Code: Select all
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tunhw, link-type RAW (Raw IP), capture size 65535 bytes
15:04:16.780726 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _services._dns-sd._udp.local. (46)
15:04:16.781627 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _ssh._tcp.local. (33)
15:04:16.781809 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _sftp-ssh._tcp.local. (38)
15:04:16.781860 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _rfb._tcp.local. (33)
15:04:16.781907 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _workstation._tcp.local. (41)
15:04:16.781954 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _net-assistant._udp.local. (43)
15:04:16.782063 IP 192.168.35.130.5353 > 224.0.0.251.5353: 0 PTR (QM)? _ssh._tcp.local. (33)
However, avahi seems not to get the packets (at least, strace shows zero activity within avahi-daemon while the scanner is running), and I have no idea where they are getting dropped. I have confirmed that they are *not* being dropped by iptables, but something else is failing to deliver them to avahi. rp_filter is OFF on the tunnel interface, so it's not source address verification. Avahi *is* configured to allow point-to-point interfaces. Any ideas?
I've heard that switching the tunnel to a TAP-style VPN has resolved the issue for some people, but I want to understand the root cause because packets are *clearly* getting through the tunnel, but are being dropped on the floor somewhere. I get the feeling that this is going to be something very simple, but I'm not sure how to debug how Linux decides to drop packets vs. deliver them to sockets.
Both machines are running various forms of linux-2.6.32 (client Ubuntu Lucid, server Debian Squeeze).