On Wed, Sep 25, 2019 at 8:16 PM David Storrs <david.sto...@gmail.com> wrote: > > On Wed, Sep 25, 2019 at 7:45 PM Alex Harsanyi <alexharsa...@gmail.com> wrote: > > > > Is there any tunneling involved for connecting to your AWS instance? > > > > There is only one copy of the source port in an IP+UDP datagram, and this > > needs to be whatever the router is using for NAT, otherwise it would not be > > able to route replies back to your machine on the local network. If you > > have some kind of tunneling set up to access the AWS servers, the router > > will wrap the original UDP packet into another UDP packet with its own > > source port, leaving the original source port unchanged. > > I'll have to check.
Okay, we checked and there is definitely no tunneling going on. Does anyone have any further thoughts on this? > > > > > You could also run tcpdump on your AWS server and dump the entire contents > > of the packet to see what the server actually receives. > > Did that, and it's getting the 25890 port (the one for my local > machine instead of the router). > > > > > Alex. > > > > On Thursday, September 26, 2019 at 12:49:51 AM UTC+8, David Storrs wrote: > >> > >> We (my business partner and I) ran tcpdump on the router and > >> determined that no, it is not using the local port. At first it bound > >> to 65395 and then after we stopped/started the process it bound to a > >> different port (49428) as expected. > >> > >> After a bit of digging in the racket source code I note that the > >> various UDP functions are an FFI into librktio. This leaves me with > >> two questions: > >> > >> 1) Is it possible that there is a bug in the underlying C code? > >> > >> 2) Why does Racket use a hand-rolled io library instead of a more > >> standard net stack element? Is it for portability or...? > >> > >> On Wed, Sep 25, 2019 at 9:28 AM David Storrs <david...@gmail.com> wrote: > >> > > >> > > >> > > >> > On Wed, Sep 25, 2019, 3:16 AM Alex Harsanyi <alexha...@gmail.com> wrote: > >> >> > >> >> Do you know what port the router is using for NAT? Are you sure that > >> >> the router is not simply choosing the same port, so 25890 is both your > >> >> local port and the port used by the router? > >> > > >> > > >> > I haven't yet 100% ruled it out, but it doesn't look like it. I tried > >> > sending traffic to <public IP>:25890 and it was not received. It's > >> > possible that the port went stale and was released before my sending > >> > went out, but that seems unlikely, as it should persist for seconds or > >> > tens of seconds.My next step is to try again with a flood ping, just to > >> > be sure. > >> > > >> > Regards, it really shouldn't be doing that. If so, it's leaking > >> > information about the inner network to the outside, and that's not what > >> > I'd expect from the latest version of the FOSS OpenWRT. > >> > > >> > > >> >> > >> >> Alex. > >> >> > >> >> On Wednesday, September 25, 2019 at 1:08:16 PM UTC+8, David Storrs > >> >> wrote: > >> >>> > >> >>> udp-receive! is giving me unexpected results when my local machine -> > >> >>> router -> server shows the UDP port of the process running on the > >> >>> local machine instead of the one from the router. I'm not sure how to > >> >>> get the router's port instead. > >> >>> > >> >>> > >> >>> The AWS server does this: > >> >>> (define-values (len senders-host senders-port) (udp-receive! socket > >> >>> buffer)) > >> >>> > >> >>> What I'm actually getting is: > >> >>> > >> >>> senders-host: <public IP address of my router> > >> >>> senders-port: 25890 ; this is the UDP port bound by the process on the > >> >>> local machine > >> >>> > >> >>> What I'm expecting is: > >> >>> > >> >>> senders-host: <public IP address of my router> > >> >>> senders-port: <port number that my router chose when it relayed the > >> >>> message from my machine to the AWS server> > >> >>> > >> >>> I've been digging through the RFCs for UDP and Traditional NAT > >> >>> (https://www.ietf.org/rfc/rfc768.txt and > >> >>> https://www.ietf.org/rfc/rfc3022.txt) to make sure that I haven't > >> >>> randomly gotten confused about how routers work but it seems to be > >> >>> what I recall: The local machine sends to the router using the port > >> >>> number 25890, the router rewrites it to an arbitrary port number > >> >>> chosen on the fly, the AWS server sees the router's assigned port and > >> >>> not 25890. > >> >>> > >> >>> What am I missing here? I'm sure it's something embarrassingly > >> >>> obvious. > >> >>> > >> >>> > >> >>> > >> >>> Simplified form of code for reference: > >> >>> > >> >>> ------------------- > >> >>> shared code > >> >>> ------------------- > >> >>> (struct Message (message-id attributes) #:prefab) > >> >>> (struct Binding-Request Message () #:prefab) > >> >>> (struct Binding-Success-Response Message () #:prefab) > >> >>> (struct transport-address (ip port) #:prefab) > >> >>> > >> >>> (define (write-to-bytes v) > >> >>> (define out (open-output-bytes)) > >> >>> (write v out) > >> >>> (get-output-bytes out)) > >> >>> > >> >>> ------------------- > >> >>> local machine: > >> >>> ------------------- > >> >>> (define socket (udp-open-socket #f #f)) > >> >>> (udp-bind! socket #f 25890 #t) > >> >>> (thread > >> >>> (thunk > >> >>> (define-values (len senders-host senders-port) (udp-receive! socket > >> >>> buffer)) > >> >>> (log-msg-debug "host: ~a, port ~a, buffer ~a " senders-host > >> >>> senders-port buffer))) > >> >>> > >> >>> (udp-send-to socket default-host default-port > >> >>> (wrap (Binding-Request 17 (hash)))) > >> >>> > >> >>> ----------------- > >> >>> AWS server: > >> >>> ----------------- > >> >>> The server has its own UDP socket (bound to 54545, fwiw) and a receive > >> >>> loop that identifies the Binding-Request and routes it to the > >> >>> following code: > >> >>> > >> >>> (define-values (len senders-host senders-port) (udp-receive! > >> >>> socket buffer) > >> >>> (define mapped-address (transport-address senders-host senders-port)) > >> >>> (define msg-out > >> >>> (Binding-Success-Response mid > >> >>> (hasheq 'mapped-address > >> >>> mapped-address))) > >> >>> (udp-send-to socket senders-host senders-port (wrap msg-out)) > >> >> > >> >> -- > >> >> You received this message because you are subscribed to the Google > >> >> Groups "Racket Users" group. > >> >> To unsubscribe from this group and stop receiving emails from it, send > >> >> an email to racket...@googlegroups.com. > >> >> To view this discussion on the web visit > >> >> https://groups.google.com/d/msgid/racket-users/0fc8af6a-c50c-4a90-ba8e-64718161379e%40googlegroups.com. > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Racket Users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to racket-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/racket-users/a64515ef-640f-4762-ba07-283987d07ef6%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/racket-users/CAE8gKocpBq%2BeUOLrGydAk%2BXj5rE59brwvB5w%2B8J0CN%3Dt6Ko__g%40mail.gmail.com.
