search

wangyu- / udp2raw

A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
MIT License
7.3k stars 1.17k forks source link

using using wireguard (and kubernetes) I can ping each side and check ports with netcat but I cannot curl #411

Closed carlosrmendes closed 2 years ago

carlosrmendes commented 2 years ago

Server:

nohup udp2raw_amd64 -s -l0.0.0.0:5444 -r 127.0.0.1:51820 \
-k "passwd" --raw-mode faketcp -a \
--lower-level auto --keep-rule &

Client:

nohup udp2raw_amd64 -c -l0.0.0.0:5443  -r <server_ip>:5444 \
-k "passwd" --raw-mode faketcp -a \
--lower-level auto --keep-rule &

The udp2raw connection between the client and server only worked after I added the --lower-level auto --keep-rule flags, because of iptables rules changes by kubernetes. With these args I can ping each machine, from both sides, using the wireguard internal IP of each one (and the wireguard tunnel handshake is made), but if try a curl command, from whatever side, the request arrives to the other side but the curl command on source side doest not get any response, being pending/waiting until timeout.

(left side: server; right side: client) image

wangyu- commented 2 years ago

Seems like MTU problem, does the udp2raw log complain about MTU?

carlosrmendes commented 2 years ago

yes it was, reducing the MTU solved the issue, thanks!