Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

SSL Traffic from network node to VM

Im having an issue with SSL traffic from the network node to a VM. I am not sure where this is getting hung up. Im trying to download a file from github with wget but it locks up acknowleging a packet from GitHub. Bitbucket.org uses the same certificate type from Digicert and it works.

On the VM I'm running:

ubuntu@testnetwork:~$ openssl s_client -showcerts -connect github.com:443
CONNECTED(00000003)

Here is the tcpdump from the VM:

16:36:32.071382 IP 172.16.16.12.56210 > github.com.https: Flags [S], seq 3347835015, win 14600,   options [mss 1460,sackOK,TS val 254765 ecr 0,nop,wscale 6], length 0
16:36:32.155526 IP github.com.https > 172.16.16.12.56210: Flags [S.], seq 3139130773, ack 3347835016, win 5792, options [mss 1460,sackOK,TS val 751610489 ecr 254765,nop,wscale 10], length 0
16:36:32.155590 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 0
16:36:32.156474 IP 172.16.16.12.56210 > github.com.https: Flags [P.], seq 1:227, ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 226
16:36:32.204544 IP github.com.https > 172.16.16.12.56210: Flags [.], ack 227, win 7, options [nop,nop,TS val 751610505 ecr 254786], length 0
16:36:32.206941 IP github.com.https > 172.16.16.12.56210: Flags [P.], seq 2897:3691, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 794
16:36:32.207115 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254799 ecr 751610505,nop,nop,sack 1 {2897:3691}], length 0
16:36:55.057510 IP 172.16.16.12.56208 > github.com.https: Flags [F.], seq 227, ack 1, win 229, options [nop,nop,TS val 260512 ecr 169352456,nop,nop,sack 1 {2897:3692}], length 0
16:37:32.225034 IP github.com.https > 172.16.16.12.56210: Flags [F.], seq 3691, ack 227, win 7, options [nop,nop,TS val 751625505 ecr 254799], length 0
16:37:32.225134 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 269803 ecr 751610505,nop,nop,sack 1 {2897:3692}], length 0

The TCPdump on the permiscious mode ethernet port on the network node shows:

11:36:32.042296 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [S], seq 3347835015, win 14600, options [mss 1460,sackOK,TS val 254765 ecr 0,nop,wscale 6], length 0
11:36:32.089359 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [S.], seq 3139130773, ack 3347835016, win 5792, options [mss 1460,sackOK,TS val 751610489 ecr 254765,nop,wscale 10], length 0
11:36:32.107097 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 0
11:36:32.107883 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [P.], seq 1:227, ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 226
11:36:32.155523 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], ack 227, win 7, options [nop,nop,TS val 751610505 ecr 254786], length 0
11:36:32.157637 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 1448
11:36:32.157761 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1449:2897, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 1448
11:36:32.157781 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [P.], seq 2897:3691, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 794
11:36:32.158526 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254799 ecr 751610505,nop,nop,sack 1 {2897:3691}], length 0
11:36:32.421345 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610572 ecr 254799], length 1448
11:36:32.947766 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610704 ecr 254799], length 1448
11:36:34.008426 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610968 ecr 254799], length 1448
11:36:36.132368 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751611496 ecr 254799], length 1448
11:36:40.341746 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751612552 ecr 254799], length 1448
11:36:48.814433 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751614664 ecr 254799], length 1448
11:37:05.682720 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751618888 ecr 254799], length 1448
11:37:32.154723 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [F.], seq 3691, ack 227, win 7, options [nop,nop,TS val 751625505 ecr 254799], length 0
11:37:32.196024 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 269803 ecr 751610505,nop,nop,sack 1 {2897:3692}], length 0
11:37:39.485590 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751627336 ecr 269803], length 1448

The network node is sending the packet to the VM:

11:37:39.485590 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751627336 ecr 269803], length 1448

However the VM is never getting it. Any other ways to debug this??

click to hide/show revision 2
retagged

SSL Traffic from network node to VM

Im having an issue with SSL traffic from the network node to a VM. I am not sure where this is getting hung up. Im trying to download a file from github with wget but it locks up acknowleging a packet from GitHub. Bitbucket.org uses the same certificate type from Digicert and it works.

