Community


All times are UTC - 5 hours




Post new topic Reply to topic  [ 26 posts ]  Go to page Previous  1, 2, 3  Next
Author Message
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Sun Dec 31, 2017 2:46 am 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
My install is straight to the hardware. The only modification I did is the value of ulimit as per suggested. I am not using any hamachi on any of the clients. I checked the neoserver when the problem occurs and the neoserver is only using an average of 1%, and has lot of free memory available. I am running a XEON quad core with 8gig memory. I will attached a log file from one windows 10 client and one linux client.


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Sun Dec 31, 2017 2:48 am 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
Here is the linux and windows 10 client log file.


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Sun Dec 31, 2017 2:51 am 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
Here is the windows 10 client log file.


Attachments:
NRService_20171230_225604.log [1013.75 KiB]
Downloaded 1602 times
Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Sun Dec 31, 2017 12:56 pm 
Offline

Joined: Tue Sep 27, 2016 8:26 pm
Posts: 42
johnny2000 wrote:
Here is the windows 10 client log file.


I don't know the issue, their debug is not helpful except to the developer. But there were 40 counts of:

Quote:
Timeout::Fail to create p2p channel: Key Exchange.


The linux free server is over 2.5 years old and seems to be abandoned, having been ignored for a few upgrade cycles. I don't think there is a solution nor help coming, it's likely to have already been fixed in the paid versions and won't be released in the free version.


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Thu Jan 04, 2018 9:24 pm 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
kevinz wrote:
Hi johnny2000,

Thanks for your information. I don't think it's a limitation to the NR Free edition and your NR clients are very small set.

If you can collect the log file of one of the Linux boxes that having the issue and send it to us (support email address) , we can help you investigate it.

Since it happens sometimes, it's more like related to the environment, such as network or machine. If you can isolate 2 of the Linux boxes and connect them to another NR Free server (for testing), it can at least determine if the issue is coming from the NR client local box or from other NR clients.

Thanks,
KevinZ - NeoRouter team


Hi Kevin,
What is your take on this? I attached a log file of windows 10 client, and linux client and server. I even put the neorouter server on a separate network and on the DMZ, but still the same issue, as long as there are close to 20 concurrent connections are on, the problem occurs. Thank you.


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Fri Jan 05, 2018 10:11 am 
Offline

Joined: Sun Nov 16, 2008 6:41 am
Posts: 1878
Hi johnny2000,

I've reviewed your log files and here are my thoughts:

1. Based on the nrservice log file, I can see a lot of P2P connection failures. It means your network envrionment seems not suitable for NR peers to establish a P2P connection. You can set the Connection Option to use the relay mode (from NR Client UI menu item File>Connection), so NR client service will not try the P2P connection anymore. Though NR clients can establish UDP P2P connections in most cases, it cannot do this when it is behined a restrict firewall or symetric NAT or double-NAT and so on. With NR Pro, one can open a port range in firewall and tell NR clients use the port range to establish the P2P if really need to.

07372 2017-12-31 07:24:50,595|08620|04200| | -[CTunnelP2P::OnError](hr=0x8081000e)
07446 2017-12-31 07:25:29,426|08620|04200| | +[CTunnelP2P::OnError]
07447 2017-12-31 07:25:29,426|08620|04200|T| CTunnelP2P::OnError(-2139029490)
07452 2017-12-31 07:25:29,426|08620|04200| | +[CPeerObj::OnError]
07453 2017-12-31 07:25:29,426|08620|04200|W| CPeerObj::OnError -2139029490 on 0x3700000a
07454 2017-12-31 07:25:29,426|08620|04200|T| CPeerObj::OnError -2139029490 on 0x3700000a
07455 2017-12-31 07:25:29,426|08620|04200| | -[CPeerObj::OnError]
07456 2017-12-31 07:25:29,426|08620|04200| | -[CTunnelP2P::OnError](hr=0x8081000e)
07782 2017-12-31 07:26:26,108|08620|06364| | +[CTunnelP2P::OnError]
07783 2017-12-31 07:26:26,108|08620|06364|T| CTunnelP2P::OnError(-2139029491)
07788 2017-12-31 07:26:26,108|08620|06364| | +[CPeerObj::OnError]
07789 2017-12-31 07:26:26,108|08620|06364|W| CPeerObj::OnError -2139029491 on 0xc00000a
07790 2017-12-31 07:26:26,108|08620|06364|T| CPeerObj::OnError -2139029491 on 0xc00000a
07796 2017-12-31 07:26:26,108|08620|06364| | -[CPeerObj::OnError]
07797 2017-12-31 07:26:26,108|08620|06364| | -[CTunnelP2P::OnError](hr=0x8081000d)
07821 2017-12-31 07:26:26,108|08620|06364| | +[CTunnelP2P::OnError]
07822 2017-12-31 07:26:26,108|08620|06364|T| CTunnelP2P::OnError(-2139029491)
07829 2017-12-31 07:26:26,108|08620|06364| | +[CPeerObj::OnError]
07830 2017-12-31 07:26:26,108|08620|06364|W| CPeerObj::OnError -2139029491 on 0xd00000a

2. Based on the server log file you sent before, I can see a lot of lock errors when sending msg. NR server routes network packets and run as a multi-threading application. When you see this error it means NR server is too busy to acquire a lock to send packets for a thread or connection. There would be caused by several reasons:

a. Your server machine is too slow and OS takes long time to process a request so others have to wait, when timeout, you see this error. try to upgrade the server machine, you can get better performance.

b. Your server machine is overloaded. Maybe it's a fast machine, but too many packets need to be processed.

