jkorell / iperf

Automatically exported from code.google.com/p/iperf
Other
1 stars 0 forks source link

iperf server on debian squeeze #133

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. fresh compile on debian squeeze
2. iperf3 -s or iperf3 -s -D 
3. netstat -a; tcp/5201 is listening

What is the expected output? What do you see instead?
nmap 172.16.125.5 shows no port open
cannot connect clients except from the same machine

What version of the product are you using? On what operating system?
root@SAM.304-ms:/home/fiber# iperf3 -v
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux

Please provide any additional information below.
I thought that perhaps iperf might be binding to eth0, an unused dhcp port, but 
I think I ruled that out by swapping eth0 & eth1. 

Client seems to work ok.

Original issue reported on code.google.com by wpmccorm...@gmail.com on 16 Jan 2014 at 1:37

GoogleCodeExporter commented 9 years ago
In trying a different port (I used 11111), nmap did show the port as open but a 
non local client still couldn't connect to it.

Original comment by wpmccorm...@gmail.com on 16 Jan 2014 at 4:55

GoogleCodeExporter commented 9 years ago
If you can connect to the iperf server locally but not from a different host, 
this sounds like a firewall problem.  By default the iperf server doesn't bind 
to any particular port (it would if you use the -B option), so there's no 
particular reason for iperf to take connections via one interface versus 
another.

When you say "cannot connect clients except from the same machine" what error 
message do you get from your client?

Any way you can tell if you have a firewall configured on this host and if so 
what its ruleset is?  (I wish I could give more specific guidance but I'm more 
of a FreeBSD person, most of my Linux experience is CentOS.)

Original comment by bmah@es.net on 16 Jan 2014 at 5:24

GoogleCodeExporter commented 9 years ago
I agree it sounds like a firewall issue, but the fact that client and server 
are at the opposite ends of a VPN, and also that the the machine where the 
iperf server is running has NO iptables config (below), leaves me scratching my 
head. Even though I can connect locally, nmap still does not show the port as 
being open. Just to prove that this isn't a fire wall issues, I can connect to 
a server that I wrote that is listening on tcp/11111. I didn't do anything 
special to make this work.

/* testing client connection to another server app ... it works */
root@fibuntu:~# telnet 172.16.125.5 11111
Trying 172.16.125.5...
Connected to 172.16.125.5.
Escape character is '^]'.
read|NO_FAN_FAULT_M1
!read|NO_FAN_FAULT_M1|1
disconect
ERROR : invalid command : disconect
quit
ERROR : invalid command : quit
disconnect

Connection closed by foreign host.

/* start iperf, the [3] is something I added so I could see what the sock fd 
was */
root@SAM.304-ms:/home/fiber# /usr/local/bin/iperf3 -s -4 -V
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201 [3]
-----------------------------------------------------------

/* from another console, see what iperf is doing */
root@SAM.304-ms:/home/fiber# netstat -ap| grep 5201
tcp        0      0 *:5201                  *:*                     LISTEN      
1099/iperf3
root@SAM.304-ms:/home/fiber# ps aux|grep iperf
root      1099  0.0  0.0   1728   544 pts/0    S+   16:41   0:00 
/usr/local/bin/iperf3 -s -4 -V
root      1108  0.0  0.0   3284   724 pts/2    S+   16:41   0:00 grep iperf

/* try to connect to the iperf server across and OpenVPN tunnel, server to 
client*/
root@fibuntu:~# /usr/local/bin/iperf3 -c 172.126.125.5 -p 5201 -V -t 60
iperf version 3.0.1 (10 January 2014)
Linux fibuntu 3.5.0-39-generic #60-Ubuntu SMP Tue Aug 13 18:33:05 UTC 2013 
x86_64 x86_64 x86_64 GNU/Linux
iperf3: error - unable to connect to server: Connection timed out

/* see what ports are open on the remote side */
root@fibuntu:~# nmap -sT 172.16.125.5

Starting Nmap 6.00 ( http://nmap.org ) at 2014-01-16 15:33 CST
Nmap scan report for 172.16.125.5
Host is up (0.083s latency).
Not shown: 995 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
53/tcp    open  domain
80/tcp    open  http
11111/tcp open  vce

Nmap done: 1 IP address (1 host up) scanned in 11.82 seconds

/* see what ports are open on the local side */
root@SAM.304-ms:/home/fiber# nmap -sT localhost

Starting Nmap 5.00 ( http://nmap.org ) at 2014-01-16 16:34 EST
Interesting ports on localhost.localdomain (127.0.0.1):
Not shown: 994 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
53/tcp    open  domain
80/tcp    open  http
111/tcp   open  rpcbind
11111/tcp open  unknown

Nmap done: 1 IP address (1 host up) scanned in 0.83 seconds

/* check iptables */
root@SAM.304-ms:/home/fiber# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
root@SAM.304-ms:/home/fiber# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Original comment by wpmccorm...@gmail.com on 16 Jan 2014 at 9:48

