Вобщем ситуация немного проясняется.
На VPS есть следующие сетевые интерфейсы:
lo Link encap:Локальная петля (Loopback)
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:11739350 errors:0 dropped:0 overruns:0 frame:0
TX packets:11739350 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:41517748581 (41.5 GB) TX bytes:41517748581 (41.5 GB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:15898 errors:0 dropped:0 overruns:0 frame:0
TX packets:23859 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2207658 (2.2 MB) TX bytes:1666278 (1.6 MB)
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
inet6 addr: ::2/128 Scope:Compat
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
RX packets:13946656 errors:0 dropped:0 overruns:0 frame:0
TX packets:12969399 errors:0 dropped:34710 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1924528966 (1.9 GB) TX bytes:20969261121 (20.9 GB)
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:ВНЕШНИЙ IP P-t-P:ВНЕШНИЙ IP Bcast:ШЛЮЗ Mask:255.255.255.0
UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1
Таблица маршрутизации на VPS:
Таблица маршутизации ядра протокола IP
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
ВНЕ.ШНИ.ЙАЙ.0 * 255.255.255.0 U 0 0 0 venet0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default * 0.0.0.0 U 0 0 0 venet0
Как я понял интерфейс venet0:0 виртуальный. Провайдер использует parallels virtuozzo
Теперь пакеты:
На Сервере2 запускаю
telnet smtp.mail.ru 25
Смотрю что на VPS:
# tcpdump -i venet0 port 25 and host smtp.mail.ru
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
14:28:45.329380 IP домен.vps.58352 > smtp.mail.ru.smtp: Flags [S], seq 1003991457, win 29200, options [mss 1368,sackOK,TS val 45353900 ecr 0,nop,wscale 7], length 0
14:28:45.340582 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107380759 ecr 45353650], length 0
14:28:47.333815 IP домен.vps.58352 > smtp.mail.ru.smtp: Flags [S], seq 1003991457, win 29200, options [mss 1368,sackOK,TS val 45354401 ecr 0,nop,wscale 7], length 0
14:28:47.344806 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107382763 ecr 45353650], length 0
14:28:47.443897 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107382862 ecr 45353650], length 0
14:28:51.345735 IP домен.vps.58352 > smtp.mail.ru.smtp: Flags [S], seq 1003991457, win 29200, options [mss 1368,sackOK,TS val 45355404 ecr 0,nop,wscale 7], length 0
14:28:51.356915 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107386776 ecr 45353650], length 0
14:28:53.443296 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107388862 ecr 45353650], length 0
14:28:59.361938 IP домен.vps.58352 > smtp.mail.ru.smtp: Flags [S], seq 1003991457, win 29200, options [mss 1368,sackOK,TS val 45357408 ecr 0,nop,wscale 7], length 0
14:28:59.373349 IP smtp.mail.ru.smtp > домен.vps.58352: Flags [S.], seq 920783990, ack 1003991458, win 5592, options [mss 1410,sackOK,TS val 3107394793 ecr 45353650], length 0
^C
10 packets captured
16 packets received by filter
0 packets dropped by kernel
Получается пакеты обратно приходят.
Смотрю что на tun0:
root@glamourbags:~# tcpdump -i tun0 port 25 and host smtp.mail.ru
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
14:31:06.615187 IP 10.8.0.9.55013 > smtp.mail.ru.smtp: Flags [S], seq 1003991460, win 29200, options [mss 1368,sackOK,TS val 45389228 ecr 0,nop,wscale 7], length 0
14:31:06.624034 IP smtp.mail.ru.smtp > 10.8.0.9.55013: Flags [S.], seq 2740745691, ack 1003991461, win 5592, options [mss 1410,sackOK,TS val 1610025006 ecr 45385472], length 0
14:31:12.898232 IP smtp.mail.ru.smtp > 10.8.0.9.55013: Flags [S.], seq 2740745691, ack 1003991461, win 5592, options [mss 1410,sackOK,TS val 1610031283 ecr 45385472], length 0
14:31:22.624900 IP 10.8.0.9.55013 > smtp.mail.ru.smtp: Flags [S], seq 1003991460, win 29200, options [mss 1368,sackOK,TS val 45393232 ecr 0,nop,wscale 7], length 0
14:31:22.634293 IP smtp.mail.ru.smtp > 10.8.0.9.55013: Flags [S.], seq 2740745691, ack 1003991461, win 5592, options [mss 1410,sackOK,TS val 1610041024 ecr 45385472], length 0
14:31:36.891351 IP smtp.mail.ru.smtp > 10.8.0.9.55013: Flags [S.], seq 2740745691, ack 1003991461, win 5592, options [mss 1410,sackOK,TS val 1610055283 ecr 45385472], length 0
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel
Видно что обратная трансляция адреса работает.
Теперь смотрю что на Сервере2:
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 65535 bytes
14:33:29.475951 IP 10.8.0.9.58459 > smtp.mail.ru.smtp: Flags [S], seq 4099147992, win 29200, options [mss 1460,sackOK,TS val 45425628 ecr 0,nop,wscale 7], length 0
14:33:29.502084 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251729986 ecr 45425628], length 0
14:33:30.476019 IP 10.8.0.9.58459 > smtp.mail.ru.smtp: Flags [S], seq 4099147992, win 29200, options [mss 1460,sackOK,TS val 45425878 ecr 0,nop,wscale 7], length 0
14:33:30.501229 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251730985 ecr 45425628], length 0
14:33:32.480002 IP 10.8.0.9.58459 > smtp.mail.ru.smtp: Flags [S], seq 4099147992, win 29200, options [mss 1460,sackOK,TS val 45426379 ecr 0,nop,wscale 7], length 0
14:33:32.505353 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251732990 ecr 45425628], length 0
14:33:33.631633 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251734116 ecr 45425628], length 0
14:33:36.484001 IP 10.8.0.9.58459 > smtp.mail.ru.smtp: Flags [S], seq 4099147992, win 29200, options [mss 1460,sackOK,TS val 45427380 ecr 0,nop,wscale 7], length 0
14:33:36.509274 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251736994 ecr 45425628], length 0
14:33:39.631226 IP smtp.mail.ru.smtp > 10.8.0.9.58459: Flags [S.], seq 3042943460, ack 4099147993, win 5592, options [mss 1368,sackOK,TS val 3251740116 ecr 45425628], length 0
^C
10 packets captured
10 packets received by filter
0 packets dropped by kernel
Видно что пакеты уходят, но ответа нет.
Тема: Направить smtp траффик по тоннелю openvpn на vps (Прочитано 1446 раз)
