最近在尝试 openvpn 和 keepalived 能一起用,尝试了一下,发现 openvpn 启动的时候即使监听在全 0.0.0.0, 但是回包的时候依然会用默认路由的网卡的主 ip 回包,即使我是基于 vip 访问的。 所以这个现象我感觉还是 特别的离谱。 虽然 openvpn 可以指定 监听 vip,但是 keepalived 维护的 vip 如果不在当前节点,服务都起不来。
小结: 总感觉这个现象应该是个 bug。这个bug 导致,openvpn 即使要用 vip, 也只能等 keepalived 漂移过来的时候才能用。
也就是说:在部分等待时间和服务启动的时间,都是在冷备。
以下是实际测试步骤,基于 kube-ovn pod 测试的。 vip 绑定到 fip。
ssl vpn gw 测试
之前是用 pod fip 直接测的, 现在用的是 vip fip, (用fip 直接复测下?) 确实如此, vip 的 fip 根本就无法建立连接
➜ ~ nc -uvz 192.168.7.4 1194
Connection to 192.168.7.4 port 1194 [udp/openvpn] succeeded! 可以连上
➜ ~
➜ ~ nc -uvz 192.168.7.3 1194
Connection to 192.168.7.3 port 1194 [udp/openvpn] succeeded! fip-vip 连不上
➜ ~ nc -uvz 192.168.7.5 1194
Connection to 192.168.7.5 port 1194 [udp/openvpn] succeeded!
2023-12-06 12:08:09 192.168.7.100:60141 peer info: IV_GUI_VER="net.tunnelblick.tunnelblick_5860_4.0.0beta06__build_5860)"
2023-12-06 12:08:09 192.168.7.100:60141 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1300', remote='link-mtu 1541'
2023-12-06 12:08:09 192.168.7.100:60141 WARNING: 'tun-mtu' is used inconsistently, local='tun-mtu 1179', remote='tun-mtu 1500'
2023-12-06 12:08:09 192.168.7.100:60141 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
2023-12-06 12:08:09 192.168.7.100:60141 WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
处理掉这些告警
--tun-mtu or --link-mtu may be defined (note that --ifconfig implies --link-mtu 1500) 两者只能存其一
可能是掩码的问题,因为配置中写了掩码, (实际上根本不是, keepalived 最佳实践掩码就是 /32)
root@keepalived01-0:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1279 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.240.0.1 peer 10.240.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
293: eth0@if294: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:c5:58:24 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.35/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.2/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fec5:5824/64 scope link
valid_lft forever preferred_lft forever
这种 keepalived (跑了 vpn gw)维护的 ip ping不通
- 手动配在其他 pod 里面试试
root@empty:~# k exec -it -n ns1 vpc1-nginx -c netshoot -- bash
vpc1-nginx:~#
vpc1-nginx:~#
vpc1-nginx:~#
vpc1-nginx:~#
vpc1-nginx:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
202: eth0@if203: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:69:a8:1a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.6/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fe69:a81a/64 scope link
valid_lft forever preferred_lft forever
vpc1-nginx:~# ip addr add 10.1.0.2/32 dev eth0
vpc1-nginx:~#
vpc1-nginx:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
202: eth0@if203: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:69:a8:1a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.6/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.2/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fe69:a81a/64 scope link
valid_lft forever preferred_lft forever
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw# ping 192.168.7.3
PING 192.168.7.3 (192.168.7.3) 56(84) bytes of data.
vpc1-nginx:~# tcpdump -i eth0 icmp -nn
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
vpc1-nginx:~# tcpdump -i eth0 arp -nn
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
实际测试 32 位掩码 确实不通
换个 vip 试试
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw# k get ofip
NAME VPC V4EIP V4IP READY IPTYPE IPNAME
keepalived-fip vpc1 192.168.7.3 10.1.0.2 true vip keepalived-vip
keepalived01-0 vpc1 192.168.7.4 10.1.0.35 true keepalived01-0.ns1
keepalived01-1 vpc1 192.168.7.5 10.1.0.36 true keepalived01-1.ns1
nginx vpc1 192.168.7.110 10.1.0.6 true vpc1-nginx.ns1
test-vip vpc1 192.168.7.9 10.1.0.29 true vip test-vip
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw# k get vip
NAME V4IP V6IP MAC PMAC SUBNET READY TYPE
keepalived-vip 10.1.0.2 00:00:00:9C:54:D7 vpc1-subnet1 true
test-vip 10.1.0.29 00:00:00:05:90:F7 vpc1-subnet1 true
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw# ping 192.168.7.9
PING 192.168.7.9 (192.168.7.9) 56(84) bytes of data.