1) With NR Pro, you can set packet filtering settings to filter out ipv6/broadcast/non-ipv4 packets. this can reduce a lot of load to the server. Note: all of those packets will be broadcasted to all NR clients, so if you have 50 nodes, the packets will be sent 50 times. That is a huge load. With NR Free, you can change the OS level settings or firewall to prevent from ipv6 protocol, or may be some other packets you don't need, but you need to do this on all client machines.

2) If you think your NR server is powerful enough, you can increase the thread pool size by changing the Feature.ini file on the server. There is an option allowing one to change the thread pool size. (default value: MaxInstanceThreads=5 , 2*number of CPU cores)
You can also refer to the NeoRouter performance tunning document on our website.


2376 2017-12-29 04:13:57|01845|139681208293120|I| Found IP: index=56; IP=10.0.0.56
2500 2017-12-29 04:13:57|01845|139681208293120|I| Found IP: index=46; IP=10.0.0.46
2606 2017-12-29 04:13:57|01845|139681191507712|I| Found IP: index=60; IP=10.0.0.60
2666 2017-12-29 04:13:57|01845|139681141151488|I| Found IP: index=63; IP=10.0.0.63
2744 2017-12-29 04:13:58|01845|139681191507712|I| Found IP: index=2; IP=10.0.0.2
2782 2017-12-29 04:13:58|01845|139681157936896|I| Found IP: index=21; IP=10.0.0.21
2836 2017-12-29 04:13:58|01845|139681208293120|I| Found IP: index=31; IP=10.0.0.31
2868 2017-12-29 04:13:58|01845|139681166329600|I| Found IP: index=40; IP=10.0.0.40
3028 2017-12-29 04:14:02|01845|139681149544192|I| Found IP: index=14; IP=10.0.0.14
3561 2017-12-29 04:14:35|01845|139681183115008|I| SendMsg failed to acquire Send lock.
3563 2017-12-29 04:14:35|01845|139681166329600|I| SendMsg failed to acquire Send lock.
3565 2017-12-29 04:14:35|01845|139681191507712|I| SendMsg failed to acquire Send lock.
3567 2017-12-29 04:14:35|01845|139681208293120|I| SendMsg failed to acquire Send lock.
3569 2017-12-29 04:14:35|01845|139681174722304|I| SendMsg failed to acquire Send lock.
3571 2017-12-29 04:14:35|01845|139681157936896|I| SendMsg failed to acquire Send lock.
3573 2017-12-29 04:14:35|01845|139681141151488|I| SendMsg failed to acquire Send lock.
3648 2017-12-29 04:15:06|01845|139681166329600|I| SendMsg failed to acquire Send lock.
3650 2017-12-29 04:15:06|01845|139681191507712|I| SendMsg failed to acquire Send lock.
3652 2017-12-29 04:15:06|01845|139681208293120|I| SendMsg failed to acquire Send lock.
3654 2017-12-29 04:15:06|01845|139681157936896|I| SendMsg failed to acquire Send lock.
3656 2017-12-29 04:15:06|01845|139681141151488|I| SendMsg failed to acquire Send lock.
3658 2017-12-29 04:15:11|01845|139681199900416|I| SendMsg failed to acquire Send lock.
3742 2017-12-29 04:15:11|01845|139681149544192|I| SendMsg failed to acquire Send lock.
3783 2017-12-29 04:15:32|01845|139681174722304|I| SendMsg failed to acquire Send lock.

Let us know if you have any question or concern.

Thanks,
KevinZ - NeoRouter team


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Thu Jul 05, 2018 11:12 pm 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
This is what I did and it solves the problem but not really elegant. As I am using pfsense as my main router, I put the neorouter in the DMZ and the problem was solve. My question is what ports are really necessary to be open in the firewall so that neorouter will work flawlessly?


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Fri Jul 06, 2018 7:13 am 
Offline

Joined: Tue Sep 27, 2016 8:26 pm
Posts: 42
johnny2000 wrote:
This is what I did and it solves the problem but not really elegant. As I am using pfsense as my main router, I put the neorouter in the DMZ and the problem was solve. My question is what ports are really necessary to be open in the firewall so that neorouter will work flawlessly?


Just the listening port of the server. Default is 32976/tcp. Putting something in the DMZ is almost always a bad idea. Switch back to open/forwarding port 32976 only.

neorouter . com/wiki/index.php/NeoRouterWiki:FAQ#Should_I_open_an_port_to_the_Internet.3F

(this forum doesn't allow url's even to Neorouter website despite having url tag support so you'll need to fix the link above manually).


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Fri Jul 13, 2018 8:30 pm 
Offline

Joined: Fri Oct 30, 2015 3:25 pm
Posts: 22
I know that it is a bad idea but right now it is the only way I found that works with my environment. Of course at the beginning I port forward the 32976/tcp, however with this port only being forwarded I have a lot of issues. I will continue tinkering with pfsense as the main router to work with neorouter.


Top
 Profile  
 
 Post subject: Re: [SOLVED] Unable to SSH/VNC/ping etc using NRouter
PostPosted: Thu Aug 23, 2018 10:13 pm 
Offline

Joined: Thu Aug 23, 2018 10:09 pm
Posts: 2
Thank you for such a sweet tutorial - all this time later, I've found it and love the end result. I appreciate the time you spent sharing your skills.

_________________
cat mario


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 26 posts ]  Go to page Previous  1, 2, 3  Next

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 25 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron