Question

我创建了一个tap0设备（IP 10.0.0.101），并使用zeromq的pgm pub / sub（例如pgm：//192.168.100.2; 234.5.6.7：5555）来传输以太网从tap到zmq订阅者的帧，反之亦然。我们的想法是使用pgm创建一个虚拟网络。我在网络上有2个tap主机：10.0.0.101,10.0.0.11。它们还具有物理以太网适配器192.168.106.126,192.168.106.55。

＆＃39;问题是ping有效，但http和ssh协议没有。

Wireshark显示了一个成功的TCP启动序列，但后来我开始看到重复的ACK，重新传输，curl和ssh挂起一段时间并最终出错。

下面是Wireshark的一个片段，接下来是大部分（希望）相关的ruby源代码。这是使用rb_tuntap和ffi-rzmq gems。

No.     Time               Source                Destination           Protocol Length Info
      7 11:41:45.464867000 10.0.0.11             10.0.0.101            TCP      74     51659 > 3000 [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=1953042 TSecr=0 WS=64

Frame 7: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface 0
Ethernet II, Src: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f), Dst: 56:c8:52:17:31:67 (56:c8:52:17:31:67)
Internet Protocol Version 4, Src: 10.0.0.11 (10.0.0.11), Dst: 10.0.0.101 (10.0.0.101)
Transmission Control Protocol, Src Port: 51659 (51659), Dst Port: 3000 (3000), Seq: 0, Len: 0

No.     Time               Source                Destination           Protocol Length Info
      8 11:41:45.464956000 10.0.0.101            10.0.0.11             TCP      74     3000 > 51659 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=10191992 TSecr=1953042 WS=128

Frame 8: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 0, Ack: 1, Len: 0

No.     Time               Source                Destination           Protocol Length Info
     11 11:41:45.473101000 10.0.0.11             10.0.0.101            TCP      66     51659 > 3000 [ACK] Seq=1 Ack=1 Win=14656 Len=0 TSval=1953044 TSecr=10191992

Frame 11: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
Ethernet II, Src: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f), Dst: 56:c8:52:17:31:67 (56:c8:52:17:31:67)
Internet Protocol Version 4, Src: 10.0.0.11 (10.0.0.11), Dst: 10.0.0.101 (10.0.0.101)
Transmission Control Protocol, Src Port: 51659 (51659), Dst Port: 3000 (3000), Seq: 1, Ack: 1, Len: 0

No.     Time               Source                Destination           Protocol Length Info
     12 11:41:45.473429000 10.0.0.11             10.0.0.101            HTTP     145    GET / HTTP/1.1 

Frame 12: 145 bytes on wire (1160 bits), 145 bytes captured (1160 bits) on interface 0
Ethernet II, Src: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f), Dst: 56:c8:52:17:31:67 (56:c8:52:17:31:67)
Internet Protocol Version 4, Src: 10.0.0.11 (10.0.0.11), Dst: 10.0.0.101 (10.0.0.101)
Transmission Control Protocol, Src Port: 51659 (51659), Dst Port: 3000 (3000), Seq: 1, Ack: 1, Len: 79
Hypertext Transfer Protocol

No.     Time               Source                Destination           Protocol Length Info
     13 11:41:45.473460000 10.0.0.101            10.0.0.11             TCP      66     3000 > 51659 [ACK] Seq=1 Ack=80 Win=29056 Len=0 TSval=10192001 TSecr=1953046

Frame 13: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 1, Ack: 80, Len: 0

No.     Time               Source                Destination           Protocol Length Info
     15 11:41:45.491555000 10.0.0.101            10.0.0.11             TCP      717    [TCP segment of a reassembled PDU]

Frame 15: 717 bytes on wire (5736 bits), 717 bytes captured (5736 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 1, Ack: 80, Len: 651

No.     Time               Source                Destination           Protocol Length Info
     16 11:41:45.491599000 10.0.0.101            10.0.0.11             TCP      1514   [TCP segment of a reassembled PDU]

Frame 16: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 652, Ack: 80, Len: 1448

No.     Time               Source                Destination           Protocol Length Info
     21 11:41:45.496998000 10.0.0.11             10.0.0.101            TCP      66     51659 > 3000 [ACK] Seq=80 Ack=652 Win=17536 Len=0 TSval=1953058 TSecr=10192019

Frame 21: 66 bytes on wire (528 bits), 66 bytes captured (528 bits) on interface 0
Ethernet II, Src: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f), Dst: 56:c8:52:17:31:67 (56:c8:52:17:31:67)
Internet Protocol Version 4, Src: 10.0.0.11 (10.0.0.11), Dst: 10.0.0.101 (10.0.0.101)
Transmission Control Protocol, Src Port: 51659 (51659), Dst Port: 3000 (3000), Seq: 80, Ack: 652, Len: 0

