Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


GRE in Turkey
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

GRE in Turkey

elgselgs Member
edited October 2015 in General

I have two VPS'es in Turkey, one with vps.systems and the other one with semele.com. I installed pptpd on both. When my client tried to connects to the pptpd, both returns GRE failed. I also have VPS'es in other countries without this problem. I'm wondering whether GRE is disabled in Turkey's network.

Comments

  • IshaqIshaq Member
    edited October 2015

    elgs said: Turkey

    elgs said: Turnkey

    Turkey or Turnkey?

    Either way, speak to your host. It sounds like your VPS does not have the GRE module enabled. Try "modprobe ip_gre" first.

  • elgselgs Member
    edited October 2015

    @Ishaq said:

    The country Turkey. Sorry I spelled as Turnkey and I just corrected. Thanks for reminding.

  • elgselgs Member
    edited October 2015

    @Ishaq said:

    Thanks. Tried modprobe ip_gre. It didn't complain anything and returned silence.

    I spoke to vps.systems, and they said they had nothing to restrict their network. Initially I thought the problem might be with my VPS, but now I have two VPS'es in the same countries. They appeared to have the same problem which doesn't exist in any other countries. I started to suspect whether there's anything to do with Turkey's network.

  • elgs said: Thanks. Tried modprobe ip_gre. It didn't complain anything and returned silence.

    Ok, what does lsmod | grep ip_gre return?

    Sounds like it was enabled.

  • @Ishaq said:
    what does lsmod | grep ip_gre return?

    It return's nothing, like so:

    root@qc3630:~# modprobe ip_gre
    root@qc3630:~# 
    
  • elgs said: It return's nothing, like so:

    Not modprobe ip_gre

    It's normal for it to return nothing, that means it's enabled.

    What does lsmod | grep ip_gre return?

    That should show you if it enabled or not.

  • Sorry, my fault. It returns as follows:

    root@qc3630:~# lsmod | grep ip_gre
    ip_gre                 18245  0 
    gre                    13796  1 ip_gre
    ip_tunnel              23768  1 ip_gre
    
  • I use exactly the same procedure to setup my servers. Could GRE be blocked by my provider's router instead of inside my VPS?

  • elgs said: I use exactly the same procedure to setup my servers. Could GRE be blocked by my provider's router instead of inside my VPS?

    GRE traffic can be filtered at a network level, yes. But this does not explain the "GRE failed" error that your clients are seeing.

    Try PPTP now that GRE is enabled on your Turkey VPS?

  • elgselgs Member
    edited October 2015

    @Ishaq said:
    Try PPTP now that GRE is enabled on your Turkey VPS?

    Sorry the client doesn't see "GRE failed". I apologize for the confusion. The GRE failed message actually is written into the log /var/log/syslog:

    Oct  4 18:10:20 qc3630 pptpd[3703]: CTRL: Client x.x.x.x control connection started
    Oct  4 18:10:21 qc3630 pptpd[3703]: CTRL: Starting call (launching pppd, opening GRE)
    Oct  4 18:10:21 qc3630 pppd[3704]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
    Oct  4 18:10:21 qc3630 pppd[3704]: pppd 2.4.5 started by root, uid 0
    Oct  4 18:10:21 qc3630 pppd[3704]: Using interface ppp0
    Oct  4 18:10:21 qc3630 pppd[3704]: Connect: ppp0 <--> /dev/pts/1
    Oct  4 18:10:51 qc3630 pppd[3704]: LCP: timeout sending Config-Requests
    Oct  4 18:10:51 qc3630 pppd[3704]: Connection terminated.
    Oct  4 18:10:51 qc3630 pppd[3704]: Modem hangup
    Oct  4 18:10:51 qc3630 pppd[3704]: Exit.
    Oct  4 18:10:51 qc3630 pptpd[3703]: GRE: read(fd=6,buffer=7f8aeea414a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
    Oct  4 18:10:51 qc3630 pptpd[3703]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
    Oct  4 18:10:51 qc3630 pptpd[3703]: CTRL: Reaping child PPP[3704]
    Oct  4 18:10:51 qc3630 pptpd[3703]: CTRL: Client x.x.x.x control connection finished
    

    Just tried again, and the above is the same error message. The client received some connection disconnected message.

  • Try the connection while running this in a separate window or use screen:

    tcpdump -ni any proto gre

    If the packets are being filtered by your provider or their upstream, you won't see anything using the above command.

  • elgselgs Member
    edited October 2015

    @Ishaq said:
    Try the connection while running this in a separate window or use screen:

    tcpdump -ni any proto gre

    If the packets are being filtered by your provider or their upstream, you won't see anything using the above command.