GoogleCodeExporter commented 9 years ago
oh yea ... and finally, iperf local client:

root@SAM.304-ms:/home/fiber# iperf3 -c 172.16.125.5
Connecting to host 172.16.125.5, port 5201
[  4] local 172.16.125.5 port 52123 connected to 172.16.125.5 port 5201
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-1.00   sec  77.9 MBytes   653 Mbits/sec    0
[  4]   1.00-2.00   sec  77.0 MBytes   646 Mbits/sec    0
[  4]   2.00-3.00   sec  77.9 MBytes   653 Mbits/sec    0
[  4]   3.00-4.00   sec  77.4 MBytes   648 Mbits/sec    0
[  4]   4.00-5.00   sec  77.2 MBytes   649 Mbits/sec    0
[  4]   5.00-6.00   sec  77.6 MBytes   651 Mbits/sec    0
[  4]   6.00-7.00   sec  77.1 MBytes   647 Mbits/sec    0
[  4]   7.00-8.00   sec  77.9 MBytes   654 Mbits/sec    0
[  4]   8.00-9.00   sec  77.1 MBytes   646 Mbits/sec    0
[  4]   9.00-10.00  sec  77.8 MBytes   653 Mbits/sec    0
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bandwidth       Retr
[  4]   0.00-10.00  sec   775 MBytes   650 Mbits/sec    0         sender
[  4]   0.00-10.00  sec   775 MBytes   650 Mbits/sec              receiver

iperf Done.

root@SAM.304-ms:/home/fiber# /usr/local/bin/iperf3 -s -4 -V
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201 [3]
-----------------------------------------------------------
Time: Thu, 16 Jan 2014 21:49:53 GMT
Accepted connection from 172.16.125.5, port 52122
      Cookie: SAM.1389908993.023567.3d267dee45bd62
      TCP MSS: 16384 (default)
[  5] local 172.16.125.5 port 5201 connected to 172.16.125.5 port 52123
Starting Test: protocol: TCP, 1 streams, 131072 byte blocks, omitting 0 
seconds, 10 second test
[ ID] Interval           Transfer     Bandwidth
[  5]   0.00-1.00   sec  77.8 MBytes   652 Mbits/sec
[  5]   1.00-2.00   sec  77.1 MBytes   646 Mbits/sec
[  5]   2.00-3.00   sec  77.8 MBytes   654 Mbits/sec
[  5]   3.00-4.00   sec  77.5 MBytes   648 Mbits/sec
[  5]   4.00-5.00   sec  77.1 MBytes   649 Mbits/sec
[  5]   5.00-6.00   sec  77.6 MBytes   651 Mbits/sec
[  5]   6.00-7.00   sec  77.1 MBytes   647 Mbits/sec
[  5]   7.00-8.00   sec  77.9 MBytes   654 Mbits/sec
[  5]   8.00-9.00   sec  77.1 MBytes   646 Mbits/sec
[  5]   9.00-10.00  sec  77.8 MBytes   653 Mbits/sec
[  5]  10.00-10.00  sec   128 KBytes   441 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
Test Complete. Summary Results:
[ ID] Interval           Transfer     Bandwidth       Retr
[  5]   0.00-10.00  sec   775 MBytes   650 Mbits/sec    0         sender
[  5]   0.00-10.00  sec   775 MBytes   650 Mbits/sec              receiver
CPU Utilization: local/receiver 0.7% (0.0%u/0.7%s), remote/sender 56.8% 
(0.6%u/56.2%s)
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201 [3]
-----------------------------------------------------------

Original comment by wpmccorm...@gmail.com on 16 Jan 2014 at 9:51

GoogleCodeExporter commented 9 years ago
Is it possible this all has something to do with OpenVPN? I'll see if can get 
to the iperf server over a LAN ... need to make iperf work on cygwin 1st!

Original comment by wpmccorm...@gmail.com on 16 Jan 2014 at 9:54

GoogleCodeExporter commented 9 years ago
Debian linux systems on the OpenVPN client LAN can connect iperf client across 
the tunnel to the iperf server running on the same Ubuntu system that runs the 
OpenVPN server. 

Connecting a cygwin iperf client to a debian linux iperf server, not going 
through a VPN, and whether on the same LAN or to a VLAN, produces a similar but 
somewhat different result, detailed below:

/* 1st start the server */
root@SAM.demo-ms:/home/fiber# iperf3 -s -V
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

/* then start a client */
Bill McCormick@FIBERIO-BILL /usr/local/bin
$ iperf3 -c 192.168.120.5
Connecting to host 192.168.120.5, port 5201

/* nothing seems to happen until I ctrl-c the client, then I see this on the 
server ... */
root@SAM.demo-ms:/home/fiber# iperf3 -s -V
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------
Time: Thu, 16 Jan 2014 23:00:21 GMT
Accepted connection from 10.5.101.143, port 6886
      Cookie: a39fc3ab-e8aa-4494-91c3-0b5875d0c159
      TCP MSS: 1460 (default)
iperf3: the client has unexpectedly closed the connection
iperf version 3.0.1 (10 January 2014)
Linux SAM 2.6.33 #1 PREEMPT Wed Jun 30 11:35:16 EDT 2010 i586 GNU/Linux
-----------------------------------------------------------
Server listening on 5201
-----------------------------------------------------------

Original comment by wpmccorm...@gmail.com on 16 Jan 2014 at 11:05

GoogleCodeExporter commented 9 years ago
Hrm.  I'm reading the complete set of comments on this bug (admittedly a bit of 
time has passed since you wrote them), and I'm trying to sort this out.  It 
looks like in Comment #6 you have things working (at least with the all Linux 
systems...we don't presently support building on CygWin)?

In Comment #5 you asked whether this had to do with OpenVPN.  That's certainly 
possible in that the OpenVPN endpoints could be doing some filtering).

If there are some cases that aren't working, perhaps you could see if doing 
"telnet server 5201" (i.e. try to telnet to the iperf3 server on TCP port 5201) 
works or if you get a connection timeout.  If you get a connection timeout from 
both the iperf3 client and the telnet client, the problem isn't in iperf3 (I 
suspect this will be the case).  If you get a timeout from the iperf3 client, 
but a successful connection setup with telnet, then there's some more digging 
required.

Original comment by bmah@es.net on 3 Feb 2014 at 10:17