64 bytes from 192.168.7.9: icmp_seq=1 ttl=63 time=2.43 ms
64 bytes from 192.168.7.9: icmp_seq=2 ttl=63 time=0.823 ms
^C
--- 192.168.7.9 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.823/1.627/2.431/0.804 ms
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw#
vpc1-nginx:~# ip addr add 10.1.0.29/32 dev eth0
vpc1-nginx:~#
vpc1-nginx:~#
vpc1-nginx:~# tcpdump -i eth0 icmp -nn
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
08:43:46.665606 IP 192.168.7.200 > 10.1.0.29: ICMP echo request, id 56035, seq 1, length 64
08:43:46.665653 IP 10.1.0.29 > 192.168.7.200: ICMP echo reply, id 56035, seq 1, length 64
08:43:47.666542 IP 192.168.7.200 > 10.1.0.29: ICMP echo request, id 56035, seq 2, length 64
08:43:47.666592 IP 10.1.0.29 > 192.168.7.200: ICMP echo reply, id 56035, seq 2, length 64
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
vpc1-nginx:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
202: eth0@if203: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:69:a8:1a brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.6/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.2/32 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.29/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fe69:a81a/64 scope link
valid_lft forever preferred_lft forever
这两个 ip 没有任何区别, 说明 inet 10.1.0.2/32 这个 vip 经过使用后,确实出现了一些“隐晦”的问题
目前测试的pod fip 和 vip 都不要固定,感觉固定之后的一段时间里, pod 的 fip 和 vip 的 fip 都会出现一定的网络问题
目前问题
root@keepalived01-0:/# tcpdump -i eth0 host 192.168.7.200 -nn
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
09:14:22.884804 IP 192.168.7.200.31801 > 10.1.0.40.1194: UDP, length 14
09:14:22.885071 IP 10.1.0.41.1194 > 192.168.7.200.31801: UDP, length 26
从 vip 40 进来,但是从 41 回包
root@keepalived01-0:/# ip route list
default via 10.1.0.1 dev eth0
10.1.0.0/24 dev eth0 proto kernel scope link src 10.1.0.41 # 跟这个路由有关系
10.240.0.0/16 via 10.240.0.2 dev tun0
10.240.0.2 dev tun0 proto kernel scope link src 10.240.0.1
ip route replace 10.1.0.0/24 dev eth0 src 10.1.0.40
root@keepalived01-0:/# ip route replace 10.1.0.0/24 dev eth0 src 10.1.0.40
root@keepalived01-0:/#
root@keepalived01-0:/#
root@keepalived01-0:/# ip route list
default via 10.1.0.1 dev eth0
10.1.0.0/24 dev eth0 scope link src 10.1.0.40
10.240.0.0/16 via 10.240.0.2 dev tun0
10.240.0.2 dev tun0 proto kernel scope link src 10.240.0.1
但是没有效果
root@keepalived01-0:/#
root@keepalived01-0:/# tcpdump -i eth0 host 192.168.7.200 -nn
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
09:23:52.715172 IP 192.168.7.200.14333 > 10.1.0.40.1194: UDP, length 14
09:23:52.715400 IP 10.1.0.41.1194 > 192.168.7.200.14333: UDP, length 26
感觉是 openvpn 的业务使用了 优先级最高的那个 ip
把主 ip 删掉,看是否会变
root@keepalived01-0:/# ip addr del 10.1.0.41/24 dev eth0
root@keepalived01-0:/#
root@keepalived01-0:/# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.240.0.0 10.240.0.2 255.255.0.0 UG 0 0 0 tun0
10.240.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
但是这样的话,因为vip 的掩码是 32 位的,所以默认路由没了
所以如果采取把 vip 当做主ip的方式,起码 掩码应该和主ip保持一致
换了个掩码测试
root@empty:~# k exec -it -n ns1 keepalived01-0 -- bash
Defaulted container "ssl" out of: ssl, keepalived
root@keepalived01-0:/#
root@keepalived01-0:/#
root@keepalived01-0:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1279 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.240.0.1 peer 10.240.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
309: eth0@if310: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:07:47:55 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.44/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.43/24 scope global secondary eth0
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fe07:4755/64 scope link
valid_lft forever preferred_lft forever
root@keepalived01-0:/#
root@keepalived01-0:/#
root@keepalived01-0:/# ip route list
default via 10.1.0.1 dev eth0
10.1.0.0/24 dev eth0 proto kernel scope link src 10.1.0.44
10.240.0.0/16 via 10.240.0.2 dev tun0
10.240.0.2 dev tun0 proto kernel scope link src 10.240.0.1
root@keepalived01-0:/# ip addr del 10.1.0.44/2 dev eth0
RTNETLINK answers: Cannot assign requested address
root@keepalived01-0:/# ip addr del 10.1.0.44/24 dev eth0
root@keepalived01-0:/#
root@keepalived01-0:/# ip route list
10.240.0.0/16 via 10.240.0.2 dev tun0
10.240.0.2 dev tun0 proto kernel scope link src 10.240.0.1
root@keepalived01-0:/# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.240.0.0 10.240.0.2 255.255.0.0 UG 0 0 0 tun0
10.240.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
即使这样,掩码一致,但是路由还是丢了,路由丢了, keepalived 就把 vip切走了。
这里是一个 keepalived 和 openvpn 结合使用的示例
# 主
#!/bin/bash
docker run -d --net=host --cap-add NET_ADMIN \
-e ENVIRONMENT=production \
-e PARENT_HOST=$(hostname) \ # 这个就是vip, 这个不是openvpn的配置
-e OVPN_LOCAL=172.16.1.20 \ # 这个在文档中时可选的
-e OVPN_PUSH_1="route 10.10.0.0 255.255.255.0" \
-e OVPN_PUSH_2="dhcp-option DNS 10.10.0.111" \
-e OVPN_PUSH_3="dhcp-option DNS 10.10.0.112" \
-e OVPN_NET_1="eth0:10.10.0.0/24" \ # 这个虽然特殊,但是我找不到具体的配置
-e KEEPALIVED_STATE=MASTER \
-e KEEPALIVED_INTERFACE=eth0 \
-e KEEPALIVED_VIRTUAL_ROUTER_ID=2 \
-e KEEPALIVED_VRRP_UNICAST_BIND=10.10.0.21 \
-e KEEPALIVED_VRRP_UNICAST_PEER=10.10.0.22 \
-e KEEPALIVED_TRACK_INTERFACE_1=eth0 \
-e KEEPALVED_TRACK_INTERFACE_2=eth1 \
-e KEEPALIVED_VIRTUAL_IPADDRESS_1="10.10.0.3 dev eth0" \
