Answer the question
In order to leave comments, you need to log in
A
A
AlexeyMish2017-08-16 14:11:50
AlexeyMish, 2017-08-16 14:11:50
How to set up Softether on a remote server?
Good afternoon. The problem is with Softether, more precisely, not so much with it, but with connecting clients to it. Adjusted according to the description . I tried to put it on a server in the Google cloud and in the cloud from Amazon, on different distributions. In all cases the problem is the same. The client connects but does not receive an ip address.
Perhaps an important point, eth0 receives the address via dhcp.
Config on the example of amazon.
ifconfig
spoiler
eth0: flags=4419 mtu 1500
inet 172.31.43.171 netmask 255.255.240.0 broadcast 172.31.47.255
inet6 fe80::4f5:9fff:fea6:b916 prefixlen 64 scopeid 0x20
ether 06:f5:9f:a6:b9:16 txqueuelen 1000 (Ethernet)
RX packets 9587 bytes 1833640 (1.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 27678 bytes 4123030 (3.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1 (Local Loopback)
RX packets 64 bytes 5920 (5.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 5920 (5.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap_softether: flags=4163 mtu 1500
inet6 fe80::2ac:4fff:fee5:9bc8 prefixlen 64 scopeid 0x20
ether 00:ac:4f:e5:9b:c8 txqueuelen 1000 (Ethernet)
RX packets 1981 bytes 162880 (159.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 4038 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
inet 172.31.43.171 netmask 255.255.240.0 broadcast 172.31.47.255
inet6 fe80::4f5:9fff:fea6:b916 prefixlen 64 scopeid 0x20
ether 06:f5:9f:a6:b9:16 txqueuelen 1000 (Ethernet)
RX packets 9587 bytes 1833640 (1.7 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 27678 bytes 4123030 (3.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1 (Local Loopback)
RX packets 64 bytes 5920 (5.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 64 bytes 5920 (5.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap_softether: flags=4163 mtu 1500
inet6 fe80::2ac:4fff:fee5:9bc8 prefixlen 64 scopeid 0x20
ether 00:ac:4f:e5:9b:c8 txqueuelen 1000 (Ethernet)
RX packets 1981 bytes 162880 (159.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 4038 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
iptables -L -n
spoiler
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT udp -- 10.8.0.0/24 0.0.0.0/0 udp dpt:53
ACCEPT icmp -- 10.8.0.0/24 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:500
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4500
syn_flood tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 10.8.0.0/24 10.8.0.0/24
Chain OUTPUT (policy DROP)
target prot opt source destination
DROP icmp -- !127.39.95.47 !127.202.17.202 icmptype 3 code 3 connmark match ! 0x49ddb20f
DROP tcp -- !127.164.71.136 !127.179.167.180 tcp spts:61001:65535 flags:0x04/0x04 connmark match ! 0x3da56740
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
Chain syn_flood (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 500/sec burst 2000
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT udp -- 10.8.0.0/24 0.0.0.0/0 udp dpt:53
ACCEPT icmp -- 10.8.0.0/24 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:500
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:4500
syn_flood tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 10.8.0.0/24 10.8.0.0/24
Chain OUTPUT (policy DROP)
target prot opt source destination
DROP icmp -- !127.39.95.47 !127.202.17.202 icmptype 3 code 3 connmark match ! 0x49ddb20f
DROP tcp -- !127.164.71.136 !127.179.167.180 tcp spts:61001:65535 flags:0x04/0x04 connmark match ! 0x3da56740
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED
Chain syn_flood (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 500/sec burst 2000
There is nothing in the dnsmasq logs. Those. it seems that it does not even try to distribute addresses. Despite the configuration file, the configuration file
spoiler
interface=tap_softether
dhcp-range=tap_softether,10.8.0.2,10.8.0.200,12h
dhcp-option=tap_softether,3,10.8.0.1
server=8.8.8.8
dhcp-range=tap_softether,10.8.0.2,10.8.0.200,12h
dhcp-option=tap_softether,3,10.8.0.1
server=8.8.8.8
I also tried just SecureNAT (without a bridge)
the picture is the same, there is a connection, there is no ip address.
Tell me which way to dig.
Similar questions
D
V
V
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question