From: Riccardo Berto <riccardo@rcrdbrt.com>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Troubleshooting WireGuard connections
Date: Sat, 14 Apr 2018 09:56:21 +0200 [thread overview]
Message-ID: <9896807f0c6cbee1c7c99647a3c289cc@rcrdbrt.com> (raw)
In-Reply-To: <CAHmME9oFYswr1KjBGiP+2iMHDGYmZhpv_SovCMT3xxMMErK19A@mail.gmail.com>
On 2018-04-14 03:26, Jason A. Donenfeld wrote:
> Hi Riccardo,
>
> Based on those tcpdump timestamps, it looks like the handshake
> response happens nearly immediately after the handshake initiation.
> Yet from your description, it appears only after many moments. In my
> experience, tcpdump blocks like this when it has to do too many DNS
> resolutions and the resolver is slow. You might get a more accurate
> picture of what is going on if you additionally pass `-n` to tcpdump,
> which should make the packets appear more instantaneously.
>
> Jason
I used tne -n flag on tcpdump now and I'm having the exact same problem.
Now DNS servers aren't involved.
It worked briefly the first time I tried. I was happily getting ICMP
requests and responses on the client. Then I stopped `ping 10.0.0.1`
and, without touching anything, ran it again and it hung.
#################
# Client output #
#################
rpi3-two pi # ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
^C
--- 10.0.0.1 ping statistics ---
25 packets transmitted, 0 received, 100% packet loss, time 24954ms
#################
# Server output #
#################
╭─root@rcrd-online /etc/wireguard
╰─# tcpdump -vv -ni ens3 'port 51820'
tcpdump: listening on ens3, link-type EN10MB (Ethernet), capture size
262144 bytes
09:49:43.996538 IP (tos 0x0, ttl 52, id 25142, offset 0, flags [none],
proto UDP (17), length 176)
---.51821 > ---.51820: [udp sum ok] UDP, length 148
09:49:43.997138 IP (tos 0x88, ttl 64, id 42124, offset 0, flags [none],
proto UDP (17), length 120)
---.51820 > ---.51821: [bad udp cksum 0x92e3 -> 0xb363!] UDP, length
92
09:50:00.636714 IP (tos 0x0, ttl 52, id 26161, offset 0, flags [none],
proto UDP (17), length 176)
---.51821 > ---.51820: [udp sum ok] UDP, length 148
09:50:00.637240 IP (tos 0x88, ttl 64, id 48907, offset 0, flags [none],
proto UDP (17), length 120)
---.51820 > ---.51821: [bad udp cksum 0x92e3 -> 0xefc7!] UDP, length
92
next prev parent reply other threads:[~2018-04-14 7:42 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-13 9:23 Riccardo Berto
2018-04-13 21:54 ` Jason A. Donenfeld
[not found] ` <33d0fd1f4c60919b98b50e2b9d04fe78@rcrdbrt.com>
2018-04-13 22:36 ` Riccardo Berto
2018-04-14 1:26 ` Jason A. Donenfeld
2018-04-14 7:56 ` Riccardo Berto [this message]
2018-04-14 23:19 ` Jason A. Donenfeld
2018-04-20 13:57 ` Riccardo Berto
2018-04-20 19:37 ` Jason A. Donenfeld
2018-04-20 19:39 ` Jason A. Donenfeld
2018-04-20 19:51 ` Jason A. Donenfeld
2018-04-20 20:31 ` Riccardo Berto
2018-04-25 11:46 ` Riccardo Berto
2018-04-25 11:51 ` Jason A. Donenfeld
2018-04-25 12:40 ` logcabin
2018-04-25 22:56 ` Riccardo Berto
2018-04-26 9:52 ` Riccardo Berto
-- strict thread matches above, loose matches on Subject: below --
2018-04-12 9:09 Riccardo Berto
2018-04-12 20:57 ` Eric Light
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9896807f0c6cbee1c7c99647a3c289cc@rcrdbrt.com \
--to=riccardo@rcrdbrt.com \
--cc=Jason@zx2c4.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).