Why might packets go into a tunnel and not come out

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Jan Ceuleers <jan.ceuleers@computer•org>
To: netdev@vger•kernel.org
Subject: Why might packets go into a tunnel and not come out
Date: Sun, 02 Oct 2011 11:25:04 +0200	[thread overview]
Message-ID: <4E882DF0.90404@computer.org> (raw)

All,

This is a question that I would have posted to linux-net had it still 
existed. I beg your indulgence.

I have established an SSH tunnel (device tunX) between two remote hosts. 
This tunnel is operating properly in that I can ping each peer from the 
other.

I am now trying to route traffic through this tunnel to onward 
destinations. This is not working: when I ping such an onward 
destination I can see the packets going into the tunnel (using tcpdump) 
but they're not coming out of the other end (again as seen by tcpdump).

I have added logging to all firewall rules that drop or reject traffic; 
nothing is logged. (And yes I have checked that logging itself works by 
briefly adding logging to an ACCEPT rule). Routing is enabled on both 
hosts. The counters for the tun devices (as seen using ifconfig) do not 
show any dropped traffic.

I am not asking you to debug my problem for me, but could anyone please 
point me to an overview of the reasons why packets might be going into 
one end of a tunnel and not come out the other end? I have studied the 
diagram at the following link and I think I've checked the potential 
issues that it prompts:

http://www.shorewall.net/Shorewall_and_Routing.html

Many thanks.

Jan

                 reply	other threads:[~2011-10-02  9:28 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E882DF0.90404@computer.org \
    --to=jan.ceuleers@computer$(echo .)org \
    --cc=netdev@vger$(echo .)kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox