Тема: MPD+NAT некоторые пакеты не доходят
[ pptp client ] ------ [ vpn mpd5 ] ---- [ nat gateway ] ---- [ WAN router ]
Не понимаю, почему запросы в нашу белую сеть из нашей серой сети через NAT "зависают в воздухе" или ещё черт знает где.
Все остальные, т.е. абсолютно любые запросы по любым сервисам на любые хосты, только не наши, прибегают в результате обратно к клиенту успешно.
Серая сеть назначается вторым пулом из радиуса.
В частности , вот что происходит с сервисом DNS
Когда на клиенте 172.17.253.41:
dig bmw.com @8.8.8.8
запрос DNS успешен
На NATе:
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.59508 > google-public-dns-a.google.com.domain: 875+ A? bmw.com. (25)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 83: google-public-dns-a.google.com.domain > 172.17.253.41.59508: 875 1/0/0 A origin.bmw.com (41)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 62: 172.17.253.41.53240 > google-public-dns-a.google.com.domain: 60589+ A? 94. (20)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 62: 172.17.253.41.53240 > google-public-dns-a.google.com.domain: 31808+ AAAA? 94. (20)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 137: google-public-dns-a.google.com.domain > 172.17.253.41.53240: 60589 NXDomain 0/1/0 (95)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 137: google-public-dns-a.google.com.domain > 172.17.253.41.53240: 31808 NXDomain 0/1/0 (95)На MPD:
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.59508 > google-public-dns-a.google.com.domain: 875+ A? bmw.com. (25)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 83: google-public-dns-a.google.com.domain > 172.17.253.41.59508: 875 1/0/0 A origin.bmw.com (41)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 62: 172.17.253.41.53240 > google-public-dns-a.google.com.domain: 60589+ A? 94. (20)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 62: 172.17.253.41.53240 > google-public-dns-a.google.com.domain: 31808+ AAAA? 94. (20)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 137: google-public-dns-a.google.com.domain > 172.17.253.41.53240: 60589 NXDomain 0/1/0 (95)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 137: google-public-dns-a.google.com.domain > 172.17.253.41.53240: 31808 NXDomain 0/1/0 (95)Когда на клиенте 172.17.253.41:
dig bmw.com @94.232.184.42
запрос DNS по таймауту неуспешен
На NATе:
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.52234 > 94.232.184.42.domain: 27503+ A? bmw.com. (25)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 486: 94.232.184.42.domain > 172.17.253.41.52234: 27503 1/13/12 A origin.bmw.com (444)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.52234 > 94.232.184.42.domain: 27503+ A? bmw.com. (25)
00:0c:29:91:6b:5f (oui Unknown) > 00:15:17:a3:b1:bd (oui Unknown), ethertype IPv4 (0x0800), length 486: 94.232.184.42.domain > 172.17.253.41.52234: 27503 1/13/12 A origin.bmw.com (444)На MPD:
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.52234 > 94.232.184.42.domain: 27503+ A? bmw.com. (25)
00:15:17:a3:b1:bd (oui Unknown) > 00:0c:29:91:6b:5f (oui Unknown), ethertype IPv4 (0x0800), length 67: 172.17.253.41.52234 > 94.232.184.42.domain: 27503+ A? bmw.com. (25)И это со всеми запросами к любым серверам в нашей белой сети, т.е. например http также подвисают в воздухе.
