(English)
Teste-nos

Estudo - Teste de conexão PPTP

April 19, 2022
Telecom
Estudo - Teste de conexão PPTP
Neste artigo, revelamos um processo passo a passo para testar uma conexão PPTP em interfaces virtuais e físicas usando uma placa de rede Intel Ethernet E810-C 100GbE.

Objetivos do estudo

  1. Implementar um servidor PPTP e um cliente PPTP em diferentes contêineres docker em interfaces virtuais (veth), simulando assim uma conexão PPTP real no mesmo host. O diagrama de conexão é mostrado na Figura 1.
  2. Implemente uma conexão nas interfaces físicas da placa testada. O diagrama de conexão é mostrado na Figura 2.
  3. Obtenha para cada método uma conexão PCAP e compare os resultados.

 

Especificações do suporte de teste
CPU
Intel(R) Xeon(R) CPU E3-1240 V2 @ 3.40GHz
Memory
Total 16GiB @ 1600MHz
NIC
Controlador Ethernet E810-C QSFP 100GbE de porta dupla
Operating System
Linux CentOS
Versão do kernel do Linux
4.18.0-348.el8.x86_64
Driver
ice 0.8.2-k

 

Implementação

virtual testing

Fig.1. Esquema de teste em interfaces virtuais.

physical testing

Fig.2. Esquema de teste em interfaces físicas.

 

Resultados

1. PCAP no lado do cliente no esquema de interfaces virtuais (pptp_w_veth.pcap):

"No.", "Time", "Source", "Destination", "Protocol", "Length", "Info"
"1", "0.000000", "172.50.0.2", "172.40.0.2", "TCP", "74", "51246 > 1723 [SYN]
"2", "0.000028", "172.40.0.2", "172.50.0.2", "TCP", "74", "1723 > 51246 [SYN, ACK]
"3", "0.000040", "172.50.0.2", "172.40.0.2", "TCP", "66", "51246 > 1723 [ACK]
"4","0.000205","172.50.0.2","172.40.0.2","PPTP","222","Start-Control-Connection-Request"
"5", "0.000214", "172.40.0.2", "172.50.0.2", "TCP", "66", "1723 > 51246 [ACK]
"6","0.000911","172.40.0.2","172.50.0.2","PPTP","222","Start-Control-Connection-Reply"
"7", "0.000915", "172.50.0.2", "172.40.0.2", "TCP", "66", "51246 > 1723 [ACK]
"8","1.000442","172.50.0.2","172.40.0.2","PPTP","234","Outgoing-Call-Request"
"9","1.000970","172.40.0.2","172.50.0.2","PPTP","98","Outgoing-Call-Reply"
"10", "1.000979", "172.50.0.2", "172.40.0.2", "TCP", "66", "51246 > 1723 [ACK]
"11","1.001157","172.50.0.2","172.40.0.2","PPP LCP","70","Configuration Request"
"12","1.004528","172.40.0.2","172.50.0.2","PPP LCP","70","Configuration Request"
"13","1.004620","172.40.0.2","172.50.0.2","PPP LCP","74","Configuration Ack"
"14","1.004667","172.50.0.2","172.40.0.2","PPP LCP","74","Configuration Ack"
"15","1.004724","172.50.0.2","172.40.0.2","PPP IPCP","64","Configuration Request"
"16","1.004832","172.40.0.2","172.50.0.2","PPP CCP","64","Configuration Request"
"17","1.004838","172.40.0.2","172.50.0.2","PPP IPCP","58","Configuration Request"
"18","1.004864","172.40.0.2","172.50.0.2","PPP IPCP","58","Configuration Reject"
"19","1.004908","172.50.0.2","172.40.0.2","PPP CCP","56","Configuration Request"
"20","1.004920","172.50.0.2","172.40.0.2","PPP CCP","60","Configuration Reject"
"21","1.004939","172.50.0.2","172.40.0.2","PPP IPCP","58","Configuration Ack"
"22","1.004971","172.50.0.2","172.40.0.2","PPP IPCP","58","Configuration Request"
"23","1.005033","172.40.0.2","172.50.0.2","PPP CCP","56","Configuration Ack"
"24","1.005038","172.40.0.2","172.50.0.2","PPP CCP","56","Configuration Request"
"25","1.005062","172.40.0.2","172.50.0.2","PPP IPCP","58","Configuration Nak"
"26","1.005118","172.50.0.2","172.40.0.2","PPP CCP","56","Configuration Ack"
"27","1.005148","172.50.0.2","172.40.0.2","PPP IPCP","58","Configuration Request"
"28","1.005205","172.40.0.2","172.50.0.2","PPP IPCP","62","Configuration Ack"
"29","1.505778","172.50.0.2","172.40.0.2","GRE","46","Encapsulated PPP"

