[iodine-users] No downstream data received in 60 seconds, (was: iodine-users Digest, Vol 36, Issue 1)

Marcus Poller don_sepia at freenet.de
Fri Dec 25 17:22:40 CET 2015


Dear Gulshan,

> From: Gulshan Singh <gsingh2011 at gmail.com>
> Subject: [iodine-users] No downstream data received in 60 seconds,
> 	shutting down.

> I was able to get iodine working between my local Arch Linux machine
> and a remote Ubuntu machine. Both machines are running the latest
> version of iodine from git.
> 
> I changed my default route to dns0

You should not try this since iodine will try to emit its own
packets using dns0. It makes the tunnel collapse.

Lets talk about routing in general:
On the server you run:
  $ sudo iodined -DDD -P ts-password 172.16.0.1 tunnel.dns.de
  $ route -n
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.122.1   0.0.0.0         UG    0      0        0 eth0
172.16.0.0      0.0.0.0         255.255.255.224 U     0      0        0 dns0
192.168.122.0   192.168.122.1   255.255.255.0   UG    0      0        0 eth0

On the client side you should do:
  $ sudo iodine -f -P ts-password 8.8.8.8 tunnel.dns.de
where 8.8.8.8 is some dns-server you are forced to use. Leave it empty
if you can.
  $ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 wlan2
172.16.0.0      0.0.0.0         255.255.255.224 U     0      0        0 dns0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan2

and this is where the magic comes in - you can now reach your server
using

 $ ssh user at 172.16.0.1 

So you can reach your server in a point-to-point fashion.
Please verify you get this far before discussing further!

How to get your packets forwarded on the server from dns0 to eth0?

Option 1:
 $ ssh -D 5555 user at 172.16.0.1
 set a Firefox SOCKS Proxy to 127.0.0.1:5555
Option 2:
  Natting:
  iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  echo 1 >/proc/sys/net/ipv4/ip_forward
Option 3:
  OpenVPN/tinc/strongswan/fastd
Option 4:
  bridging: $brctl #not advised
Option 5:
  iproute2 #hardcore

> and I was able to make some curl
> requests.

That is weird to me.

> However, after about a minute, I see: `iodine: No
> downstream data received in 60 seconds, shutting down.`
> Anyone know why this is happening?

Iodine sends its packets using the default route, which is a dead end.
But you can trick SSH to contact your server using the tunnel device -
by using the tunnel servers IP.

In case you want to learn more: Get in introduction to routing!

Happy hacking!
Marcus






More information about the iodine-users mailing list