Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http connection failed #373

Open
neighbour7 opened this issue Jan 19, 2022 · 13 comments
Open

http connection failed #373

neighbour7 opened this issue Jan 19, 2022 · 13 comments
Labels
Status: Stuck Development paused due to unavailable external input Support User needs help

Comments

@neighbour7
Copy link

Configure the network according to the example of Stateful NAT64 on the official website, you can send and accept icmp, but http cannot

env:
ubuntu18
iptables
tcpdump error message:
64:ff9b::203.0.113.16 cannot route
@ydahhrk
Copy link
Member

ydahhrk commented Jan 19, 2022
edited
Loading 

$ wget http://[64:ff9b::203.0.113.16]/archive.7z
--2022-01-19 08:06:07--  http://[64:ff9b::203.0.113.16]/archive.7z
Connecting to 64:ff9b::203.0.113.16 (64:ff9b::203.0.113.16)|64:ff9b::cb00:7110|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 537304 (525K) [application/x-7z-compressed]
Saving to: ‘archive.7z’

archive.7z      100%[======>] 524.71K  --.-KB/s    in 0.008s  

2022-01-19 08:06:07 (65.1 MB/s) - ‘archive.7z’ saved [537304/537304]

Works fine for me.

tcpdump error message:
64:ff9b::203.0.113.16 cannot route

Works fine for me:

$ sudo tcpdump -ni vboxnet0 host 64:ff9b::203.0.113.16
08:13:24.029469 IP6 64:ff9b::cb00:7110.80 > 2001:db8::8.44632: Flags [S.], seq 727844829, ack 1135569178, win 65160, options [mss 1460,sackOK,TS val 2525517162 ecr 198001399,nop,wscale 7], length 0
(...)

Environment:

$ uname -a
Linux ubuntu18 4.15.0-163-generic #171-Ubuntu SMP Fri Nov 5 11:55:11 UTC 2021 x86_64 x86_64 GNU/Linux

@neighbour7
Copy link
Author

I tried several times and failed 😖

@ydahhrk
Copy link
Member

ydahhrk commented Jan 20, 2022
edited
Loading

  • What's the output of ip address in all three nodes?
  • What's the output of ip route in all three nodes?
  • What's the output of ip -6 route in all three nodes?
  • Can A ping T?
  • Can V ping T?
  • What's the output of sudo jool global display in T?

@neighbour7
Copy link
Author

ip address ip route ip -6 route no problem
A can png V
A can ping T
V can ping T
sudo jool global display output: This namespace lacks an instance named 'default'

@neighbour7
Copy link
Author

A is manjaro, V is Windows10, T is ubuntu18

@neighbour7
Copy link
Author

T

ip r:

203.0.113.0/24 dev enp5s0 proto kernel scope link src 203.0.113.1

ip -6 r:

2001:db8::/96 dev enp6s0 proto kernel metric 256 pref medium
fe80::/64 dev enp5s0 proto kernel metric 256 pref medium
fe80::/64 dev enp6s0 proto kernel metric 256 pref medium

ip -br -c a:

enp5s0 up 203.0.113.1/24  fe80::a653:eeff:fe70:23e5/64
enp6s0 up 2001:db8::1/96  fe80::a653:eeff:fe70:23e6/64

A

ip -6 r:

64:ff9b::/96 via 2001:db8::1 dev enp4s0 metric 1024 pref medium
2001:db8::/96 dev enp4s0 proto kernel metric 256 pref medium

ip -br -c a:

enp4s0   UP   2001:db8::8/96

V

ipconfig:

203.0.113.16
255.255.255.0

@ydahhrk
Copy link
Member

ydahhrk commented Jan 20, 2022
edited
Loading

Ok; nothing strange so far.

sudo jool global display output: This namespace lacks an instance named 'default'

Sorry; I meant

sudo jool -i example global display
  • What's the output of sudo iptables -t mangle -L?
  • What's the output of sudo ip6tables -t mangle -L?
  • Please run in T:
sudo jool -i example global update logging-debug true
sudo dmesg -C

Then quickly try your HTTP request from A, then run dmesg in T. Post the output.

@neighbour7
Copy link
Author

After executing your method, now my Terminator can connect with http, but the browser and gnome terminal cannot connect with http. I think it may be a problem with my computer?
image
1d5aaa9b66c4cd722bbf31b13b45baf

@neighbour7
Copy link
Author

iptables -t mangle -L :output JOOL all -- anywhere anywhere instance:example
ip6tables -t mangle -L :output JOOL all -- anywhere anywhere instance:example

@ydahhrk
Copy link
Member

ydahhrk commented Jan 20, 2022

Your browser is using HTTPS, not HTTP.

What happens if you remove the "s" from the URL?

It it works, you probably just have some certificate problem.

After executing your method, now my Terminator can connect with http

The "method" wasn't meant to fix the problem; it was meant to print output that might help us find the problem. Please follow the instructions until the end:

T:

sudo jool -i example global update logging-debug true
sudo dmesg -C

A:

<HTTP query from browser>

T:

dmesg

Post the output of dmesg.

And when you're done, make sure to disable debug logging. Otherwise it will slow things down and take up disk space.

@neighbour7
Copy link
Author

Sorry. My English is not good.
My browser is using HTTP.

dmesg no output.

@ydahhrk
Copy link
Member

ydahhrk commented Jan 21, 2022 via email

@tiagogaspar8
Copy link

I came into an issue in OpenWrt where if I have a port forwarding jool wouldn't work, I don't know if it helps.

@ydahhrk ydahhrk added the Status: Stuck Development paused due to unavailable external input label Jul 21, 2022
@ydahhrk ydahhrk added the Support User needs help label Jan 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Stuck Development paused due to unavailable external input Support User needs help
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ydahhrk @tiagogaspar8 @neighbour7