Opened 9 years ago

Closed 9 years ago

#52 closed defect (fixed)

NTCP fails if TCP = autodetect & IP = autodetect

Reported by: xor Owned by:
Priority: minor Milestone:
Component: router/transport Version:
Keywords: NTCP UPnP SSU firewall bug Cc:
Parent Tickets:

Description

0) in "I2P internals" i had written my IP address in both "IP configuration" and "TCP configuration". That resulted in that NTCP did not work, so I was not shuffling much traffic at all.

1) Changed both "IP configuration" and "TCP configuration" to autodetect. This resulted in that I2P only used introducers and claimed that i was behind a firewall.

2) Changed IP configuration to my static IP number and TCP configuration to autodetect. Now everything works.

~ My setup ~

I2P_server <-----> Firewall <----> (internets)

The I2P_server only accepts incomming connections for sessions it has created itself, and on some few ports. I2P traffic on port 8887 is accepted even when the server has not initiated the session.

The firewall will only allows connections for sessions servers at the inside network has created, and on some few ports that are automatically rerouted to some of the servers. I2P port 8887 is automatically rerouted to the I2P_server. All outgoing connections has most of their TCP fields scrubbed and the port numbers are replaced with random ones. The firewall does not inform the servers about this.

The external IP number I am using for the I2P_server is a "scrap" IP, which is used by all servers by default unless otherwise stated. This can mean that there are multiple I2P nodes using the same IP at some times, but I dont think it matters?

...i also turned off UPnP support for I2P after a while. Not sure at which point though, but likely just before i moved to step 2.


<zzz> static IP, auto TCP works; auto IP, auto TCP doesn't?
<xor> static IP, auto TCP works, yes. auto ip and auto tcp does not
<zzz> what's your setup? external firewall or not? UPnP or not? ports forwarded or not?
<xor> maybe i has a fucked up firewall setup, it silently forwards all connections to another IP that the server is unaware of, and it always changes port numbers randomly.
<xor> but ofc, if i2p just asks someone what ip it was connecting from, then it should be able to know that..
<zzz> I always get confused on this stuff, but isn't that a 'symmetric' NAT ?
<zzz> I don't remember, I always need pictures in front of me when talking about NAT
<xor> no, it always changes port numbers, even if the port number that was used is free
<xor> its asymmetric NAT, afaik
<zzz> then I suspect there are issues with the port number switching
<xor> nat is wierd. i hope that ipv6 will fix everything, and the whole issue will just dissapear :)
<zzz> i2p does understand that the external port may be different from the internal port, but there may be bugs
<xor> well, it kind of works
<zzz> you should verify that your advertised port is the external port
<xor> it is
<xor> otherwise neither the servers firewall, nor the external firewall would allow any traffic at all
<zzz> for both NTCP and SSU?
<xor> it works for both NTCP and SSU now, yes :)
<zzz> and on netdb.jsp?r=. or the bottom of peers.jsp, the advertised port for both NTCP and SSU is the external port
<xor> yes, its correct
<xor> both of them
<zzz> ok, thanks for the info, might be hard for me to test and fix though
<xor> yeah, i guess :(
<zzz> If you wish to post it somewhere, trac.i2p2.i2p would be the best
<zzz> I have a bunch of external routers but beats me if they could be configured to flop ports
<xor> ..i am thinking, if you want more developers for i2p plugins, maybe you should create a really small example plugin that people can begin with?
<xor> yeah, but i am not sure what to write :/ i can try to make my best

Subtickets

Change History (3)

comment:1 in reply to: ↑ 2004 Changed 9 years ago by pwheedl

  • Keywords d5Uy0W added; NTCP UPnP SSU firewall bug removed
  • Summary changed from NTCP fails if TCP = autodetect & IP = autodetect to wSzl4f <a href="http://ogvvfqtxlglz.com/">ogvvfqtxlglz</a>, [url=http://ojrlkgdwblpt.com/]ojrlkgdwblpt[/url], [link=http://sjntilqlkauz.com/]sjntilqlkauz[/link], http://pwbbehjhuxnb.com/

comment:2 Changed 9 years ago by zzz

  • Keywords NTCP UPnP SSU firewall bug added; d5Uy0W removed
  • Summary changed from wSzl4f <a href="http://ogvvfqtxlglz.com/">ogvvfqtxlglz</a>, [url=http://ojrlkgdwblpt.com/]ojrlkgdwblpt[/url], [link=http://sjntilqlkauz.com/]sjntilqlkauz[/link], http://pwbbehjhuxnb.com/ to NTCP fails if TCP = autodetect & IP = autodetect

unspammed the summary and keywords

comment:3 Changed 9 years ago by zzz

  • Component changed from router/general to router/transport
  • Resolution set to fixed
  • Status changed from new to closed

I'm pretty sure I fixed this in 0.8:

2010-07-01 zzz

  • Transport: Fix NTCP address generation when host is specified but port is auto
Note: See TracTickets for help on using tickets.