Closed arter97 closed 3 years ago
Hi @arter97
Is it because the server is announcing its "internal" addresses?
I suspect that you are using the fullmesh
path-manager on your server and it is then announcing these addresses as reported in /proc/net/mptcp_fullmesh
.
You can use a modified version of iproute
to flag interfaces with internal address: http://multipath-tcp.org/pmwiki.php/Users/Tools
But if you don't need the server to announce any address while still accepting new subflows, best is to use the default
path-manager: http://multipath-tcp.org/pmwiki.php/Users/ConfigureMPTCP
Hi, after turning on mptcp_debug, I noticed that subflows are (attempted to be) created on server's internal IP addresses as well.
The server has eth0, eth1, eth2 and only eth0 is exposed to the Internet. eth0 has the public IP address of 123.123.123.10, eth1 has the IP address of 192.168.1.1, eth2 has the IP address of 192.168.2.1.
When connecting to this server from another client over the Internet using MPTCP, I can see server's eth1/2's info from the client-side:
The same happens when both server/client has no iptables rules set.
I assume I must add some additional entries on the server's iptables to make this stop, but I'm not all that familiar with iptables. Security concern asides, I believe this limits the subflow creations and limits MPTCP to utilize all interfaces.
Any pointers will be much appreciated, thanks!