2.1 PCAP no lado do cliente no esquema de interfaces físicas (pptp_w_810_client.pcap):

"No.", "Time", "Source", "Destination", "Protocol", "Length", "Info"
"1", "0.000000", "172.30.0.2", "172.10.0.2", "TCP", "74", "33730 > 1723 [SYN]
"2", "0.000067", "172.10.0.2", "172.30.0.2", "TCP", "74", "1723 > 33730 [SYN, ACK]
"3", "0.000080", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"4","0.000299","172.30.0.2","172.10.0.2","PPTP","222","Start-Control-Connection-Request"
"5", "0.000324", "172.10.0.2", "172.30.0.2", "TCP", "66", "1723 > 33730 [ACK]
"6","0.001052","172.10.0.2","172.30.0.2","PPTP","222","Start-Control-Connection-Reply"
"7", "0.001058", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"8","1.000567","172.30.0.2","172.10.0.2","PPTP","234","Outgoing-Call-Request"
"9","1.001172","172.10.0.2","172.30.0.2","PPTP","98","Outgoing-Call-Reply"
"10", "1.001192", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"11","1.001354","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"12","3.997954","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"13","7.001009","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"14","10.004123","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"15","13.007221","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"16","16.010336","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"17","19.013400","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"18","22.016486","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"19","25.019571","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"20","28.022668","172.30.0.2","172.10.0.2","PPP LCP","70","Configuration Request"
"21","31.032879","172.30.0.2","172.10.0.2","PPTP","82","Call-Clear-Request"
"22", "31.032941", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [FIN, ACK]
"23", "31.032999", "172.10.0.2", "172.30.0.2", "TCP", "66", "1723 > 33730 [FIN, ACK]
"24", "31.033008", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]

2.2 PCAP no lado do servidor no esquema de interfaces físicas (pptp_w_810_server.pcap):

"No.", "Time", "Source", "Destination", "Protocol", "Length", "Info"
"1", "0.000000", "172.30.0.2", "172.10.0.2", "TCP", "74", "33730 > 1723 [SYN]
"2", "0.000026", "172.10.0.2", "172.30.0.2", "TCP", "74", "1723 > 33730 [SYN, ACK]
"3", "0.000069", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"4","0.000290","172.30.0.2","172.10.0.2","PPTP","222","Start-Control-Connection-Request"
"5", "0.000298", "172.10.0.2", "172.30.0.2", "TCP", "66", "1723 > 33730 [ACK]
"6","0.001014","172.10.0.2","172.30.0.2","PPTP","222","Start-Control-Connection-Reply"
"7", "0.001047", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"8","1.000598","172.30.0.2","172.10.0.2","PPTP","234","Outgoing-Call-Request"
"9","1.001134","172.10.0.2","172.30.0.2","PPTP","98","Outgoing-Call-Reply"
"10", "1.001189", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]
"11","1.004629","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"12","4.007764","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"13","7.010842","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"14","10.013949","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"15","13.017035","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"16","16.020115","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"17","19.023193","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"18","22.026271","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"19","25.029348","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"20","28.030753","172.10.0.2","172.30.0.2","PPP LCP","70","Configuration Request"
"21","31.032901","172.30.0.2","172.10.0.2","PPTP","82","Call-Clear-Request"
"22", "31.032938", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [FIN, ACK]
"23", "31.032972", "172.10.0.2", "172.30.0.2", "TCP", "66", "1723 > 33730 [FIN, ACK]
"24", "31.032996", "172.30.0.2", "172.10.0.2", "TCP", "66", "33730 > 1723 [ACK]

Análise

A partir do PCAP capturado no lado do cliente no esquema de interface virtual (pptp_w_veth.pcap), você pode ver que a conexão PPTP foi bem-sucedida.

Ocorre um erro durante o processo de conexão no momento da transmissão dos pacotes LCP que são encapsulados por GRE no esquema de interfaces físicas (pptp_w_810_server/client.pcap). O cliente e o servidor enviam um pacote LCP (Configure-Request), mas não os recebem.

Conclusão

Os testes mostraram que a Intel Ethernet Card E810 100GbE não descarta os pacotes GRE ao tentar uma conexão PPTP.

Acreditamos que essas informações serão úteis para a comunidade de ISPs e o ajudarão a escolher o equipamento de rede correto. Esperamos que a Intel preste atenção a esse problema, corrija-o e melhore a qualidade dos serviços.

Authors of study:
Dmitry Moldavanov, CTO
Kirill Marchenko, engenheiro de rede

Assine nosso boletim informativo e fique atualizado sobre os últimos desenvolvimentos e ofertas especiais.

Votação:
5 fora de 5
Classificação média : 5
Avaliado por: 3
Especialistas em VAS na Convergence India Expo 2022 De TCP a QUIC. Assinaturas do Stingray SG
(English) We use cookies to optimize site functionality and give you the best possible experience. To learn more about the cookies we use, please visit our Cookies Policy. By clicking ‘Okay’, you agree to our use of cookies. Learn more.