-e KEEPALIVED_VIRTUAL_IPADDRESS_EXCLUDED_1="172.16.1.20 dev eth1" \
openvpn-ldap
# 备
#!/bin/bash
docker run -d --net=host --cap-add NET_ADMIN \
-e ENVIRONMENT=production \
-e PARENT_HOST=$(hostname) \
-e OVPN_LOCAL=172.16.1.20 \ # 这个就是vip
-e OVPN_PUSH_1="route 10.10.0.0 255.255.255.0" \
-e OVPN_PUSH_2="dhcp-option DNS 10.10.0.111" \
-e OVPN_PUSH_3="dhcp-option DNS 10.10.0.112" \
-e OVPN_NET_1="eth0:10.10.0.0/24" \
-e KEEPALIVED_STATE=BACKUP \
-e KEEPALIVED_INTERFACE=eth0 \
-e KEEPALIVED_VIRTUAL_ROUTER_ID=2 \
-e KEEPALIVED_VRRP_UNICAST_BIND=10.10.0.22 \
-e KEEPALIVED_VRRP_UNICAST_PEER=10.10.0.21 \
-e KEEPALIVED_TRACK_INTERFACE_1=eth0 \
-e KEEPALVED_TRACK_INTERFACE_2=eth1 \
-e KEEPALIVED_VIRTUAL_IPADDRESS_1="10.10.0.3 dev eth0" \
-e KEEPALIVED_VIRTUAL_IPADDRESS_EXCLUDED_1="172.16.1.20 dev eth1" \
openvpn-ldap
2023-12-07 10:10:07 TCP/UDP: Socket bind failed on local address [AF_INET]10.1.0.49:1194: Cannot assign requested address (errno=99)
2023-12-07 10:10:07 Exiting due to fatal error
2023-12-07 10:10:07 net_route_v4_del: 10.240.0.0/16 via 10.240.0.2 dev [NULL] table 0 metric -1
2023-12-07 10:10:07 Closing TUN/TAP interface
2023-12-07 10:10:07 net_addr_ptp_v4_del: 10.240.0.1 dev tun0
可以看到 如果 keepalived vip 不存在 , openvpn 就起不来。 所以 没有 vip 的 openvpn要有个逻辑一直等 vip。
最后成功基于 vip 的 配置:
root@keepalived01-0:/# cat /etc/openvpn/
cat: /etc/openvpn/: Is a directory
root@keepalived01-0:/# cat /etc/openvpn/openvpn.conf
ca /etc/openvpn/certs/pki/ca.crt
cert /etc/openvpn/certs/pki/issued/server.crt
key /etc/openvpn/certs/pki/private/server.key
dh /etc/openvpn/certs/pki/dh.pem
dev tun0
persist-key
persist-tun
duplicate-cn
link-mtu 1400
keysize 256
user nobody
group nogroup
key-direction 0
keepalive 10 120
status /openvpn-status.log
verb 3
local 10.1.0.49
server 10.240.0.0 255.255.0.0
cipher AES-256-GCM
auth SHA1
proto udp
port 1194
push "route 10.1.0.0 255.255.255.0"
push "dhcp-option DOMAIN-SEARCH ns1.svc.cluster.local"
push "dhcp-option DOMAIN-SEARCH svc.cluster.local"
push "dhcp-option DOMAIN-SEARCH cluster.local"
root@keepalived01-0:/# ss -tunlp
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 10.1.0.49:1194 0.0.0.0:* users:(("openvpn",pid=55,fd=5))
root@keepalived01-0:/#
基于 eth0 网卡主 ip 以及 基于 keepalived 维护在 eth0 的 vip 抓包对比
openvpn-无法使用 keepalived-vip-fip
#1. 直接使用 pod eth0 ip fip 没问题
root@keepalived01-0:/# tcpdump -i eth0 host 192.168.7.200 -netvv
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 38286, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xe511!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 63, id 26487, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 38286, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [udp sum ok] UDP, length 40
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 64, id 38418, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.20.1194 > 192.168.7.200.61231: [bad udp cksum 0xd2ac -> 0xb3f8!] UDP, length 14
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 84: (tos 0xc0, ttl 63, id 26730, offset 0, flags [none], proto ICMP (1), length 70)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 61231 unreachable, length 50
(tos 0x0, ttl 63, id 38418, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.20.1194 > 192.168.7.200.61231: [udp sum ok] UDP, length 14
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 38756, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0x11e9!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 63, id 26732, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 38756, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0x11e9!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 63, id 27932, offset 0, flags [DF], proto UDP (17), length 42)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 14
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 64, id 39132, offset 0, flags [DF], proto UDP (17), length 54)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2b8 -> 0x5654!] UDP, length 26
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 63, id 27933, offset 0, flags [DF], proto UDP (17), length 50)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 22
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 337: (tos 0x0, ttl 63, id 27934, offset 0, flags [DF], proto UDP (17), length 323)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 295
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 1242: (tos 0x0, ttl 64, id 39133, offset 0, flags [DF], proto UDP (17), length 1228)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd74e -> 0xd9ae!] UDP, length 1200
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 1125: (tos 0x0, ttl 64, id 39134, offset 0, flags [DF], proto UDP (17), length 1111)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd6d9 -> 0x95ad!] UDP, length 1083
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 63, id 27935, offset 0, flags [DF], proto UDP (17), length 50)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd2b4 -> 0xb712!] UDP, length 22
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 1242: (tos 0x0, ttl 63, id 27936, offset 0, flags [DF], proto UDP (17), length 1228)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd74e -> 0x348c!] UDP, length 1200