On the VM I'm running:

ubuntu@testnetwork:~$ openssl s_client -showcerts -connect github.com:443
CONNECTED(00000003)

Here is the tcpdump from the VM:

16:36:32.071382 IP 172.16.16.12.56210 > github.com.https: Flags [S], seq 3347835015, win 14600,   options [mss 1460,sackOK,TS val 254765 ecr 0,nop,wscale 6], length 0
16:36:32.155526 IP github.com.https > 172.16.16.12.56210: Flags [S.], seq 3139130773, ack 3347835016, win 5792, options [mss 1460,sackOK,TS val 751610489 ecr 254765,nop,wscale 10], length 0
16:36:32.155590 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 0
16:36:32.156474 IP 172.16.16.12.56210 > github.com.https: Flags [P.], seq 1:227, ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 226
16:36:32.204544 IP github.com.https > 172.16.16.12.56210: Flags [.], ack 227, win 7, options [nop,nop,TS val 751610505 ecr 254786], length 0
16:36:32.206941 IP github.com.https > 172.16.16.12.56210: Flags [P.], seq 2897:3691, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 794
16:36:32.207115 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254799 ecr 751610505,nop,nop,sack 1 {2897:3691}], length 0
16:36:55.057510 IP 172.16.16.12.56208 > github.com.https: Flags [F.], seq 227, ack 1, win 229, options [nop,nop,TS val 260512 ecr 169352456,nop,nop,sack 1 {2897:3692}], length 0
16:37:32.225034 IP github.com.https > 172.16.16.12.56210: Flags [F.], seq 3691, ack 227, win 7, options [nop,nop,TS val 751625505 ecr 254799], length 0
16:37:32.225134 IP 172.16.16.12.56210 > github.com.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 269803 ecr 751610505,nop,nop,sack 1 {2897:3692}], length 0

The TCPdump on the permiscious mode ethernet port on the network node shows:

11:36:32.042296 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [S], seq 3347835015, win 14600, options [mss 1460,sackOK,TS val 254765 ecr 0,nop,wscale 6], length 0
11:36:32.089359 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [S.], seq 3139130773, ack 3347835016, win 5792, options [mss 1460,sackOK,TS val 751610489 ecr 254765,nop,wscale 10], length 0
11:36:32.107097 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 0
11:36:32.107883 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [P.], seq 1:227, ack 1, win 229, options [nop,nop,TS val 254786 ecr 751610489], length 226
11:36:32.155523 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], ack 227, win 7, options [nop,nop,TS val 751610505 ecr 254786], length 0
11:36:32.157637 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 1448
11:36:32.157761 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1449:2897, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 1448
11:36:32.157781 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [P.], seq 2897:3691, ack 227, win 7, options [nop,nop,TS val 751610506 ecr 254786], length 794
11:36:32.158526 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 254799 ecr 751610505,nop,nop,sack 1 {2897:3691}], length 0
11:36:32.421345 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610572 ecr 254799], length 1448
11:36:32.947766 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610704 ecr 254799], length 1448
11:36:34.008426 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751610968 ecr 254799], length 1448
11:36:36.132368 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751611496 ecr 254799], length 1448
11:36:40.341746 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751612552 ecr 254799], length 1448
11:36:48.814433 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751614664 ecr 254799], length 1448
11:37:05.682720 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751618888 ecr 254799], length 1448
11:37:32.154723 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [F.], seq 3691, ack 227, win 7, options [nop,nop,TS val 751625505 ecr 254799], length 0
11:37:32.196024 IP 172.16.1.104.56210 > 204.232.175.90.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 269803 ecr 751610505,nop,nop,sack 1 {2897:3692}], length 0
11:37:39.485590 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751627336 ecr 269803], length 1448

The network node is sending the packet to the VM:

11:37:39.485590 IP 204.232.175.90.https > 172.16.1.104.56210: Flags [.], seq 1:1449, ack 227, win 7, options [nop,nop,TS val 751627336 ecr 269803], length 1448

However the VM is never getting it. Any other ways to debug this??