Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Magui]

Since Xaignar's patch aMule sets the address for outgoing connections too.

edit:   I forgot to reply to this.  One thing that hasn't changed is that when I start up amule, and it establishes connections with some previously-known sources for some files that I have in my download list, it ignores the bind address, and just uses the default interface, eth1.  I also see that a few clients downloading from me, once they come out of the queue, will also use eth1 for these downloads.  The majority of clients downloading from me are using ppp0, but a few are not.  Of these few, I can't see any pattern among them that would lead to them using eth1.  I think these are all out-going connections.  So I think I have a hole somewhere, but I have no idea where it is.  One thing I haven't tried yet is to actually start a new download, and see how that goes.  I get so caught up in watching the packet-capture data that I keep forgetting to try this.  I'm curious about what will happen, so I wil give it a try later. 

This is what I'm using now:

aMule SVN Snapshot:
 Thu Jan 24 07:01:57 CET 2008

I am not sure your routing table / NAT will work, it looks a complicated setup. What exactly are you trying to do? Make aMule use only ppp0, while the other programs use eth1? Or make incomming packets go through a different interface from the outgoing packets?

Yeah, it does look a bit complicated.  I mostly copied the routing set-up from this page:  http://lartc.org/howto/lartc.rpdb.multiple-links.html
The iptables stuff I cobbled together myself by trial and error, while I was trying to get Azureus to work with this set-up.  There's a really great sketch of how the various tables in iptables work together here:  http://iptables-tutorial.frozentux.net/chunkyhtml/c962.html (scroll down to the bottom of the page).  I used this sketch as a guide in putting the iptables rules together.

Your first guess was right.  I want amule (and Azureus too, when I'm using it) to use only ppp0, while all my other network traffic uses the default routing/interface, through eth1.  As things are right now, Azureus works just fine with this set-up.  I'm running it right now, actually.  Azureus has a bind-address feature that I must use for this to work.  I assumed that the bind-address in amule worked exactly the same way.

One other thing is that, I have some rules in the mangle and the nat tables that match on several source/destination ports (6543,4232,4242,4321,4661,4662,5000).  These rules have nothing to do with Azureus.  They are for amule only, and those ports are supposed to be the listening ports for several of the edk2k servers in my server-list.  I added these rules because at one point, I was having trouble getting high-ID with all ed2k servers.  All of them kept telling me that my connection was "firewalled", and gave me a lowID.  With these rules in place, I get a high-ID every time I connect, and amule shows that I'm connected to the ed2k server through the correct interface, ppp0.

Phoenix, I appreciate that you took the time to look my long post over.  Now that you understand what I'm trying to do, if you know of a simpler way to do this (to get amule to stop using the default interface, and use some other interface of my choice), I would gladly try it out.  I just didn't see any other way of doing this.  And, besides, I already got this set-up to work for Azureus, and I thought it would be really straight-forward to use it for amule too.  I don't actually know what I'm doing, I'm not a networking guru, or anything.  I'm just trying to get amule to behave in a certain way, that's all.

Right now, I'm thinking of adding yet another rule to the mangle table, using the "owner" module in iptables, with the "userID" match.  I'm hoping that maybe this match will allow me to use a username match.  So, I would create a new user account on my machine called "amule", and then run amule as this user, and also do something similar to the following:

Code: [Select]

$ sudo iptables -t mangle -A OUTPUT --match owner --uid-owner amule -j MARK --set-mark 1
What this rule should do is add a mark "1" to all packets generated by the user "amule", which should then force the packets into ppp0.  I have no idea if such a rule is possible.  If it's possible, I have no idea if it will work.  But after spending time looking through the manpage for iptables, I don't have a better idea.  I'll do some more reading about this later.

[Magui]

I tried downloading a file in amule, to see what would happen.  I ended up downloading it from two sources.  Mixed results:  I downloaded from one source in ppp0, and from the other source in eth1.

I'm grasping at straws here, but I thought I'd bring this up anyway.  From the way amule/emule work, I understand that Kad uses UDP and is really supposed to provide a decentralized (server-less) way of finding sources for files.  All downloading/uploading still happens using TCP.  Is it possible that, when my client acquires a source through UDP, and then initiates a TCP connection with this source, that it ignores the bind address in this case?  Or does it still strictly follow Xaignar's patch, to always check for a bind-address before initiating any connection?

If this question is stupid, I apologize.  Like I said, I'm grasping at straws.  I know my client is misbehaving sometimes in these outgoing connections (the majority of connections continue to use ppp0).  I'm just struggling to find some cause that is triggering this misbehavior (I assume it's not just random).

