networking – Drawbacks of having pruned and collapsed packets

I am a newbie in networking field, I come across a note that we should not have pruned packets and collapsed packets, if we have, we should have to optimize the system.

But the note (neither the internet) didn’t provide much context on why we shouldn’t have pruned and collapsed packets and what problems that it makes?

$ netstat -s | grep socket      
299 packets pruned from receive queue because of socket buffer overrun
2701 TCP sockets finished time wait in fast timer
5 delayed acks further delayed because of locked socket
92 packets collapsed in receive queue due to low socket buffer

Here, you can see I have 299 packets which were pruned and 92 packets were collapsed.

Is it bad? if yes, why? what issues I will face due to this?

linux – How does an Interface know which interface to route packets to?

I have 2 interfaces on my Ubuntu18.04.

wlp3s0 which has internet connection and vboxnet0 which lacks one.

I followed some online guides and understood that I needed to enable IP forwarding.

I did that and everything works fine.

I was wondering how did the vboxnet0 interface know that it needed to forward its packets to wlp3s0 and not some other interface(if I have more than 2)?

networking – Ubuntu transmits TTL 0 multicast packets

IP packets with TTL 0 shall not leave host.

But when I start application which multicasts UDP packets with TTL 0, I see packets with TTL 0 leaving host for few seconds, and coming to normal behavior of TTL 0. This most likely happens after reboot and first start of application.

I confirmed packets with TTL 0 leaving host with tcpdump:

05:31:39.048304 IP (tos 0x0, id 14487, offset 0, flags (DF), proto UDP (17), length 1344)
    192.168.1.200.46968 > 239.0.0.1.1234: UDP, length 1316
05:31:39.049594 IP (tos 0x0, id 14488, offset 0, flags (DF), proto UDP (17), length 1344)
    192.168.1.200.46968 > 239.0.0.1.1234: UDP, length 1316
05:31:39.051601 IP (tos 0x0, id 14489, offset 0, flags (DF), proto UDP (17), length 1344)
    192.168.1.200.46968 > 239.0.0.1.1234: UDP, length 1316
05:31:39.053584 IP (tos 0x0, id 14490, offset 0, flags (DF), proto UDP (17), length 1344)
    192.168.1.200.46968 > 239.0.0.1.1234: UDP, length 1316

As we can see ttl is not displayed which means TTL 0, as confirmed from tcpdump man page: https://www.tcpdump.org/manpages/tcpdump.1.html (search ttl, it clearly indicated: ttl is the time-to-live; it is not reported if it is zero).

There are no any iptables rules running.

uname -a: Linux mydevice 4.15.0-101-generic #102-Ubuntu SMP Mon May 11 10:07:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

lsb_release -a:

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 18.04.4 LTS
Release:        18.04
Codename:       bionic

What can be the cause for this behavior, and how can I resolve this?

linux – Routing/forwarding packets between two interfaces

I need to route my PC network traffic through a VMWare machine. What setup I thought about that is using a vm with two interfaces and forcing the PC to send the traffic to VMNet1 instead of Ethernet (using interface metric or routing). The setup is look like the following picture:

enter image description here

I have enabled ip_forward in `/proc/sys/net/ipv4/’, but seems is’t enough.

In the PC I can access to ens33 and ens37:

  • Pinging 192.168.1.3 from PC is OK
  • Pinging 192.168.1.4 from PC is OK
  • ARP table (arp -a) shows 192.168.1.3-4 in 192.168.1.5’s entry
  • I can’t ping 192.168.1.1 through VMNet1 (ping -S 192.168.1.5 192.168.1.1)

In the vm:

  • Pinging 192.168.1.1 only through ens37 is OK (ping -I ens37 192.168.1.1)

Question
With the above details, I think my problem is routing/forwarding incoming packet from ens33 to ens37in the vm, so how to do this?

Further information:

~$ ip route
default via 192.168.1.1 dev ens37 proto static metric 101 
192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.3 metric 100 
192.168.1.0/24 dev ens37 proto kernel scope link src 192.168.1.4 metric 101 

~$ networkctl status -a
● 1: lo
       Link File: /usr/lib/systemd/network/99-default.link
    Network File: n/a
            Type: loopback
           State: carrier (unmanaged)
         Address: 127.0.0.1
                  ::1

● 2: ens33
       Link File: /usr/lib/systemd/network/99-default.link
    Network File: n/a
            Type: ether
           State: routable (unmanaged)
            Path: pci-0000:02:01.0
          Driver: e1000
          Vendor: Intel Corporation
           Model: 82545EM Gigabit Ethernet Controller (Copper) (PRO/1000 MT Single Port Adapter)
      HW Address: 00:0c:29:2e:5e:a0 (VMware, Inc.)
         Address: 192.168.1.3
                  fe80::a71c:e329:2378:4972

● 3: ens37
       Link File: /usr/lib/systemd/network/99-default.link
    Network File: n/a
            Type: ether
           State: routable (unmanaged)
            Path: pci-0000:02:05.0
          Driver: e1000
          Vendor: Intel Corporation
           Model: 82545EM Gigabit Ethernet Controller (Copper) (PRO/1000 MT Single Port Adapter)
      HW Address: 00:0c:29:2e:5e:aa (VMware, Inc.)
         Address: 192.168.1.4
                  fe80::20c:29ff:fe2e:5eaa
         Gateway: 192.168.1.1 (TP-LINK TECHNOLOGIES CO.,LTD.)
                  fe80::1 (TP-LINK TECHNOLOGIES CO.,LTD.)

