OpenVPN and OpenVPN Access server when i use, can that cause turnserver and turnclient confuse?
540 views
Skip to first unread message
Sprogrammer
Jan 22, 2014, 6:45:27 AM1/22/14
to turn-server-project...@googlegroups.com
In my laptop i am running some VPN server + 3G/4G interfaces for my research/study. strongSwan server/client, OpenVPN client, and OpenVPN access server therefore, in my laptop i have lot of virtual network interfaces for example:
A) with VPN
root@sun-M14xR2:~/Downloads# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether d4:be:d9:55:91:4a brd ff:ff:ff:ff:ff:ff
inet 82.xxxxxxxx/29 brd 82.143.xxxxx scope global eth0
inet6 fe80::d6be:d9ff:fe55:914a/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN qlen 1000
link/ether 68:5d:43:f1:88:f8 brd ff:ff:ff:ff:ff:ff
4: as0t0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.0.1/24 brd 5.5.0.255 scope global as0t0
5: as0t1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.1.1/24 brd 5.5.1.255 scope global as0t1
6: as0t2: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.2.1/24 brd 5.5.2.255 scope global as0t2
7: as0t3: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.3.1/24 brd 5.5.3.255 scope global as0t3
8: as0t4: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.4.1/24 brd 5.5.4.255 scope global as0t4
9: as0t5: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.5.1/24 brd 5.5.5.255 scope global as0t5
10: as0t6: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.6.1/24 brd 5.5.6.255 scope global as0t6
11: as0t7: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.7.1/24 brd 5.5.7.255 scope global as0t7
12: as0t8: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.8.1/24 brd 5.5.8.255 scope global as0t8
13: as0t9: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.9.1/24 brd 5.5.9.255 scope global as0t9
14: as0t10: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.10.1/24 brd 5.5.10.255 scope global as0t10
15: as0t11: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.11.1/24 brd 5.5.11.255 scope global as0t11
16: as0t12: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.12.1/24 brd 5.5.12.255 scope global as0t12
17: as0t13: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.13.1/24 brd 5.5.13.255 scope global as0t13
18: as0t14: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.14.1/24 brd 5.5.14.255 scope global as0t14
19: as0t15: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 200
link/none
inet 5.5.15.1/24 brd 5.5.15.255 scope global as0t15
B) while being connected with another peer and i can see in turnserver i have lot of ip (including my VPN ip's)
> ps
1) id=003000000000000054, user <root>:
started 83 secs ago
expiring in 517 secs
client protocol TCP, relay protocol UDP
client addr 82.xxxx:61095, server addr 82.xxxxx:3478
relay addr 82.xxxx:52813
fingerprints enforced: OFF
mobile: OFF
SHA256 only: OFF
usage: rp=849, rb=121392, sp=213, sb=31964
rate: r=0, s=0, total=0 (bytes per sec)
peers:
5.5.13.1
5.5.15.1
5.5.2.1
5.5.5.1
5.5.6.1
5.5.11.1
5.5.9.1
5.5.8.1
82.xxxxx
5.5.10.1
82.xxxxxx
5.5.14.1
5.5.0.1
5.5.3.1
5.5.4.1
5.5.1.1
5.5.12.1
5.5.7.1
Total sessions: 1
> ps
Total sessions: 0
> q
C) When i have the situation like shown A, B then WebRTC do not connect shows "Connecting...." but never connects
D) When i removed openvpn access server from my laptop , it works fine
Can you please advise if its a normal behavior, that connection is unable to get established sometimes and sometimes it still get connected even having all my VPN running?
Thank you so much.
Best regards
/Sham
Sprogrammer
Jan 22, 2014, 8:50:07 AM1/22/14
to turn-server-project...@googlegroups.com
Right now i had very strange issue. Let me describe it in details
A) Public Internet i have with static dedicated Public IP connected to DrayTek Vigor 2920 (enterprise router)
B) Behind the router Dell R310 CentOS 64-bit running WebRTC + Turnserver with Public IP no NAT:82.x.x.20
C) from DrayTek router my PC straight cable connected with Public IP no NAT: 82.x.x.18
D) from DrayTek router Wifi Smartphone connected with NAT: 192.168.1.11 lan and public ip is: 82.x.x.17
C) To avoid confusion:
- I have disabled my laptop Peer 1 VPN, VPN access server, 3G/4G interfaces and only kept my laptop with real Public IP (no NAT involved)
- Turnserver with Public IP (no NAT involved)
- Smart phone Samsung Galaxy S4 Android with Chrome version 31x, is connected WiFi
D) Problem: PC And Smartphone connecting but never connects shows connecting..., but in Turnserver i see as below:
> ps
1) id=002000000000000057, user <root>:
started 10 secs ago
expiring in 590 secs
client protocol TCP, relay protocol UDP
client addr xxx.17:47540, server addr xxx.20:3478
relay addr xxx.20:65340
fingerprints enforced: OFF
mobile: OFF
SHA256 only: OFF
usage: rp=22, rb=2304, sp=19, sb=1512
rate: r=0, s=0, total=0 (bytes per sec)
peers:
xxx.20
xxx.18
2) id=001000000000000063, user <root>:
started 10 secs ago
expiring in 590 secs
client protocol TCP, relay protocol UDP
client addr xxx.18:49206, server addr xxx.20:3478
relay addr xxx.20:55437
fingerprints enforced: OFF
mobile: OFF
SHA256 only: OFF
usage: rp=68, rb=6992, sp=67, sb=5160
rate: r=0, s=0, total=0 (bytes per sec)
peers:
192.168.1.11
xxx.20
xxx.17
Total sessions: 2What is causing the connection to be failure? I have retried several time but same result connection failed, when i do not use TurnServer it works (very confused).
Oleg Moskalenko
Jan 22, 2014, 12:11:48 PM1/22/14
to turn-server-project...@googlegroups.com
Shamun, that's very difficult to diagnose this kind of problem remotely. Unfortunately, to find out what is going on you have to run the wireshark and see what is happening in your network, from the TURN point of view and from the TURN clients point of views.
Regards,
Oleg
Regards,
Oleg
Sprogrammer
Jan 23, 2014, 11:25:31 AM1/23/14
to turn-server-project...@googlegroups.com
Dear Oleg,
One thing is very clear. Putting the WebRTC Signaling + TurnServer really somewhere in the Public network where no firewall is involved, and no NAT involved is the rule of thumbs to do in step 1. else all gets messed up.
Even i had so many network interfaces it worked.
But as soon as Servers are getting some NAT issues then everything is lost it just does not work as it should be.
Many thanks, for your feedback.
Best regards
/Sham
Reply all
Reply to author
Forward
0 new messages