#21932: LuCI shows wrong IP address, and so does arp
------------------------+------------------------
Reporter: anonymous | Owner: developers
Type: defect | Status: new
Priority: low | Milestone:
Component: packages | Version: Trunk
Resolution: | Keywords:
------------------------+------------------------
Comment (by juanriccio@…):
Installed tcpdump and ran it a few times. LuCI and arp still show an
address in the 10.x.x.x. range, but there is no trace of it in tcpdump.
Here is a transcript of tcpdump's output. I deleted a few lines that
document traffic between the phone and the WAN (whatsapp and google
servers etc.)
{{{
13:54:44.918896 ph:on:em:ac:ad:dr > ff:ff:ff:ff:ff:ff Null Unnumbered,
xid, Flags [Response], length 6: 01 00
13:54:45.532627 IP (tos 0x0, ttl 64, id 23228, offset 0, flags [none],
proto UDP (17), length 332)
0.0.0.0.68 > 255.255.255.255.67: [udp sum ok] BOOTP/DHCP, Request from
ph:on:em:ac:ad:dr, length 304, xid 0x2be5447b, Flags [none] (0x0000)
Client-Ethernet-Address ph:on:em:ac:ad:dr
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Requested-IP Option 50, length 4: 192.168.2.94
MSZ Option 57, length 2: 1500
Vendor-Class Option 60, length 12: "dhcpcd-5.5.6"
Hostname Option 12, length 22: "S2-juanriccio"
Parameter-Request Option 55, length 10:
Subnet-Mask, Static-Route, Default-Gateway, Domain-Name-
Server
Domain-Name, MTU, BR, Lease-Time
RN, RB
13:54:45.539640 IP (tos 0xc0, ttl 64, id 3900, offset 0, flags [none],
proto UDP (17), length 328)
192.168.2.254.67 > 192.168.2.94.68: [bad udp cksum 0xa1f2 -> 0xbbc4!]
BOOTP/DHCP, Reply, length 300, xid 0x2be5447b, Flags [none] (0x0000)
Your-IP 192.168.2.94
Server-IP 192.168.2.254
Client-Ethernet-Address ph:on:em:ac:ad:dr
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 192.168.2.254
Lease-Time Option 51, length 4: 43200
RN Option 58, length 4: 21600
RB Option 59, length 4: 37800
Subnet-Mask Option 1, length 4: 255.255.255.0
BR Option 28, length 4: 192.168.2.255
Default-Gateway Option 3, length 4: 192.168.2.254
Domain-Name-Server Option 6, length 4: 192.168.2.254
Domain-Name Option 15, length 3: "lan"
13:54:45.986230 IP6 (hlim 1, next-header Options (0) payload length: 36)
:: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6,
multicast listener report v2, 1 group record(s) [gaddr ff02::1:ffa7:4158
to_ex { }]
13:54:46.271258 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 24)
:: > ff02::1:ffa7:4158: [icmp6 sum ok] ICMP6, neighbor solicitation,
length 24, who has fe80::7ad6:f0ff:fea7:4158
13:54:47.338256 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
fe80::7ad6:f0ff:fea7:4158 > ff02::2: [icmp6 sum ok] ICMP6, router
solicitation, length 16
source link-address option (1), length 8 (1): ph:on:em:ac:ad:dr
0x0000: 78d6 f0a7 4158
13:54:48.248685 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has
192.168.2.254 tell 192.168.2.94, length 28
13:54:48.248811 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.2.254
is-at 02:71:7e:0c:41:89, length 28
13:54:49.303062 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has
192.168.2.254 tell 192.168.2.94, length 28
13:54:49.303129 ARP, Ethernet (len 6), IPv4 (len 4), Reply 192.168.2.254
is-at 02:71:7e:0c:41:89, length 28
13:54:49.303555 IP (tos 0xc0, ttl 1, id 0, offset 0, flags [DF], proto
IGMP (2), length 40, options (RA))
192.168.2.94 > 224.0.0.22: igmp v3 report, 1 group record(s) [gaddr
239.2.0.252 to_ex { }]
13:54:49.304304 IP (tos 0x0, ttl 255, id 0, offset 0, flags [DF], proto
UDP (17), length 118)
192.168.2.94.5353 > 239.2.0.252.5353: [udp sum ok] 0 [1n] ANY (QM)?