No.     Time               Source                Destination           Protocol Length Info
     22 11:41:45.497026000 10.0.0.101            10.0.0.11             HTTP     231    HTTP/1.1 200 OK   (text/html)

Frame 22: 231 bytes on wire (1848 bits), 231 bytes captured (1848 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 2100, Ack: 80, Len: 165
[3 Reassembled TCP Segments (2264 bytes): #15(651), #16(1448), #22(165)]
Hypertext Transfer Protocol
Line-based text data: text/html

No.     Time               Source                Destination           Protocol Length Info
     25 11:41:45.502736000 10.0.0.11             10.0.0.101            TCP      78     [TCP Dup ACK 21#1] 51659 > 3000 [ACK] Seq=80 Ack=652 Win=17536 Len=0 TSval=1953061 TSecr=10192019 SLE=2100 SRE=2265

Frame 25: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface 0
Ethernet II, Src: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f), Dst: 56:c8:52:17:31:67 (56:c8:52:17:31:67)
Internet Protocol Version 4, Src: 10.0.0.11 (10.0.0.11), Dst: 10.0.0.101 (10.0.0.101)
Transmission Control Protocol, Src Port: 51659 (51659), Dst Port: 3000 (3000), Seq: 80, Ack: 652, Len: 0

No.     Time               Source                Destination           Protocol Length Info
     26 11:41:45.504245000 10.0.0.101            10.0.0.11             TCP      1514   [TCP Retransmission] 3000 > 51659 [ACK] Seq=652 Ack=80 Win=29056 Len=1448 TSval=10192032 TSecr=1953061[Reassembly error, protocol TCP: New fragment overlaps old data (retransmission?)]

Frame 26: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 652, Ack: 80, Len: 1448
[Reassembly error, protocol TCP: New fragment overlaps old data (retransmission?)]

No.     Time               Source                Destination           Protocol Length Info
     33 11:41:45.711324000 10.0.0.101            10.0.0.11             TCP      1514   [TCP Retransmission] 3000 > 51659 [ACK] Seq=652 Ack=80 Win=29056 Len=1448 TSval=10192239 TSecr=1953061[Reassembly error, protocol TCP: New fragment overlaps old data (retransmission?)]

Frame 33: 1514 bytes on wire (12112 bits), 1514 bytes captured (12112 bits) on interface 0
Ethernet II, Src: 56:c8:52:17:31:67 (56:c8:52:17:31:67), Dst: 3a:e2:d5:f3:8e:6f (3a:e2:d5:f3:8e:6f)
Internet Protocol Version 4, Src: 10.0.0.101 (10.0.0.101), Dst: 10.0.0.11 (10.0.0.11)
Transmission Control Protocol, Src Port: 3000 (3000), Dst Port: 51659 (51659), Seq: 652, Ack: 80, Len: 1448
[Reassembly error, protocol TCP: New fragment overlaps old data (retransmission?)]

Ruby代码：

def run

    stop = false

    Signal.trap("SIGINT")  {
        stop=true
    }

    tap.up

    #binding.pry
    pids = []
    begin

        # tap => zmq_pub 
        pids << Thread.new do
            while !stop do
                read_and_pub
            end
        end

        # zmq_sub => tap
        pids << Thread.new do
            while !stop do
                sub_and_write
            end
        end

    rescue
        stop=true
    end

    pids.each { |pid| pid.join }

    tap.down
    tap.close
    self.tap = nil

    zmq_pub.close
    zmq_sub.close
    zmq_ctx.terminate

end # run

def read_and_pub

    selected = IO.select([tap.to_io],nil,nil,1)
    if !selected.nil? and !selected[0].nil? and selected[0].length>0 then
        msg = tap.to_io.sysread(tap.mtu)
        if !msg.nil? && msg.length > 0 then
            sent = zmq_pub.send_string(msg) 
            if sent != msg.length
                puts "**** published #{sent}/#{msg.length} ****"
            end
            print_packet msg, tap
        else
            puts "IO.select returned #{selected} but msg is #{msg}"
        end
    end
end

def sub_and_write
    msg = ''
    zmq_sub.recv_string msg
    if !msg.nil? && msg.length > 0 then
        sent = tap.to_io.syswrite(msg)
        if sent != msg.length
            puts "**** wrote #{sent}/#{msg.length} ****"
        end
        print_packet msg, zmq_sub
    end
end

Answer 1

问题在于：tap.to_io.sysread(tap.mtu)。似乎tap.mtu不一定是sysread将接收的最大字节数，并且未读字节似乎从tap接口中被忽略。我将代码更改为tap.to_io.sysread(10000)，http和ssh按预期工作。我收到的最大框架是1514年。

通过Linux tap设备进行TCP隧道传输

1 个答案: