Issues with rdr-to and high latency connection (gsm network)

Tue, 13 Mar 2012 11:03:40 -0700 

Hello guys,
I have some issues with the following configuration:
There are number of SIM cards, placed in taxi cars, collecting GPS data and sending them to two Windows servers with some application, than this application sends some data back. 

Network topology is as follow:


Sim card -> Telecom gsm/3G network->Metro link with vlan3728->Alix2d3 
OpenBSD 5.0->two Windows Servers


Sim card is static ip 192.168.16.3
OpenBSD
10.10.10.2 on vlan3728
10.11.33.1 on vr2
Windows servers
10.11.33.2 and 10.11.33.3

OpenBSD redirects all traffic from vlan3728 to vr2

Here is pf.conf

~ # cat /etc/pf.conf
# Macro
ext_if = "vlan142"
globul = "vlan3768"
vivasim = "vlan3728"
int_if = "vr2"
int_net = "10.11.33.0/24"
ports1 = "12120:12124"
ports2 = "12125:12129"
ports3 = "12120:12124"

#Tables

set skip on lo
set optimization high-latency
#NAT
pass out on $ext_if from $int_if:network to any nat-to ($ext_if)
#RDR

pass in on $ext_if proto {tcp,udp} from any to $ext_if port $ports1 
rdr-to 10.11.33.2 port $ports1
pass in on $ext_if proto {tcp,udp} from any to $ext_if port $ports2 
rdr-to 10.11.33.3 port $ports2
pass in on $globul proto {tcp,udp} from any to $globul port $ports3 
rdr-to 10.11.33.2 port $ports3
pass in on $globul proto {tcp,udp} from any to $globul port $ports2 
rdr-to 10.11.33.3 port $ports2
pass in on $vivasim proto {tcp,udp} from any to $vivasim port $ports1 
rdr-to 10.11.33.2 port $ports3
pass in on $vivasim proto {tcp,udp} from any to $vivasim port $ports2 
rdr-to 10.11.33.3 port $ports2

# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp to port 6000:6010


The problem is, when the car is moving, sim card loose connection from 
time to time, then it tries to connect again with new session but 
OpenBSD keeps the old session up, so the card is unable to establish new 
session.  I need to clear the existing session, then everything starts fine.



Here is tcpdump on vlan3728 when the card cannot connect and after I 
clear the session:


~ # tcpdump -ni vlan3728
tcpdump: listening on vlan3728, link-type EN10MB

17:38:03.225484 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 89 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:38:49.185231 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:38:52.503574 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 5 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:38:52.503772 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1728940723 
win 65535 <nop,nop,timestamp 31291450 0> (DF)
17:38:58.504915 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 17 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:38:58.505088 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31291510 0> (DF)
17:39:10.482991 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 41 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:39:34.443167 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 89 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:40:33.867184 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 17 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:40:33.867354 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31292464 0> (DF)
17:40:45.823832 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 41 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:41:09.681923 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 89 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:41:59.742667 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:42:03.021653 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 5 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:42:03.021827 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31293355 0> (DF)
17:42:09.021598 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 17 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:42:09.021764 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31293416 0> (DF)
17:42:21.162916 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 41 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:42:44.982854 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 89 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:43:34.983006 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0,nop,nop,ccnew 2> (DF) [tos 0x10]

####################
Here, I clear the session, and new one is established.
#################