ESDevice._esdevice._tcp.local. ns: ESDevice._esdevice._tcp.local. SRV
GT-I9100-192-168-15-94.local.:42136 0 0 (90)
13:54:49.305680 IP (tos 0x0, ttl 64, id 33757, offset 0, flags [DF], proto
UDP (17), length 61)
192.168.2.94.30788 > 192.168.2.254.53: [udp sum ok] 37673+ A?
e4.whatsapp.net. (33)
13:54:49.305977 IP (tos 0x0, ttl 64, id 33965, offset 0, flags [DF], proto
UDP (17), length 65)
192.168.2.94.33674 > 192.168.2.254.53: [udp sum ok] 42019+ A?
clients3.google.com. (37)
13:54:49.306237 IP (tos 0x0, ttl 64, id 33982, offset 0, flags [DF], proto
UDP (17), length 63)
192.168.2.94.39758 > 192.168.2.254.53: [udp sum ok] 3583+ A?
mtalk4.google.com. (35)
13:54:49.308214 IP (tos 0x0, ttl 64, id 4045, offset 0, flags [DF], proto
UDP (17), length 275)
192.168.2.254.53 > 192.168.2.94.33674: [bad udp cksum 0xa1bd ->
0x8a24!] 42019 q: A? clients3.google.com. 12/0/0 clients3.google.com.
CNAME clients.l.google.com., clients.l.google.com. A 173.194.116.197,
clients.l.google.com. A 173.194.116.196, clients.l.google.com. A
173.194.116.193, clients.l.google.com. A 173.194.116.200,
clients.l.google.com. A 173.194.116.199, clients.l.google.com. A
173.194.116.192, clients.l.google.com. A 173.194.116.195,
clients.l.google.com. A 173.194.116.194, clients.l.google.com. A
173.194.116.198, clients.l.google.com. A 173.194.116.206,
clients.l.google.com. A 173.194.116.201 (247)
13:54:49.309090 IP (tos 0x0, ttl 64, id 4046, offset 0, flags [DF], proto
UDP (17), length 119)
192.168.2.254.53 > 192.168.2.94.39758: [bad udp cksum 0xa121 ->
0x0ac7!] 3583 q: A? mtalk4.google.com. 2/0/0 mtalk4.google.com. CNAME
mobile-gtalk4.l.google.com., mobile-gtalk4.l.google.com. A 64.233.184.188
(91)
13:54:49.312495 IP (tos 0x0, ttl 64, id 43178, offset 0, flags [DF], proto
TCP (6), length 60)
192.168.2.94.39008 > 173.194.116.197.80: Flags [S], cksum 0x4fc1
(correct), seq 2188258414, win 14600, options [mss 1460,sackOK,TS val
5801156 ecr 0,nop,wscale 6], length 0
[snip]
13:54:51.393960 IP (tos 0x0, ttl 50, id 51700, offset 0, flags [DF], proto
TCP (6), length 232)
173.193.230.109.5222 > 192.168.2.94.37199: Flags [P.], cksum 0x3545
(correct), seq 100:280, ack 265, win 514, options [nop,nop,TS val
311045883 ecr 5801533], length 180
13:54:51.409411 IP6 (hlim 255, next-header ICMPv6 (58) payload length: 16)
fe80::7ad6:f0ff:fea7:4158 > ff02::2: [icmp6 sum ok] ICMP6, router
solicitation, length 16
source link-address option (1), length 8 (1): ph:on:em:ac:ad:dr
0x0000: 78d6 f0a7 4158
[snip]
13:54:52.172151 IP (tos 0x0, ttl 64, id 42941, offset 0, flags [DF], proto
TCP (6), length 262)
192.168.2.94.50758 > 149.154.167.91.443: Flags [P.], cksum 0xbc2b
(correct), seq 1:211, ack 1, win 229, options [nop,nop,TS val 5801728 ecr
521407062], length 210
13:54:52.196941 IP (tos 0x0, ttl 53, id 2189, offset 0, flags [none],
proto TCP (6), length 52)
216.58.214.110.80 > 192.168.2.94.50325: Flags [F.], cksum 0x0200
(correct), seq 2979940521, ack 4262006301, win 358, options [nop,nop,TS
val 788473829 ecr 5755414], length 0
13:54:52.198822 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
(6), length 40)
192.168.2.94.50325 > 216.58.214.110.80: Flags [R], cksum 0x6024
(correct), seq 4262006301, win 0, length 0
13:54:52.290330 IP (tos 0x0, ttl 55, id 52996, offset 0, flags [DF], proto
TCP (6), length 230)
149.154.167.91.443 > 192.168.2.94.50758: Flags [P.], cksum 0x1fff
(correct), seq 1:179, ack 211, win 2520, options [nop,nop,TS val 521407136
ecr 5801728], length 178
13:54:52.292123 IP (tos 0x0, ttl 64, id 42942, offset 0, flags [DF], proto
TCP (6), length 52)
192.168.2.94.50758 > 149.154.167.91.443: Flags [.], cksum 0x64cb
(correct), seq 211, ack 179, win 245, options [nop,nop,TS val 5801752 ecr
521407136], length 0
13:54:54.309946 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has
192.168.2.94 tell 192.168.2.254, length 28
}}}
--
Ticket URL: <https://dev.openwrt.org/ticket/21932#comment:5>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
