[pptp-server] ppp0 active, ping times out on client.

Kurt E. Van Delden kvandel at cs.duke.edu
Sat Jan 8 22:40:14 CST 2000 

Hello,

I have a cable modem setup proxing for an internal network.
Server Linux, Mandrake 6.1, 2.2.14, ipchains for NAT.
(Authentication works....see log below)

The client(win98 SE w/128 update) appears to be generating
traffic:

[root at sundance ~]# tcpdump -i ppp0 tcpdump: listening on ppp0
09:38:46.177123 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:47.677378 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:51.248371 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197 
09:38:53.517693 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197 
09:38:53.677288 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68 
09:38:54.497345 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm: udp
197 
09:38:55.177520 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp
68 
09:38:55.507633 10.0.0.111.netbios-dgm > 10.255.255.255.netbios-dgm:
udp 197 
09:38:56.518206 10.0.0.111.netbios-dgm >10.255.255.255.netbios-dgm: udp 197 
09:38:56.676698 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:57.508123 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:58.976741 10.0.0.111.netbios-ns > 10.0.0.2.netbios-ns: udp 68
09:38:59.728000 216.54.130.135.netbios-ns > 10.0.0.3.domain: 416+
A? COWBOY.vand--cut

However, no traffic returns.. The client side times out on ping.
(PS I know there are no ping requests in the above trace, but they
do appear when I initiate the ping on the client)

/var/log/messages

Jan 8 09:36:50 sundance pptpd[2699]: CTRL: Client 216.54.130.135 control
connec tion started
Jan 8 09:36:51 sundance pptpd[2699]: CTRL: Starting call (launching pppd,
openi ng GRE) 
Jan 8 09:36:51 sundance pppd[2700]: pppd 2.3.10 started by root, uid 0 
Jan 8 09:36:51 sundance pppd[2700]: Using interface ppp0 
Jan 8 09:36:51 sundance pppd[2700]: Connect: ppp0 <--> /dev/pts/4 
Jan 8 09:36:51 sundance pppd[2700]: MSCHAP-v2 peer authentication 
succeeded for xxxx\xx 
Jan 8 09:36:52 sundance pppd[2700]: found interface eth0 for proxy arp 
Jan 8 09:36:52 sundance pppd[2700]: local IP address 10.0.0.100
Jan 8 09:36:52 sundance pppd[2700]: remote IP address 10.0.0.111
Jan 8 09:36:52 sundance pppd[2700]: MPPE 128 bit, stateless compression 
enabled  

Notes on installation: 
ppp-2.3.10 w/ Daniel'spatch for MPPE
**** additional patch by Paul Janzen failed to apply.(This is likely
it...) (after looking at the patch)

More information and thoughts
Ifconfig: eth0(internal 10.) eth1(Internet Routable) 

eth0 Link encap:Ethernet HWaddr 00:60:08:41:57:FF
          inet addr:10.0.0.3 Bcast:10.255.255.255 Mask:255.0.0.0
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:617742 errors:0 dropped:0 overruns:0 frame:0
          TX packets:713374 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:11 Base address:0xec00

eth1 Link encap:Ethernet HWaddr 00:40:33:99:EA:DE
          inet addr:24.28.135.253 Bcast:255.255.255.255 Mask:255.255.255.0
          UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:13585 errors:0 dropped:0 overruns:0 frame:4
          TX packets:13621 errors:0 dropped:0 overruns:0 carrier:0
          collisions:28 txqueuelen:100
          Interrupt:12 Base address:0xe800
 
lo Link encap:Local Loopback
          inet addr:127.0.0.1 Mask:255.0.0.0
          UP LOOPBACK RUNNING MTU:3924 Metric:1
          RX packets:726 errors:0 dropped:0 overruns:0 frame:0
          TX packets:726 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
 
ppp0 Link encap:Point-to-Point Protocol
          inet addr:10.0.0.101 P-t-P:10.0.0.112 Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
          RX packets:62 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10                                         

Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 
10.0.0.3    0.0.0.0       255.255.255.255 UH 0 0 0 eth0 
10.0.0.112  0.0.0.0       255.255.255.255 UH 0 0 0 ppp0 
24.28.135.0 0.0.0.0       255.255.255.0 U 0 0 0 eth1
10.0.0.0    0.0.0.0       255.0.0.0 U 0 0 0 eth0 
127.0.0.0   0.0.0.0       255.0.0.0 U 0 0 0 lo
0.0.0.0     24.28.135.1   0.0.0.0         UG        0 0          0
eth1                                   

pppd options 
name sundance 
auth 
+chap 
+chapms 
+chapms-v2 
mppe-40 
mppe-128
mppe-stateless 
proxyarp 
ms-wins 10.0.0.2 
ms-dns 10.0.0.3
netmask 255.255.255.255                                                                                         

Ping output from server to client 
[root at sundance ~]# ping 10.0.0.111 
PING 10.0.0.111 (10.0.0.111): 56 data bytes 
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1 
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1 
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1 
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1 
ping: sendto: Operation not permitted 
ping: wrote 10.0.0.111 64 chars, ret=-1 

--- 10.0.0.111 ping statistics ---
6 packets transmitted,
0 packets received, 
100% packet loss

Final thought.. I beleive everybodies first intuition
is going to be the ipchain rules.  I've checked them.
I can provide them if required.(They are long)
I have even cleared the system chains, and set accept policies
on the empty chains to eliminate the possibility of problems
from ipchains.

thanks a bunch,
kurt

More information about the pptp-server mailing list