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 1230: (tos 0x0, ttl 63, id 27937, offset 0, flags [DF], proto UDP (17), length 1216)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd742 -> 0xb7f3!] UDP, length 1188
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 64, id 39136, offset 0, flags [DF], proto UDP (17), length 50)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2b4 -> 0x6e5a!] UDP, length 22
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 126: (tos 0x0, ttl 63, id 27938, offset 0, flags [DF], proto UDP (17), length 112)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd2f2 -> 0x5451!] UDP, length 84
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 226: (tos 0x0, ttl 64, id 39137, offset 0, flags [DF], proto UDP (17), length 212)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd356 -> 0xeff2!] UDP, length 184
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 63, id 27939, offset 0, flags [DF], proto UDP (17), length 50)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd2b4 -> 0xb710!] UDP, length 22
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 305: (tos 0x0, ttl 64, id 39138, offset 0, flags [DF], proto UDP (17), length 291)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd3a5 -> 0xbc9a!] UDP, length 263
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 63, id 27940, offset 0, flags [DF], proto UDP (17), length 50)
192.168.7.200.44939 > 10.1.0.20.1194: [bad udp cksum 0xd2b4 -> 0xb70f!] UDP, length 22
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 368: (tos 0x0, ttl 64, id 39139, offset 0, flags [DF], proto UDP (17), length 354)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd3e4 -> 0x7197!] UDP, length 326
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 62, id 27941, offset 0, flags [DF], proto UDP (17), length 50)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 22
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27945, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27946, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27947, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27948, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 27956, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 27957, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27958, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 27959, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28154, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28155, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 28201, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 28208, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 28221, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28334, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28335, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 142: (tos 0x0, ttl 62, id 28367, offset 0, flags [DF], proto UDP (17), length 128)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 100
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28499, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28500, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28501, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28502, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 28508, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 28509, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28510, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28511, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 39728, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xd80f!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 62, id 29092, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 39728, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0xd80f!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28650, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28651, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28830, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 28831, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29017, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29018, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 29194, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 29195, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 40449, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0x6d02!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 146: (tos 0x0, ttl 62, id 29230, offset 0, flags [DF], proto UDP (17), length 132)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 104
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 29288, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 29300, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29302, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29303, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 29315, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 41178, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xb055!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 62, id 30665, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 41178, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0xb055!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29883, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29884, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 29888, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 128: (tos 0x0, ttl 62, id 29889, offset 0, flags [DF], proto UDP (17), length 114)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 86
