 IP OMR.PUBL.IP.8081 > 192.168.101.148.47844: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999143967 ecr 4245109422], length 0
21:59:41.691147 IP 192.168.101.148.47844 > OMR.PUBL.IP.8081: Flags [.], ack 2, win 128, options [nop,nop,TS val 4245109502 ecr 3999143967], length 0
21:59:41.691147 IP 192.168.101.148.47844 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109502 ecr 3999143967], length 0
21:59:41.691395 IP OMR.PUBL.IP.8081 > 192.168.101.148.47844: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999143976 ecr 4245109502], length 0
21:59:41.692738 IP 192.168.101.148.47854 > OMR.PUBL.IP.8081: Flags [S], seq 2499084692, win 65535, options [mss 1460,sackOK,TS val 4245109503 ecr 0,nop,wscale 9], length 0
21:59:41.692911 IP OMR.PUBL.IP.8081 > 192.168.101.148.47854: Flags [S.], seq 2974447062, ack 2499084693, win 43440, options [mss 1460,sackOK,TS val 3999143978 ecr 4245109503,nop,wscale 9], length 0
21:59:41.697054 IP 192.168.101.148.47854 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109508 ecr 3999143978], length 0
21:59:41.697054 IP 192.168.101.148.47854 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109508 ecr 3999143978], length 373
21:59:41.697216 IP OMR.PUBL.IP.8081 > 192.168.101.148.47854: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999143982 ecr 4245109508], length 0
21:59:41.761236 IP OMR.PUBL.IP.8081 > 192.168.101.148.47854: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999144046 ecr 4245109508], length 0
21:59:41.767089 IP 192.168.101.148.47854 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109577 ecr 3999144046], length 0
21:59:41.767208 IP OMR.PUBL.IP.8081 > 192.168.101.148.47854: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999144052 ecr 4245109577], length 0
21:59:41.770036 IP 192.168.101.148.47862 > OMR.PUBL.IP.8081: Flags [S], seq 2177289026, win 65535, options [mss 1460,sackOK,TS val 4245109579 ecr 0,nop,wscale 9], length 0
21:59:41.770239 IP OMR.PUBL.IP.8081 > 192.168.101.148.47862: Flags [S.], seq 3267845159, ack 2177289027, win 43440, options [mss 1460,sackOK,TS val 3999144055 ecr 4245109579,nop,wscale 9], length 0
21:59:41.775423 IP 192.168.101.148.47862 > OMR.PUBL.IP.8081: Flags [.], ack 1, win 128, options [nop,nop,TS val 4245109586 ecr 3999144055], length 0
21:59:41.775423 IP 192.168.101.148.47862 > OMR.PUBL.IP.8081: Flags [P.], seq 1:374, ack 1, win 128, options [nop,nop,TS val 4245109586 ecr 3999144055], length 373
21:59:41.775643 IP OMR.PUBL.IP.8081 > 192.168.101.148.47862: Flags [.], ack 374, win 85, options [nop,nop,TS val 3999144061 ecr 4245109586], length 0
21:59:41.839360 IP OMR.PUBL.IP.8081 > 192.168.101.148.47862: Flags [F.], seq 1, ack 374, win 85, options [nop,nop,TS val 3999144124 ecr 4245109586], length 0
21:59:41.847197 IP 192.168.101.148.47862 > OMR.PUBL.IP.8081: Flags [.], ack 2, win 128, options [nop,nop,TS val 4245109658 ecr 3999144124], length 0
21:59:41.847197 IP 192.168.101.148.47862 > OMR.PUBL.IP.8081: Flags [F.], seq 374, ack 2, win 128, options [nop,nop,TS val 4245109658 ecr 3999144124], length 0
21:59:41.847388 IP OMR.PUBL.IP.8081 > 192.168.101.148.47862: Flags [.], ack 375, win 85, options [nop,nop,TS val 3999144132 ecr 4245109658], length 0