Bsrgvty

Suppose I capture encrypted data that I want to decrypt. Could I use a server farm to decrypt?

Miniseries in post-rapture US with good/evil conflict

Does my workplace lack guidance or is it my lack of skills?

Bought a book that is in the public domain ... but the T&A of company says I can't redistribute it

Threatening to discontinue a service for a client

Does USB version speed matter for input devices?

Exactly what color was the text on monochrome terminals with green-on-black and amber-on-black screens?

Who is Gail Gasram?

What can I do if one employer used offer letter from first company against me?

Why, in the US, are politicians tried by other politicians?

Can Teflon thread tape be reused?

Can a Rogue exploit a tiny familiar for automatic Sneak Attack in melee?

What world is this where 6 + 6 = 10?

How to equalize the chance of throwing the highest dice? (Riddle)

Contacted by head of school regarding an issue - should I be worried?

What does "Massage with salt" mean in a recipe?

Do gray aliens exist in Star Trek?

What will happen to a ball kept on a frictionless inclined plane?

Dollar cost averaging vs buy low/sell high

How can medieval knights protects themselves against modern guns?

What is the meaning of the Latin names of grammatical cases (in general, not in Latin)?

Horizontal alignment of matrix in an array by using llap and phantom

C - wrapping globals in a struct?

What's the -nym for describing a time of day or a period of time?

Problem accessing services through the private IP on multihomed server

Unable to ping et1 - routing issueHow do I link my eth1 network card to my DNS?How to get VPN internal traffic and external internet traffic to work simultaneouslyCan't access any remote network routes using OpenVPN clientUsing SSH when behind VPNRouting problem in Ubuntu server 17.10Need to connect to the internet from private Virtual Machine on the cloud through a local server with internet accessHow I can configure my Intranet-connecting VPN connention not to be used for connecting into anything outside of it?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;

0

I've got such an strange behaviour in a Ubuntu 18.04.3 LTS with latest updates:

Introduction:

It's a multihomed server with a public IP for public services and a private IP on a second adapter for comunications like SSH. I've set up an IPSec tunnel (pfSense) that is working fine, so that I can SSH to all my servers on that private LAN.

The facts:

Periodically, after several days working fine it happens that:

• 1) I can't connect to any service from my VPN IP to the private IP address




• 2) If I restart the VPN client or the VPN service it doesn't solve




• 3) If I restart the SSH service it doesn't solve. It also happens with nginx, for example. Service restarts don't solve it.




• 4) I neither can connect to new services on new ports from the previously told IPs source/destination




• 5) When the problem is happening other servers in that private LAN are not affected and you can connect from those servers to the SSH service of this affected server without problems. For example: my monitoring software is not showing any alert because it can connect to the services on its private IP without any problem.




• 6) If I capture network traffic (tcpdump) I see that the first "SYN" packet is really reaching the server, but he server is not replying with the SYN/ACK packet as expected. So, the communication is never stablished.




• 7) I can't find any error message anywhere




• 8) the static network route for VPN Network isn't lost, 'netstat -rn' shows the same routes




• 9) the server is idle




• 10) It's not using any local firewall like iptables




• 11) To solve it I just have to put the network interface down and up (ifconfig eth1 down; ifconfig eth1 up), or reboot the server.

My assumptions

• it can't be a IPSec problem because of facts #5 and #6


• it can't be related to the software of the service (SSH) because of fact #3


• it can't be related to network routes because of facts #6 and #8


• it's not a performance probem, because of fact #9

It looks like a TCP/IP network stack problem but it would happen to more people and it should be solved in patches.

Can any body help me, please?
Thanks in advance!

networking

share|improve this question

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

add a comment
 | 

0

I've got such an strange behaviour in a Ubuntu 18.04.3 LTS with latest updates:

Introduction:

It's a multihomed server with a public IP for public services and a private IP on a second adapter for comunications like SSH. I've set up an IPSec tunnel (pfSense) that is working fine, so that I can SSH to all my servers on that private LAN.

The facts:

Periodically, after several days working fine it happens that:

• 1) I can't connect to any service from my VPN IP to the private IP address




• 2) If I restart the VPN client or the VPN service it doesn't solve




• 3) If I restart the SSH service it doesn't solve. It also happens with nginx, for example. Service restarts don't solve it.




• 4) I neither can connect to new services on new ports from the previously told IPs source/destination




• 5) When the problem is happening other servers in that private LAN are not affected and you can connect from those servers to the SSH service of this affected server without problems. For example: my monitoring software is not showing any alert because it can connect to the services on its private IP without any problem.




• 6) If I capture network traffic (tcpdump) I see that the first "SYN" packet is really reaching the server, but he server is not replying with the SYN/ACK packet as expected. So, the communication is never stablished.




• 7) I can't find any error message anywhere




• 8) the static network route for VPN Network isn't lost, 'netstat -rn' shows the same routes




• 9) the server is idle




• 10) It's not using any local firewall like iptables




• 11) To solve it I just have to put the network interface down and up (ifconfig eth1 down; ifconfig eth1 up), or reboot the server.

My assumptions

• it can't be a IPSec problem because of facts #5 and #6


• it can't be related to the software of the service (SSH) because of fact #3


• it can't be related to network routes because of facts #6 and #8


• it's not a performance probem, because of fact #9

It looks like a TCP/IP network stack problem but it would happen to more people and it should be solved in patches.

Can any body help me, please?
Thanks in advance!

networking

share|improve this question

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

add a comment
 | 

I've got such an strange behaviour in a Ubuntu 18.04.3 LTS with latest updates:

Introduction:

It's a multihomed server with a public IP for public services and a private IP on a second adapter for comunications like SSH. I've set up an IPSec tunnel (pfSense) that is working fine, so that I can SSH to all my servers on that private LAN.

The facts:

Periodically, after several days working fine it happens that:

• 1) I can't connect to any service from my VPN IP to the private IP address




• 2) If I restart the VPN client or the VPN service it doesn't solve




• 3) If I restart the SSH service it doesn't solve. It also happens with nginx, for example. Service restarts don't solve it.




• 4) I neither can connect to new services on new ports from the previously told IPs source/destination




• 5) When the problem is happening other servers in that private LAN are not affected and you can connect from those servers to the SSH service of this affected server without problems. For example: my monitoring software is not showing any alert because it can connect to the services on its private IP without any problem.




• 6) If I capture network traffic (tcpdump) I see that the first "SYN" packet is really reaching the server, but he server is not replying with the SYN/ACK packet as expected. So, the communication is never stablished.




• 7) I can't find any error message anywhere




• 8) the static network route for VPN Network isn't lost, 'netstat -rn' shows the same routes




• 9) the server is idle




• 10) It's not using any local firewall like iptables




• 11) To solve it I just have to put the network interface down and up (ifconfig eth1 down; ifconfig eth1 up), or reboot the server.

My assumptions

• it can't be a IPSec problem because of facts #5 and #6


• it can't be related to the software of the service (SSH) because of fact #3


• it can't be related to network routes because of facts #6 and #8


• it's not a performance probem, because of fact #9

It looks like a TCP/IP network stack problem but it would happen to more people and it should be solved in patches.

Can any body help me, please?
Thanks in advance!

networking

share|improve this question

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

share|improve this question

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

share|improve this question

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges

asked Sep 14 at 22:12

AngelAngel

15433 bronze badges