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 146: (tos 0x0, ttl 62, id 29890, offset 0, flags [DF], proto UDP (17), length 132)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 104
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 41339, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0x14dd!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29916, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 29917, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 147: (tos 0x0, ttl 62, id 29986, offset 0, flags [DF], proto UDP (17), length 133)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 105
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 30042, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 142: (tos 0x0, ttl 62, id 30063, offset 0, flags [DF], proto UDP (17), length 128)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 100
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 41926, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xa9f5!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 62, id 33161, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 41926, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0xa9f5!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 30350, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 30351, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 146: (tos 0x0, ttl 62, id 30487, offset 0, flags [DF], proto UDP (17), length 132)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 104
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 30818, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 30960, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 30961, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 31206, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 42081, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0x2425!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 146: (tos 0x0, ttl 62, id 31292, offset 0, flags [DF], proto UDP (17), length 132)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 104
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 31294, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 31331, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 31332, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 31373, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31439, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31454, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31469, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31515, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31516, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31517, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 31518, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31519, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31526, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 31531, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 31546, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 31552, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31558, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 31633, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31642, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 43184, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xb978!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 62, id 35169, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 43184, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0xb978!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 31752, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 31754, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 31829, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 31830, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 32005, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 32132, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 32148, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 32246, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 44306, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0x59c8!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 62, id 32366, offset 0, flags [DF], proto UDP (17), length 131)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 103
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 32540, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 32554, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 32584, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 32645, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 32646, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 142: (tos 0x0, ttl 62, id 32862, offset 0, flags [DF], proto UDP (17), length 128)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 100
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 44581, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0x4626!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 110: (tos 0xc0, ttl 62, id 37681, offset 0, flags [none], proto ICMP (1), length 96)
192.168.7.200 > 10.1.0.20: ICMP 192.168.7.200 udp port 54230 unreachable, length 76
