| 1 |
Am 10.10.2013 10:30, schrieb Adam Carter: |
| 2 |
> On the ipfire router. A quick google turns up commands like: ip route get |
| 3 |
> <IP> and ip route list cache match <IP> and if a redirected route exists, |
| 4 |
> it is labelled that way in the output of such commands. |
| 5 |
> |
| 6 |
> If this is happening, it will be triggered by any traffic is forwarded to |
| 7 |
> 10.96.25.1. Also, it shouldnt cause any problems. Other than a traceroute |
| 8 |
> output not quite being what you expect, is there any problem? If |
| 9 |
> everything's good dont worry about it (unless your curiosity is piqued). |
| 10 |
|
| 11 |
Unfortunately not everything is good. I get strange timeouts for libvirt |
| 12 |
connections and also for scp ... what is special is that I can ssh the |
| 13 |
servers there quite stable ... same VPN, same config. |
| 14 |
|
| 15 |
For example I try to scp a small regfile: |
| 16 |
|
| 17 |
|
| 18 |
Authenticated to 10.96.25.130 ([10.96.25.130]:22). |
| 19 |
debug1: HPN to Non-HPN Connection |
| 20 |
debug1: Final hpn_buffer_size = 2097152 |
| 21 |
debug1: HPN Disabled: 0, HPN Buffer Size: 2097152 |
| 22 |
debug1: channel 0: new [client-session] |
| 23 |
debug1: Enabled Dynamic Window Scaling |
| 24 |
|
| 25 |
debug1: Entering interactive session. |
| 26 |
debug1: Sending command: scp -v -t -- /tmp |
| 27 |
Sending file modes: C0644 6943 sgw.reg |
| 28 |
Sink: C0644 6943 sgw.reg |
| 29 |
sgw.reg |
| 30 |
100% 6943 6.8KB/s |
| 31 |
6.8KB/s 00:00 |
| 32 |
debug1: client_input_channel_req: channel 0 rtype keepalive@×××××××.com |
| 33 |
reply 1 |
| 34 |
debug1: client_input_channel_req: channel 0 rtype keepalive@×××××××.com |
| 35 |
reply 1 |
| 36 |
debug1: client_input_channel_req: channel 0 rtype keepalive@×××××××.com |
| 37 |
reply 1 |
| 38 |
Received disconnect from 10.96.25.130: 2: Timeout, your session not |
| 39 |
responding. |
| 40 |
lost connection |
| 41 |
|
| 42 |
|
| 43 |
I even downgraded to openssh-5.9 here just to rule out the unstable 6.2 |
| 44 |
(with 6.2 I am not even able to ssh ...) |
| 45 |
|
| 46 |
I just wrote my related questions to my contact there and wait for him |
| 47 |
to forward them to the internal network admins. |
| 48 |
|
| 49 |
Maybe the routing back to their IPSEC-gw is flaky or something ... |
| 50 |
|
| 51 |
S |
Archives