[phoenix]

Magui,

I don't think you are doing anything wrong. But messing with NAT and routing tables is tricky.

In principle, we should have closed all the possibilities, but we can deduce from your results that there is something escaping.

You could do some tests. First, disable all the other sockets and test one network at a time. See if there is a situation where you don't get mixed sources.

We have the listening socket bound to an interface, so it is unlikely that these connections are incomming. The other possibility is that somewhere in the code aMule still uses an unbound socket to connect. Could you use wireshark to follow one of these connections since its begining to be sure of who initiated it? Also, if you can disable obfuscation, maybe wireshark is able to dissect ed2k and give us some more information.

Another thing, make sure that NAT is not fooling you somehow. Use only the strict necessary rules for your setup.

[Magui]

Magui,

I don't think you are doing anything wrong. But messing with NAT and routing tables is tricky.

Yeah, I have to agree with you here.  The iptables stuff is mostly stuff I guessed at and adjusted and re-adjusted until I got azureus to work.  But I was pretty lost on how to do the routing until I came upon the one webpage that explained how to set up multiple routes

In principle, we should have closed all the possibilities, but we can deduce from your results that there is something escaping.

Yeah, I think of it as a "hole".

You could do some tests. First, disable all the other sockets and test one network at a time. See if there is a situation where you don't get mixed sources.

I didn't understand what you meant by "disable all other sockets", but after reading "test one network at a time", I decided to try running amule with the UDP port disabled and Kad also disabled.

We have the listening socket bound to an interface, so it is unlikely that these connections are incomming. The other possibility is that somewhere in the code aMule still uses an unbound socket to connect. Could you use wireshark to follow one of these connections since its begining to be sure of who initiated it? Also, if you can disable obfuscation, maybe wireshark is able to dissect ed2k and give us some more information.

Yeah, I've been running with obfuscation disabled while I try to sort this out.  And it also appears to me that I am having no problems with incoming connections.  This mix-up with the interfaces seems to only happen with outgoing connections.

Anyway, I did notice something interesting a few minutes ago.

One client connected to my client (it sent a syn packet to my client) on the ppp0 interface, on the correct port, 44976.  A few TCP packets went back and forth, and then this connection was closed (I think this client entered my queue at this time).  About eight minutes later, my client sent a syn packet to this client, using the eth1 interface and port 55503 (just a random port, I guess).  This TCP exchange went much longer.  When I checked in amule, I was able to match the IP of this client in wireshark with the IP of a client in amule that had just come out of queue, and had begun downloading from me.  I noticed that this client was one of the first few to come out of queue, but two or three clients had come out of queue before it, and had also begun downloading.  I'm guessing they were downloading in pppo, because the packet-capture showed no downloading activity on eth1, aside from this client, and another one that I describe next.

I looked in the packet-capture for another pattern like this, and found the same thing happened with another client, at about the same time.  This other client also sent a syn packet to my client on ppp0, port 44976.  A short TCP exchange followed, and then was closed.  Nearly 10 minutes later, my client sent a syn packet to this other client using eth1, port 40980.  This TCP exchange went on until it ended with a bunch of "TCP Retransmission" packets.  Seeing this, I remembered that in amule, one of the first clients to come out of queue had begun downloading from me, and almost immediately disappeared.  Connection went bad, I guess.

All this happened after running amule for about a half-hour.  I don't have time to do much more of this right now, but I'll try come back to this tomorrow and let amule run longer and see if this happens again.  Probably also try downloading a file too, and see what happens.  The reason I noticed this today is that I set wireshark to capture all network traffic, not just traffic on eth1 (as I did previously).

Based just on this, it appears as if amule handles the bind-address differently when initiating connections with some clients in queue.  I had suspected something like this in the past few days, but I never could find anything about these clients that would cause this misbehavior in my client, while others just start downloading in pppo.  I'll have to look more closely at the queued clients that start downloading on ppp0, and see if that reveals anything.

Also, I couldn't get any more useful information about the problem of using eth1 on previously-known sources for some of my ongoing downloads.  The packet-capture only showed that, as soon as I connect to an ed2k server in amule, my client uses eth1 to send out syn packets to several IPs (the source-clients), and this initiates TCP connections with them, and my client gets into their download queues.  But I already knew this, so nothing new there.

Another thing, make sure that NAT is not fooling you somehow. Use only the strict necessary rules for your setup.

I'm not quite sure what you mean by NAT fooling me.  I think the nat rules that I have created in iptables are doing just what I want, and my previous testing indicates that packets tend to get lost without them.