(tos 0x0, ttl 63, id 44581, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0x6ba8 -> 0x4626!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 145: (tos 0x0, ttl 62, id 32967, offset 0, flags [DF], proto UDP (17), length 131)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 103
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 33000, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 33001, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 33012, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 33425, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 33448, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 33452, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 33638, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 45723, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0xc7f0!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 150: (tos 0x0, ttl 62, id 33685, offset 0, flags [DF], proto UDP (17), length 136)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 108
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 33726, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 33740, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 33843, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 33856, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 46867, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0xde18!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 149: (tos 0x0, ttl 62, id 33928, offset 0, flags [DF], proto UDP (17), length 135)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 107
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 34045, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 34156, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 34157, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 47733, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0xf753!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 149: (tos 0x0, ttl 62, id 34560, offset 0, flags [DF], proto UDP (17), length 135)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 107
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 34598, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 132: (tos 0x0, ttl 62, id 34599, offset 0, flags [DF], proto UDP (17), length 118)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 90
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 34634, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 35030, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 35040, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 118: (tos 0x0, ttl 62, id 35052, offset 0, flags [DF], proto UDP (17), length 104)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 76
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 35091, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 35092, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 35127, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 48369, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.54230: [bad udp cksum 0xd2c6 -> 0x0ad3!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 148: (tos 0x0, ttl 62, id 35509, offset 0, flags [DF], proto UDP (17), length 134)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 106
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 35732, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 35844, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 152: (tos 0x0, ttl 62, id 35845, offset 0, flags [DF], proto UDP (17), length 138)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 110
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 111: (tos 0x0, ttl 62, id 36263, offset 0, flags [DF], proto UDP (17), length 97)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 69
00:00:00:45:21:69 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 82: (tos 0x0, ttl 64, id 48798, offset 0, flags [DF], proto UDP (17), length 68)
10.1.0.20.1194 > 192.168.7.200.44939: [bad udp cksum 0xd2c6 -> 0xae55!] UDP, length 40
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 174: (tos 0x0, ttl 62, id 36383, offset 0, flags [DF], proto UDP (17), length 160)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 132
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 147: (tos 0x0, ttl 62, id 36389, offset 0, flags [DF], proto UDP (17), length 133)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 105
00:00:00:17:43:01 > 00:00:00:45:21:69, ethertype IPv4 (0x0800), length 130: (tos 0x0, ttl 62, id 36421, offset 0, flags [DF], proto UDP (17), length 116)
192.168.7.200.44939 > 10.1.0.20.1194: [udp sum ok] UDP, length 88
^C
167 packets captured
167 packets received by filter
0 packets dropped by kernel
root@keepalived01-0:/#
上一个客户端关闭后,要中断一会儿。 有一些保活机制的包服务端还在发出. 直接关闭该 pod 清理重建。
### keepalived vip fip
#2. 直接使用 pod eth0 keepalived vip fip 有问题
root@keepalived01-1:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1279 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.240.0.1 peer 10.240.0.2/32 scope global tun0
valid_lft forever preferred_lft forever
259: eth0@if260: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1400 qdisc noqueue state UP group default
