34
submitted 1 year ago* (last edited 1 year ago) by luthis@lemmy.nz to c/linux@lemmy.ml

Probably should find a linux networking specific community for this one..

I have a strange issue that feels very familiar, like I've fixed it before, but I can't remember how.

I try to rtsp to security cam:

ffplay rtsp://user:password@192.168.19.137:554/h264Preview_01_main

And I get a no route:

Connection to tcp://192.168.19.137:554?timeout=0 failed: No route to host

rtsp://user:password@192.168.19.137:554/h264Preview_01_main: No route to host

Strange, I'm in the same subnet 192.168.19.129/24, and it worked a few days ago.

Check ping:

ping 192.168.19.137

PING 192.168.19.137 (192.168.19.137) 56(84) bytes of data.

64 bytes from 192.168.19.137: icmp_seq=1 ttl=64 time=5.69 ms

Of course.. So I run the command again;

ffplay rtsp://user:password@192.168.19.137:554/h264Preview_01_main

And now it works.

I could bandaid by crontabbing a ping every hour or something, but I would really like to know why I'm getting a 'no route' until I ping.

My routing table is pretty basic:

default via 192.168.19.1 dev enp4s0 proto dhcp src 192.168.19.129 metric 100

default via 192.168.19.1 dev enp4s0 proto dhcp src 192.168.19.129 metric 1002

172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown

172.18.0.0/16 dev br-68c1e0344e27 proto kernel scope link src 172.18.0.1 linkdown

192.168.19.0/24 dev enp4s0 proto dhcp scope link src 192.168.19.129 metric 1002

192.168.19.1 dev enp4s0 proto dhcp scope link src 192.168.19.129 metric 1024

And I don't think I have any rules in firewall for LAN.

Any ideas?

top 21 comments
sorted by: hot top controversial new old
[-] empireOfLove@lemmy.one 25 points 1 year ago

Are you sure the camera is not going into some kind of low power sleep mode and then has a wake-on-LAN functionality that only responds to icmp/magic packets? The number of embedded devices that have aggressive power saving measures built in is kinda stupid tbh.

Can you reliably rtsp from a different machine to rule out the routing table?

[-] luthis@lemmy.nz 7 points 1 year ago

I can try test that.

The camera is always accessible via the android app, but that's not quite the same.

[-] empireOfLove@lemmy.one 10 points 1 year ago

The android app, if proprietary and manufacturer specific, could very well be sending its own magic wake-on-lan packet to check if the camera is alive.

I unfortunately don't know enough about nitty-gritty networking stuff to help with the actual routing though, refer to the other commenters for that.

[-] blattrules@lemmy.world 7 points 1 year ago

This is what I thought it sounded like too. I’ve seen similar behavior with wake on lan before.

[-] SootyChimney@hexbear.net 11 points 1 year ago

I want to say ARP. Can I say ARP?

[-] socsa@lemmy.ml 1 points 1 year ago

This is the answer.

[-] notfromhere@lemmy.one 9 points 1 year ago

Do you have an IP address conflict?

[-] preciouspupp@sopuli.xyz 4 points 1 year ago* (last edited 1 year ago)

I would check this first too, seems a bit like it. Check your arp table for anything nasty.

[-] wgs@lemmy.sdf.org 1 points 1 year ago

I would put my money on that too.

[-] jsveiga@sh.itjust.works 8 points 1 year ago

Why do you have two default routes?

The last line in your table also doesn't look right.

[-] jet@hackertalks.com 7 points 1 year ago

Im rusty. So don't trust this.

It looks like you have a routing issue with your default route. The fact that a ping gets the IP to start working, tells me that you need a broadcast packet on the local network, that broadcast excites the other computer to send a message out, that updates the IP to Mac table, which then makes the machine routable because now there is a direct ethernet pathway.

So I think the magic here is the initial broadcast ping is doing.

Ideally this isn't necessary, ethernet should be sending out a broadcast packet for the Mac to IP table anyway for your TCP traffic. I don't know why that's not happening. I would do an TCP dump in both scenarios, and see if the broadcast is going out.

My intuition is that there's something fucky going on with your default route, that ping is not being affected by. I bet you don't send out a broadcast address discovery packet in the TCP scenario but you do in the ping scenario

[-] preciouspupp@sopuli.xyz 6 points 1 year ago

But any IP packet should trigger an arp “who has?”.

[-] jet@hackertalks.com 4 points 1 year ago

Yes. It should. Hence the fucky mystery. Good to check with a network dump to rule it out.

[-] 4am@lemm.ee 2 points 1 year ago

When this happened to me, the broadcast would trigger the ARP update; the camera would respond ever so slightly slower and since it was the last device to claim it was at the IP the ARP table would be updated with it. It would work until the conflicting device would send a packet which would update the ARP table again, back to the original device. The services I expected to respond would no longer receive the packets, they’d go to the wrong machine and it of course wouldn’t respond to requests for services it was not running.

That’s how you end up in this situation of “works for a bit then stops responding”

[-] atlasraven31@lemm.ee 2 points 1 year ago

Either this or a firewall issue.

[-] 4am@lemm.ee 6 points 1 year ago

Dunno how helpful this is but when I’ve had this problem in the past it was an IP conflict. Are you setting static IPs or are you using DHCP reserves for everything?

[-] fubo@lemmy.world 6 points 1 year ago

Check your ARP table before and after the ping? Might also be interesting to tcpdump (for the device's address or 0.0.0.0) while doing it.

[-] vettnerk@lemmy.ml 5 points 1 year ago

Is there an IPSec tunel in the mix? Often, IPSec Phase2 goes down when idle, while Phase1 stays up. Upon traffic, Phase2 is brought up again, with a delay.

I usually work around this with a crontab on one of the remote servers that sends a single ping packet every minute to a local server, and pipe any output to /dev/null.

[-] dandroid@dandroid.app 5 points 1 year ago

This is some Schrodinger's network address shit. The act of observing the network address modifies it so it can be accessed.

[-] Lemmyin@lemmy.nz 3 points 1 year ago

I had an issue where my docker networks started overlapping my network addresses and I had some issues to connect to the machine etc. so perhaps check to make sure your docker addresses don’t overlap your home network range somehow. Also keep the subnet mask in mind as the range might be bigger than what the first few numbers indicate.

[-] Snowplow8861@lemmus.org 3 points 1 year ago

I can guess at some things but let me first start with what I think is happening:

You have a gateway set. Your device sends a broadcast arp message asking 'who has ip ' and the device with that ip is supposed to send back 'me with this mac address!'.

That device is either sending it so slowly that your machine says 'I can't go past the gateway, the gateway isn't responding' which in your error message is no route to host.

Assuming that you have no custom manual network route in play.

So things that can cause that are usually link layer and layer two issues and sometimes duplicate IPs. Two devices with the gateway ip.

You should watch your mac address table and arp table (arp a) and watch if the router gateway disappears or changes Mac addresses.

this post was submitted on 16 Aug 2023
34 points (97.2% liked)

Linux

48904 readers
1536 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS