test heartbeat tunnel option without actually creating tunnel
Shadow Hawkins on Friday, 15 July 2011 14:20:37
Hi,
I would like to use a heartbeat tunnel but terminate it on a server located behind my NATing router. I have read on the potential issues of not passing on protocol 41 correctly (or not at all) and would like to test whether this particular router passes protocol 41 correctly.
But, I would like to test this without actually requesting a heartbeat tunnel from SixXS because I don't want to needlessly lose credits when I have to change the tunnel type to AYIYA in case my router isn't passing protocol 41.
Is there a way to create protocol 41 test data which I can then try to detect using tcpdump/Wireshark on my inside server?
regards,
Bodo
test heartbeat tunnel option without actually creating tunnel
Jeroen Massar on Friday, 15 July 2011 14:27:36
hping3 is the tool you would need for this, but you also need a host on the outside of your NAT to send those packets to and to see if they arrive AND then of course send them back from there.
There is a much easier solution to all of this though: Use an AYIYA tunnel ;)
test heartbeat tunnel option without actually creating tunnel
Shadow Hawkins on Saturday, 16 July 2011 15:36:43
Thanks for pointing me towards hping3. I successfully used thsi to verify my router is in fact blocking protocol 41 (or in fact anything except TCP and UDP) no matter what I configure.
For the records, hping3 -0 <destination> -H 41 -d 10 will send raw IP packets with protocol 41 and tcpdump -i <interface> ip proto 41 will show those packets.
So I went ahead and tried to request an AYIYA tunnel, but unfortunately al I get is a 504 Gateway Timeout error. I'll try again tomorrow, hopefully it's a temporary problem.
test heartbeat tunnel option without actually creating tunnel
Carmen Sandiego on Friday, 15 July 2011 15:47:56
Just give me your IP and I'll set sit tunnel towards your address sending packets into it - you should be getting those packets on your side.
Posting is only allowed when you are logged in. |