~$ ip neigh
192.168.1.103 dev ens37 lladdr 3c:bb:fd:3d:25:00 REACHABLE
192.168.1.103 dev ens33  FAILED
192.168.1.1 dev ens37 lladdr 90:f6:52:03:3b:00 STALE
192.168.1.100 dev ens37 lladdr 40:61:86:e2:dd:00 STALE
192.168.1.1 dev ens33  FAILED
192.168.1.5 dev ens33 lladdr 00:50:56:c0:00:00 STALE


C:WINDOWSsystem32>arp -a

Interface: 192.168.1.100 --- 0x10
  Internet Address      Physical Address      Type
  192.168.1.1           90-f6-52-03-3b-00     dynamic
  ...

Interface: 192.168.1.5 --- 0x1e
  Internet Address      Physical Address      Type
  192.168.1.3           00-0c-29-2e-5e-a0     dynamic
  192.168.1.4           00-0c-29-2e-5e-a0     dynamic
  ...

java – Minecraft sending packets

Minecraft is a game which also can be played on multiplayer servers. Each server has it own IP and the port is for every server “25565”. In generell, for this problem you should be familiar with Minecaft protocol. Even if not, I created a hyperlink where you can look for this.
My goal is to create a Minecraft Chatbot, without even open Minecraftlauncher to join any server. I know, there are already a lot of these existing, but I want to create some new commands which the client should send.

In generell, there are two big steps of the joining process when you join a Minecraft server. First, you need a connection sending a handshake (state 1) and “ping-pong”. After this, your connected to the server. This first step works very well, so I think I needn´t to show you. But the second step is the authentification of every client. Herefor I send a handshake (state 2) and then there comes my problem : I always get “java.io.EOFException” as a error message on my second step, sending my username to the Server.

try {
private String host = "hypixel.net";
socket.connect(host, 25565); //I created already a Socket called "socket"
DataOutputStream output = new DataOutputStream(socket.getOutputStream());
DataInputStream input = new DataInputStream(socket.getInputStream()); //socket is for creating streams
byte() handShakeMessage = createHandshakeMessageLogin(host, 25565);
writeVarInt(output, handShakeMessage.length);
output.write(handShakeMessage);
System.out.println("Send handShakeMessage!");

output.writeByte(0x01); //hopefully the right packet size
output.writeByte(0x00); //packetID
output.writeUTF(username); //sending username 
}

    public void writeVarInt(DataOutputStream out, int paramInt) throws IOException {
    while (true) {
        if ((paramInt & 0xFFFFFF80) == 0) {
          out.writeByte(paramInt);
          return;
        }

        out.writeByte(paramInt & 0x7F | 0x80);
        paramInt >>>= 7;
    }
}

public static byte () createHandshakeMessageLogin(String host, int port) throws IOException {
    ByteArrayOutputStream buffer = new ByteArrayOutputStream();

    DataOutputStream handshake = new DataOutputStream(buffer);
    handshake.writeByte(0x00); //packet id for handshake
    writeVarInt(handshake, 4); //protocol version
    writeString(handshake, host, StandardCharsets.UTF_8);
    handshake.writeShort(port); //port
    writeVarInt(handshake, 2); //state (2 for login)

    return buffer.toByteArray();
}

    public void writeString(DataOutputStream out, String string, Charset charset) throws IOException {
    byte () bytes = string.getBytes(charset);
    writeVarInt(out, bytes.length);
    out.write(bytes);
}

So, as you can see quite a complicated thing I guess. If somebody could answer me, why I´m getting this error message and how to fix it i would be very very happy! Thank you

c – Is there any good way to handle another program sending interfering HID packets?

I wrote a program to read the battery level of a Dualshock 4 controller and change it’s light accordingly using HID packets.

Sadly, after writing the program, I fired up Steam and tried playing a game, only to have Steam forcefully take over the lighting controls and override my program.

Code is in C, running on Linux.

So, my question stands. Is there a way to fix the conflict between them? Is there some magic I can do to “firewall” the packets coming from Steam (yet retain some functionality)?

opencv – loss packets from RTP streaming that were decoded with ffmpeg

Hope someone could help me. I am trying to use a neural network (YOLOv2) to perform object detection on an RTP stream that I have simulated locally using VLC, with the "Use RTP over TCP" flag as true.
The stream is 4K, 30fps, 15Mb / s. I use the OpenCV C API I / O module to read frames from the stream.

I am using the general code. I open the RTP as follows:
cap = cvCaptureFromFile(url);

And then I do the capture on a thread like this:
IplImage* src = cvQueryFrame(cap);

and in another thread the recognition part.

I know OpenCV uses ffmpeg to record videos. I use ffmpeg 3.3.2. My problem is that there are a lot of artifacts when I receive the stream. The output I get is:

top block unavailable for requested intra mode -1
(h264 @ 0000016ae36f0a40) error while decoding MB 40 0, bytestream 81024
(h264 @ 0000016ae32f3860) top block unavailable for requested intra mode
(h264 @ 0000016ae32f3860) error while decoding MB 48 0, bytestream 102909
(h264 @ 0000016ae35e9e60) Reference 3 >= 3
(h264 @ 0000016ae35e9e60) error while decoding MB 79 0, bytestream 27231
(h264 @ 0000016a7033eb40) mmco: unref short failure
(h264 @ 0000016ae473ee00) Reference 3 >= 3

over and over again, and there are too many packet losses that I cannot see when viewing the received frames. However, it doesn't happen to me when I stream other lower quality videos like HD at 30 fps or similar via RTP. It is also true that the 4K has a lot of movement (it's a Moto GP Race).

I have tried:
– Reduce the fps of the streaming.
– Reduce the bit rate
– ffplay either doesn't show the input frames correctly, but VLC does (don't know why).
– Force TCP transmission.
– Force entry of fps cvSetCaptureProperty(cap, CV_CAP_PROP_FPS, 1);

Why is this happening and how can I improve packet loss? Is there a way or something else that I can try?

Thanks a lot