link/ether 00:00:00:a9:4d:66 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 10.1.0.21/24 brd 10.1.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.1.0.2/24 scope global secondary eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::200:ff:fea9:4d66/64 scope link
valid_lft forever preferred_lft forever
root@keepalived01-1:/# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.0.1 0.0.0.0 UG 0 0 0 eth0
10.1.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.240.0.0 10.240.0.2 255.255.0.0 UG 0 0 0 tun0
10.240.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
root@empty:~/kubecombo/docs/docs/guide/ssl-vpn/03-ssl-vpn-gw# k get ofip
NAME VPC V4EIP V4IP READY IPTYPE IPNAME
keepalived-fip vpc1 192.168.7.3 10.1.0.2 true vip keepalived-vip
root@keepalived01-1:/# tcpdump -i eth0 host 192.168.7.200 -netvv
tcpdump: listening on eth0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
00:00:00:45:21:69 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 62, id 33040, offset 0, flags [DF], proto UDP (17), length 42)
192.168.7.200.40621 > 10.1.0.2.1194: [udp sum ok] UDP, length 14
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 64, id 61950, offset 0, flags [DF], proto UDP (17), length 54)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2b9 -> 0x2097!] UDP, length 26
00:00:00:17:43:01 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 96: (tos 0xc0, ttl 63, id 53979, offset 0, flags [none], proto ICMP (1), length 82)
192.168.7.200 > 10.1.0.21: ICMP 192.168.7.200 udp port 40621 unreachable, length 62
(tos 0x0, ttl 63, id 61950, offset 0, flags [DF], proto UDP (17), length 54)
10.1.0.21.1194 > 192.168.7.200.40621: [udp sum ok] UDP, length 26
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 64, id 62179, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2ad -> 0x0869!] UDP, length 14
00:00:00:17:43:01 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 84: (tos 0xc0, ttl 63, id 53983, offset 0, flags [none], proto ICMP (1), length 70)
192.168.7.200 > 10.1.0.21: ICMP 192.168.7.200 udp port 40621 unreachable, length 50
(tos 0x0, ttl 63, id 62179, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0x4ddd -> 0x0869!] UDP, length 14
00:00:00:45:21:69 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 62, id 33335, offset 0, flags [DF], proto UDP (17), length 42)
192.168.7.200.40621 > 10.1.0.2.1194: [bad udp cksum 0xd29a -> 0x990f!] UDP, length 14
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 64, id 62201, offset 0, flags [DF], proto UDP (17), length 50)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2b5 -> 0x389f!] UDP, length 22
00:00:00:17:43:01 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 92: (tos 0xc0, ttl 63, id 54006, offset 0, flags [none], proto ICMP (1), length 78)
192.168.7.200 > 10.1.0.21: ICMP 192.168.7.200 udp port 40621 unreachable, length 58
(tos 0x0, ttl 63, id 62201, offset 0, flags [DF], proto UDP (17), length 50)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0x4de5 -> 0x389f!] UDP, length 22
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 64, id 62796, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2ad -> 0x0869!] UDP, length 14
00:00:00:17:43:01 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 84: (tos 0xc0, ttl 63, id 54455, offset 0, flags [none], proto ICMP (1), length 70)
192.168.7.200 > 10.1.0.21: ICMP 192.168.7.200 udp port 40621 unreachable, length 50
(tos 0x0, ttl 63, id 62796, offset 0, flags [DF], proto UDP (17), length 42)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0x4ddd -> 0x0869!] UDP, length 14
00:00:00:45:21:69 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 62, id 33483, offset 0, flags [DF], proto UDP (17), length 42)
192.168.7.200.40621 > 10.1.0.2.1194: [bad udp cksum 0xd29a -> 0x990f!] UDP, length 14
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 64: (tos 0x0, ttl 64, id 62869, offset 0, flags [DF], proto UDP (17), length 50)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2b5 -> 0x389f!] UDP, length 22
00:00:00:45:21:69 > 00:00:00:a9:4d:66, ethertype IPv4 (0x0800), length 56: (tos 0x0, ttl 62, id 33610, offset 0, flags [DF], proto UDP (17), length 42)
192.168.7.200.40621 > 10.1.0.2.1194: [bad udp cksum 0xd29a -> 0x990f!] UDP, length 14
00:00:00:a9:4d:66 > 00:00:00:17:43:01, ethertype IPv4 (0x0800), length 68: (tos 0x0, ttl 64, id 64344, offset 0, flags [DF], proto UDP (17), length 54)
10.1.0.21.1194 > 192.168.7.200.40621: [bad udp cksum 0xd2b9 -> 0x2097!] UDP, length 26
# 可以看到基于 vip 进来的包是 10.1.0.2.1194, 而回包一直都是 10.1.0.21.1194
# 10.1.0.2 是 vip, 而回包是 10.1.0.21 是 eth0 主ip
找到问题了, openvpn 的回包没有基于 vip 回包,反而是基于 pod 的ip地址。
原因是因为使用的是 MASQUERADE, 只会使用网卡的主 ip
root@keepalived01-1:/# iptables-save
# Generated by iptables-save v1.8.7 on Thu Dec 7 04:24:35 2023
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.240.0.0/16 -o eth0 -j MASQUERADE
COMMIT
# Completed on Thu Dec 7 04:24:35 2023
替换为
-A POSTROUTING -s 10.240.0.0/16 -o eth0 -j SNAT --to-source your_specified_ip
iptables -t nat -A SHARED_SNAT -o net1 -s $internalCIDR -j SNAT --to-source $eip $randomFullyOption
# 目前认为 keepalived的掩码最好是 32,否则 vip对应的fip网络不通
总结:
目前确认该现象就是一个 bug, 除非我再加个 haproxy 基于 vip 再转发一下。 但是我是不愿意再加个 haproxy。 还不如去社区提个 issue,或者研究下怎么提 PR。
如果短时间内 fip eip 不变,但是内网 ip 或者 vip 一直变,pod 的 fip 首包会丢十个以上, vip 的 fip 甚至都不通。
这个只是不开启安全组情况下使用 vip fip 的情况,流表中没有维护。 全靠 arp 广播和缓存。可能 arp 确实会国企没清理导致乱掉。