17:43:38.302997 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 5 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:43:38.303165 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31294308 0> (DF)
17:43:44.007893 10.11.33.2.12122 > 192.168.16.3.2020: S 
2117553575:2117553575(0) ack 1728940723 win 65535 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0> (DF)
17:43:44.283889 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 17 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:43:44.284107 10.10.10.2.12122 > 192.168.16.3.2020: . ack 1 win 65535 
<nop,nop,timestamp 31294368 0> (DF)
17:43:45.262825 192.168.16.3.2020 > 10.11.33.2.12122: R 
1728940723:1728940723(0) win 0
17:43:56.241645 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 41 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:44:20.163061 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 89 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:45:10.202414 192.168.16.3.2020 > 10.10.10.2.12122: S 
1728940722:1728940722(0) win 5120 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0,nop,nop,ccnew 2> (DF) [tos 0x10]
17:45:10.202667 10.10.10.2.12122 > 192.168.16.3.2020: S 
2167979356:2167979356(0) ack 1728940723 win 65535 <mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0> (DF)
17:45:11.081611 192.168.16.3.2020 > 10.10.10.2.12122: . ack 1 win 5200 
<nop,nop,timestamp 0 0> (DF) [tos 0x10]
17:45:14.342937 192.168.16.3.2020 > 10.10.10.2.12122: P 1:57(56) ack 1 
win 5200 <nop,nop,timestamp 7 0> (DF) [tos 0x10]
17:45:14.351967 10.10.10.2.12122 > 192.168.16.3.2020: P 1:25(24) ack 57 
win 65479 <nop,nop,timestamp 31295269 7> (DF)
17:45:15.302911 192.168.16.3.2020 > 10.10.10.2.12122: . ack 25 win 5176 
<nop,nop,timestamp 9 31295269> (DF) [tos 0x10]
17:45:15.309846 10.10.10.2.12122 > 192.168.16.3.2020: P 25:62(37) ack 57 
win 65479 <nop,nop,timestamp 31295279 9> (DF)
17:45:15.343683 192.168.16.3.2020 > 10.10.10.2.12122: P 57:97(40) ack 25 
win 5200 <nop,nop,timestamp 10 31295269> (DF) [tos 0x10]
17:45:15.503600 10.10.10.2.12122 > 192.168.16.3.2020: . ack 97 win 65439 
<nop,nop,timestamp 31295281 10> (DF)
17:45:16.021714 192.168.16.3.2020 > 10.10.10.2.12122: . ack 62 win 5163 
<nop,nop,timestamp 10 31295279> (DF) [tos 0x10]
17:45:16.029235 10.10.10.2.12122 > 192.168.16.3.2020: P 62:76(14) ack 97 
win 65439 <nop,nop,timestamp 31295286 10> (DF)
17:45:16.801685 192.168.16.3.2020 > 10.10.10.2.12122: . ack 76 win 5186 
<nop,nop,timestamp 12 31295286> (DF) [tos 0x10]
17:45:22.619493 10.10.10.2.12122 > 192.168.16.3.2020: P 76:189(113) ack 
97 win 65439 <nop,nop,timestamp 31295351 12> (DF)
17:45:24.882033 192.168.16.3.2020 > 10.10.10.2.12122: . ack 189 win 5087 
<nop,nop,timestamp 28 31295351> (DF) [tos 0x10]
17:45:30.483877 192.168.16.3.2020 > 10.10.10.2.12122: P 97:111(14) ack 
189 win 5200 <nop,nop,timestamp 40 31295351> (DF) [tos 0x10]
17:45:30.606055 10.10.10.2.12122 > 192.168.16.3.2020: . ack 111 win 
65425 <nop,nop,timestamp 31295432 40> (DF)
17:45:31.663284 192.168.16.3.2020 > 10.10.10.2.12122: P 111:125(14) ack 
189 win 5200 <nop,nop,timestamp 42 31295432> (DF) [tos 0x10]
17:45:31.816022 10.10.10.2.12122 > 192.168.16.3.2020: . ack 125 win 
65411 <nop,nop,timestamp 31295444 42> (DF)
17:45:32.763826 192.168.16.3.2020 > 10.10.10.2.12122: P 125:139(14) ack 
189 win 5200 <nop,nop,timestamp 44 31295444> (DF) [tos 0x10]
17:45:32.922453 10.10.10.2.12122 > 192.168.16.3.2020: . ack 139 win 
65397 <nop,nop,timestamp 31295455 44> (DF)
17:45:33.721882 192.168.16.3.2020 > 10.10.10.2.12122: P 139:179(40) ack 
189 win 5200 <nop,nop,timestamp 46 31295455> (DF) [tos 0x10]
17:45:33.733448 10.10.10.2.12122 > 192.168.16.3.2020: P 189:203(14) ack 
179 win 65357 <nop,nop,timestamp 31295463 46> (DF)
17:45:34.581576 192.168.16.3.2020 > 10.10.10.2.12122: . ack 203 win 5186 
<nop,nop,timestamp 48 31295463> (DF) [tos 0x10]



Another thing that I need to mention is, sim card always use the same 
port 2020 to start new session.

I would appreciate any ideas and advices on how to solve this issue.
I will provide any additional info if you need it.
Unfortunately it is random event and I cannot reproduce it.

Sorry for the long post.

Thanks for the help,
Ivo















    











					Reply via email to