By the way, I'm running:
 aMule SVN Snapshot:
 Sat Jan 26 07:01:58 CET 2008

I'll stop downloading these snap-shots for now:).  Like I said, I'll try to find time to do more of this tomorrow, and probably also start writing down the IPs of these clients.  When a few of them come out of queue at about the same time, and you look back through the packet-capture later, it can be a bit difficult to reconstruct which client was doing what and when.

[phoenix]

Magui,

Thank you very much for your time, you have given us a lot of information indeed. I hope we can find out the hole now. If you find something new, please do tell us.

Cheers!

[Magui]

I just wanted to add a few things.  I spent some more time running amule, tracking closely all clients that entered my queue for downloading.  Nearly all of them (6 or 7 clients, in about 45 minutes running amule) showed the behavior that I noted in my previous post.  They connect to me on pppo, get in queue, and then I connect to them on eth1, and I begin uploading to them.  One did not; this client actually downloaded from me on ppp0.  I looked at the packet-capture and saw that this client actually initiated the connection for beginning the download, so this was actually an incoming connection.  I can't really explain this; it's just what the packet-capture and amule both show.  This one client connected to me on ppp0, got into my queue, and then connected to me again a few minutes later on ppp0, to begin downloading.

I also tried downloading a file.  I ended up downloading it from 3 sources in total, all on pppo.  For one of the sources, I initiated the download connection.  The packet-capture actually shows a syn packet going from my client to this source.  For the other two sources, they initiated the download connection with me.  I got into the queues of a few other sources too.  For each of these sources, an outgoing connection from me used eth1.  Incoming connections from them used ppp0.

In summary:  incoming connections in amule always use ppp0 (the bind-address), and outgoing connections mostly use eth1 and occasionally use ppp0.

This is starting to get a little confusing to me.  Without knowing more about amule's code, I can't really figure out what amule is doing at all times, and how it decides when to use ppp0 or eth1.  I hope this additional information is less confusing to you.

Magui,

Thank you very much for your time, you have given us a lot of information indeed. I hope we can find out the hole now. If you find something new, please do tell us.

Cheers!

Actually, if you do manage to find something and even fix it, you'll be dong me a big favor.  I'm just glad that somebody else took the time to read my posts.  I'm willing to do this again, so if you want me to try another long packet-capture, or if you want me to save the packet-capture so you can look at it, let me know.

[Xaignar]

BTW Magui, what have you set the value of the "Bind address" setting to?

[Magui]

BTW Magui, what have you set the value of the "Bind address" setting to?

Well, it changes from time to time, because the connection gets broken.

Anyway, this is the output of 'ifconfig' at the moment on my machine

Code: [Select]

$ sudo ifconfig
eth1      Link encap:Ethernet  HWaddr 00:a0:cc:a2:9c:ab 
          inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::2a0:ccff:fea2:9cab/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:35163054 errors:0 dropped:0 overruns:0 frame:0
          TX packets:45673018 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:442312180 (421.8 MiB)  TX bytes:1773990012 (1.6 GiB)
          Interrupt:11 Base address:0x6000

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:658541 errors:0 dropped:0 overruns:0 frame:0
          TX packets:658541 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:169548348 (161.6 MiB)  TX bytes:169548348 (161.6 MiB)

ppp0      Link encap:Point-to-Point Protocol 
          inet addr:83.233.181.69  P-t-P:83.233.181.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1400  Metric:1
          RX packets:20363 errors:0 dropped:0 overruns:0 frame:0
          TX packets:18390 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:10852368 (10.3 MiB)  TX bytes:8938926 (8.5 MiB)

The IP address that I use for "Bind Address" in amule is the same as the IP in the 'inet addr' field under the information for ppp0.  Right now, I have amule's bind-address set as 83.233.181.69.  When my ppp connection goes down (happens once every few days), and I re-connect, this IP usually changes, and I have to re-do the iptables set-up and change the bind-address in amule too.

[rpsmith]

Hi folks.  Was anyone able to solve this problem and get both incoming and outgoing connections bound to the user-specified bind address?

Here's another possibility for why it might not be working: maybe the wxSocketBase::SetLocal function is broken somehow?

[rpsmith]

I just thought of something.  This might be why bind() is not working the way we expect.  Bind assigns the source address of the IP packets coming from the socket.  It doesn't specify which interface card the computer uses to send the packet.  The computer normally routes packets by destination, so the computer can choose to send the packet out of the wrong interface even after the socket is "bound".

The way to solve this problem would be to use source-based (policy-based) routing.  This would make the computer route the packet to the proper NIC based on the source address that has been assigned by the socket bind() call, which is the behavior we are looking for.  A couple commands to iproute2 should do it, I think.  Similar to the commands described here:

http://www.linuxjournal.com/article/7291