How do I use tcpdump ?

This forum is for general conversation and user-user networking.
Post Reply
Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

How do I use tcpdump ?

Post by Rogier » Tue Jun 27, 2017 1:48 pm

Hi! I started a fresh Ubuntu 16.04 install on my vps, and followed various https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server... and https://github.com/Angristan/OpenVPN-install... trying to figure out why -after starting the openvpn@server- all ports on my vps are listening (tcpdump port xx) on tun0 instead of ens3/eth0. After stopping the vpn (systemctl stop openvpn@server), tcpdump shows everything is back to normal. Does anyone have a clue where I should look for a solution? I'm trying to run a php script next to the vpn which listens on a specific port, but now it's listening on the wrong interface :shock: .

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2833
Joined: Fri Jun 03, 2016 1:17 pm

Re: all traffic on tun0 instead of ens3

Post by TinCanTech » Tue Jun 27, 2017 3:44 pm

Sorry, we don't debug third party tutorials (especially when they over a year old),
please report your problem to the author(s) of your sources.

Or start with the official OpenVPN docs.

Also, Please see:
HOWTO: Request Help !

Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

Re: all traffic on tun0 instead of ens3

Post by Rogier » Tue Jun 27, 2017 7:08 pm

It was not my intention to ask for a debug of third party tutorials... if the issue sounds familiar to anyone that would be great and I just wanted to point out I tried various sources (including the official docs). But I'll read the OpenVPN documentation once more and see if I missed something.

Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

Re: all traffic on tun0 instead of ens3

Post by Rogier » Thu Jun 29, 2017 4:37 pm

Still no success.. I'll try to give as much information as possible. I followed the official Howto line by line and after starting the server, the problem is still there.

Output after starting the vpn:

Code: Select all

Thu Jun 29 18:23:26 2017 OpenVPN 2.4.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jun 20 2017
Thu Jun 29 18:23:26 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Thu Jun 29 18:23:26 2017 Diffie-Hellman initialized with 4096 bit key
Thu Jun 29 18:23:26 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 29 18:23:26 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jun 29 18:23:26 2017 ROUTE_GATEWAY 149.210.151.1/255.255.255.0 IFACE=ens3 HWADDR=52:54:00:78:da:1a
Thu Jun 29 18:23:26 2017 TUN/TAP device tun0 opened
Thu Jun 29 18:23:26 2017 TUN/TAP TX queue length set to 100
Thu Jun 29 18:23:26 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Jun 29 18:23:26 2017 /sbin/ip link set dev tun0 up mtu 1500
Thu Jun 29 18:23:26 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Thu Jun 29 18:23:26 2017 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Thu Jun 29 18:23:26 2017 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Jun 29 18:23:26 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Jun 29 18:23:26 2017 UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Jun 29 18:23:26 2017 UDPv4 link remote: [AF_UNSPEC]
Thu Jun 29 18:23:26 2017 MULTI: multi_init called, r=256 v=256
Thu Jun 29 18:23:26 2017 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Thu Jun 29 18:23:26 2017 IFCONFIG POOL LIST
Thu Jun 29 18:23:26 2017 Initialization Sequence Completed
And after that all ports are listening on tun0 instead of ens3. I would expect that only a connected client uses tun0 and all other traffic from the server uses ens3.

Code: Select all

root@vps-ams:~# tcpdump port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
Any help is very much appreciated!

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2833
Joined: Fri Jun 03, 2016 1:17 pm

Re: all traffic on tun0 instead of ens3

Post by TinCanTech » Thu Jun 29, 2017 5:44 pm

I don't know what you are trying to explain ..

Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

Re: all traffic on tun0 instead of ens3

Post by Rogier » Thu Jun 29, 2017 6:08 pm

OK, I'll rephrase... :)

On a clean install of Ubuntu 16.04 and with the latest version of OpenVPN, after starting the vpn server, all ports on the server are listening for incoming traffic on tun0 instead of ens3. That would be ok if the server's only function is OpenVPN, but that's not the case. This happens only after starting the OpenVPN server. I would expect -but I don't know how to check or fix- that only the vpn connection/port listens on or uses the tun0 and all the other ports listen on ens3.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2833
Joined: Fri Jun 03, 2016 1:17 pm

Re: all traffic on tun0 instead of ens3

Post by TinCanTech » Thu Jun 29, 2017 6:44 pm

Rogier wrote:all ports on the server are listening for incoming traffic on tun0 instead of ens3
That does not make sense .. nor is it true.

You need to show what ever details you are using to make this assumption.

Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

Re: all traffic on tun0 instead of ens3

Post by Rogier » Thu Jun 29, 2017 7:31 pm

If it isn't true, fine... but when i use tcpdump on whatever port, it says "listening on tun0". And before starting the OpenVPN server it says "listening on ens3". Perhaps my conclusion is not correct, but this is the result and it breaks other functionality.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2833
Joined: Fri Jun 03, 2016 1:17 pm

Re: all traffic on tun0 instead of ens3

Post by TinCanTech » Thu Jun 29, 2017 9:15 pm

Did you try

Code: Select all

man tcpdump
if not try this

Code: Select all

# tcpdump -i ens3
:roll:

ciao

Rogier
OpenVpn Newbie
Posts: 6
Joined: Tue Jun 27, 2017 1:28 pm

Re: How do I use tcpdump ?

Post by Rogier » Fri Jun 30, 2017 12:40 pm

It works! :shock:

No, it's not a joke. I don't know why (and not due to the tcpdump command), but it works. Must have been a typo or something similar. :lol:

Post Reply