    Thanks. I use my iPhone to connect. Here is the message from tcpdump while my phone is connecting: (x.x.x.x is the ip address of my phone, y.y.y.y is the ip address of the server.)

    root@qc3630:~# tcpdump -ni any proto gre
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes
    18:24:04.224049 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 0, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:07.217844 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 1, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:10.220932 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 2, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:13.224065 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 3, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:16.227260 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 4, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:19.230296 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 5, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:22.233494 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 6, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:25.236518 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 7, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:28.239637 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 8, length 41: LCP, Conf-Request (0x01), id 1, length 27
    18:24:31.242835 IP y.y.y.y > x.x.x.x: GREv1, call 63454, seq 9, length 41: LCP, Conf-Request (0x01), id 1, length 27
    
  • Are the following netfilter kernel modules enabled?

    lsmod | grep nf_conntrack_pptp nf_conntrack_proto_gre

    If not, enable using:

    modprobe nf_conntrack_pptp nf_conntrack_proto_gre

  • @Ishaq said:
    Are the following netfilter kernel modules enabled?

    lsmod | grep nf_conntrack_pptp nf_conntrack_proto_gre

    If not, enable using:

    modprobe nf_conntrack_pptp nf_conntrack_proto_gre

    root@qc3630:~# lsmod | grep nf_conntrack_pptp nf_conntrack_proto_gre
    grep: nf_conntrack_proto_gre: No such file or directory
    root@qc3630:~# modprobe nf_conntrack_pptp nf_conntrack_proto_gre
    root@qc3630:~# lsmod | grep nf_conntrack_pptp nf_conntrack_proto_gre
    grep: nf_conntrack_proto_gre: No such file or directory
    

    Seems still no luck. The server OS is as follows:

    Linux qc3630 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
    
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description:    Ubuntu 14.04.3 LTS
    Release:    14.04
    Codename:   trusty
    
  • Add the text debug dump to the /etc/ppp/options.pptpd or /etc/ppp/pptpd-options file. No need to restart pptpd.

    Then tail -f /var/log/syslog after the connection.

  • elgselgs Member
    edited October 2015

    @Ishaq said:
    Add the text debug dump to the /etc/ppp/options.pptpd or /etc/ppp/pptpd-options file. No need to restart pptpd.

    Then tail -f /var/log/syslog after the connection.

    I added debug dump to /etc/ppp/pptpd-options (/etc/ppp/options.pptpd doesn't exist in my system), and it worked. The client connected to the server without any problem. Then I removed debug dump and tried again, still worked without any problem. I have no idea how it magically worked. I'm pretty sure nothing is changed on my side before and after it suddenly worked.

    So I tried to connect to the other Turkish server, but it still doesn't work. Then I added debug dump to /etc/ppp/pptpd-options. Here is the output from tail -f /var/log/syslog:

    Oct  5 02:42:37 tr000 pptpd[9554]: CTRL: Client x.x.x.x control connection started
    Oct  5 02:42:37 tr000 pptpd[9554]: CTRL: Starting call (launching pppd, opening GRE)
    Oct  5 02:42:37 tr000 pppd[9555]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
    Oct  5 02:42:37 tr000 pppd[9555]: pptpd-logwtmp: $Version$
    Oct  5 02:42:37 tr000 pppd[9555]: pppd options in effect:
    Oct  5 02:42:37 tr000 pppd[9555]: debug#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: nologfd#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: dump#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: plugin /usr/lib/pptpd/pptpd-logwtmp.so#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: require-mschap-v2#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: refuse-pap#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: refuse-chap#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: refuse-mschap#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: name pptpd#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: remotenumber x.x.x.x#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: pptpd-original-ip x.x.x.x#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: 115200#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: lock#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: crtscts#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: local#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: asyncmap 0#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: lcp-echo-failure 4#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: lcp-echo-interval 30#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: hide-password#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: novj#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: novjccomp#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: ipparam x.x.x.x#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: ms-dns xxx # [don't know how to print value]#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: nodefaultroute#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: proxyarp#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: 10.0.0.1:10.0.0.100#011#011# (from command line)
    Oct  5 02:42:37 tr000 pppd[9555]: nobsdcomp#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: require-mppe-128#011#011# (from /etc/ppp/pptpd-options)
    Oct  5 02:42:37 tr000 pppd[9555]: noipx#011#011# (from /etc/ppp/options)
    Oct  5 02:42:37 tr000 pppd[9555]: pppd 2.4.5 started by root, uid 0
    Oct  5 02:42:37 tr000 pppd[9555]: using channel 7
    Oct  5 02:42:37 tr000 pppd[9555]: Using interface ppp0
    Oct  5 02:42:37 tr000 pppd[9555]: Connect: ppp0 <--> /dev/pts/1
    Oct  5 02:42:37 tr000 pppd[9555]: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xcdd75bb8> <pcomp> <accomp>]
    Oct  5 02:43:04 tr000 pppd[9555]: message repeated 9 times: [ sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0xcdd75bb8> <pcomp> <accomp>]]
    Oct  5 02:43:07 tr000 pppd[9555]: LCP: timeout sending Config-Requests
    Oct  5 02:43:07 tr000 pppd[9555]: Connection terminated.
    Oct  5 02:43:08 tr000 pppd[9555]: Modem hangup
    Oct  5 02:43:08 tr000 pppd[9555]: Exit.
    Oct  5 02:43:08 tr000 pptpd[9554]: GRE: read(fd=6,buffer=7f4afeb904a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs
    Oct  5 02:43:08 tr000 pptpd[9554]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7)
    Oct  5 02:43:08 tr000 pptpd[9554]: CTRL: Reaping child PPP[9555]
    Oct  5 02:43:08 tr000 pptpd[9554]: CTRL: Client x.x.x.x control connection finished
    
  • The first server worked for a few hours. But it doesn't work now. I didn't do anything in the server. I think it must be controlled by the network or router.

Sign In or Register to comment.