Strange routing problem

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
px03afk
DD-WRT User


Joined: 09 Mar 2012
Posts: 71

PostPosted: Sat Nov 30, 2019 20:15    Post subject: Strange routing problem Reply with quote
I have two Netgear WNR3500L routers in different locations, one running V24-sp2 and the other running v3.0-r30471 big. A few months ago I set up OpenVPN to run bi-directionally between the two locations and eventually got it working so that I can see both notworks from both locations.

So far so good.

For a long time I have also been running Asterisk systems in the two locations with both IAX and SIP connections using the remote address of the router with ports forwarded to the correct ones for Asterisk listeners. That has been running without issue as well.

A couple of weeks ago I though it might be better if I changed the Asterisk systems to use the OpenVPN connection directly rather than going across the internet. Sure enough, changing the Asterisk client end to address the remote end directly worked. That is until I restarted the OpenVPN client, then it all goes wrong, but only with Asterisk - everything else works without any problem.

After looking carefully at the data flow, mainly with tcpdump, I discovered that after the OpenVPN client is restarted the source address going into the tunnel has become the WAN address of the router. But, it wasn't before the client restart and I can't find any way of making it change back. If I send an nc from the client to the server, using the same port, it routes correctly and the nc connects.

This is one of the strangest problems I've come across so if anyone can shed some light I would love to be able to understand why this is happening and if there is a way of correcting it.
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 2602
Location: Texas, USA

PostPosted: Sat Nov 30, 2019 21:40    Post subject: Reply with quote
Probably related to using antique DD-WRT builds. So much has changed to OpenVPN since then.
_________________
E4200 v1 DD-WRT 41663 mega (12/06/19) (K3.x)
R7000P DD-WRT 40270M kongac
E4200 v1 FreshTomato 2019.3
E4200 v1 FreshTomato 2019.4.development
R7000 FreshTomato 2019.4.development
E4200 v1 1.0.07.development
WRT3200ACM OpenWRT 18.06.5
tedm
DD-WRT User


Joined: 13 Mar 2009
Posts: 283

PostPosted: Tue Dec 03, 2019 4:00    Post subject: Reply with quote
Asterisk has a config entry that defines local networks. If the remote network is not in that config then asterisk assumes the SIP connection to that remote is going through a NAT and may rewrite the SIP packet. In some cases (with broken phone firmware, etc.) you want that even when the remote network is directly routable. But not when it's 2 asterisk systems talking to each other and NOT going through a translator.
px03afk
DD-WRT User


Joined: 09 Mar 2012
Posts: 71

PostPosted: Tue Dec 03, 2019 22:59    Post subject: Reply with quote
I had noticed that about Asterisk and configured the localnetwork, including the local address of the VPN link. However, tcpdump shows that the data coming from Asterisk is still using the local address of the server when it gets to the router, it's when it appears on the tunnel that the address has changed.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum