prosciutboy Posted March 20, 2014 Report Share Posted March 20, 2014 Hello I am facing a strange issue, I have BTSync running on a PC and and on a Raspberry Pi and I am behind a router with firewall activated: #1 PC running linux 3.13.6-1-ARCH with BitTorrent Sync 1.2.92Connected via Wifi to routerListening port is set to 8086, this port is forwarded on my router (TCP/UDP) As I am in China I force tracker and relay IPs in /etc/hosts$ cat /etc/hosts...54.225.92.50 t.usyncapp.com67.215.231.242 r.usyncapp.com...BTSync is running as --nodaemon /usr/bin/btsync --config /home/prosciutboy/.config/btsync/btsync.conf --nodaemon Results-> LAN access is working fine-> It can access outside world and sync with other clients #2 Raspberry Pi running raspbian (Linux raspbmc 3.10.24) with BitTorrent Sync 1.2.67Connected via Ethernet to routerThe listening port is 8082, this port is forwarded on my router (TCP/UDP)Tracker and relay IPs are referenced in /etc/hostsPort 8082 is opened in the firewall (port 3000 also but I don't think it is needed):$ tail /etc/network/if-up.d/secure-rmc iptables -A INPUT -s $NETMASK -i $IFACE -j ACCEPT iptables -A INPUT -i $IFACE -j DROP # added for btsync iptables -A INPUT -p tcp --dport 8082 -i $IFACE -j ACCEPT iptables -A INPUT -p udp --dport 8082 -i $IFACE -j ACCEPT iptables -A INPUT -p udp --dport 3000 -i $IFACE -j ACCEPTfi$ sudo iptables --listChain INPUT (policy ACCEPT)target prot opt source destination ACCEPT all -- 192.168.1.0/24 anywhere DROP all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:8082ACCEPT udp -- anywhere anywhere udp dpt:8082ACCEPT udp -- anywhere anywhere udp dpt:3000BTSync is running as daemon but nodaemon gives the same results/usr/bin/btsync --config /home/pi/.btsync/config.json Results:-> LAN access is working fine-> Sync with outside world is failing$ cat .btsync/sync.logtotal physical memory -1 max disk cache 2097152Using IP address 192.168.1.110Loading config file version 1.2.67Loaded folder /media/3a1d320b-c949-46dc-aa95-ed0414721543/video/doc/palettesLoaded folder /media/3a1d320b-c949-46dc-aa95-ed0414721543/video/MoviesLoaded folder /media/3a1d320b-c949-46dc-aa95-ed0414721543/btsync/testmtgoxLoaded folder /home/pi/cloud/testbtsNAT-PMP: Unable to map port with NAT-PMP.Incoming connection from 192.168.1.102:64790...On my PC and Raspberry, the btsync config files have the same content (only "listening port" and "storage path" differs). I do not understand why I get the error "NAT-PMP: Unable to map port with NAT-PMP" and why I cannot sync with the clients outside the LAN with the Raspberry Pi. Thanks in advance for your help ! Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 21, 2014 Report Share Posted March 21, 2014 Is UPnP enabled on the router? Where is the device that's out in the world located? Try adding the other 2 tracker IPs in your hosts file too.I am also in China and often the connection gets "dropped". How long did you wait? (In a case I was monitoring it took 17minutes). Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 21, 2014 Author Report Share Posted March 21, 2014 Hi dms2013, UPnP is not enabled on the router. The device with which I am syncing is provided by vrypan (https://github.com/vrypan/btsync-keys) and I am synching btsync-keys directory. I noticed connection sometimes drop so I will add some IPs in the hosts. Nevertheless my PC get the sync very quickly (not even 1 min after btsync starts) whereas my Raspberry Pi have been on for 3 days already and still nothing (I can also see it from the log where I get the "Unable to map port with NAT-PMP" error message). Any ideas? Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 21, 2014 Report Share Posted March 21, 2014 Hi dms2013, UPnP is not enabled on the router. The device with which I am syncing is provided by vrypan (https://github.com/vrypan/btsync-keys) and I am synching btsync-keys directory. I noticed connection sometimes drop so I will add some IPs in the hosts. Nevertheless my PC get the sync very quickly (not even 1 min after btsync starts) whereas my Raspberry Pi have been on for 3 days already and still nothing (I can also see it from the log where I get the "Unable to map port with NAT-PMP" error message). Any ideas?create a file in your .sync folder (where the sync.log file is) called debug.txt and inside it on one line write FFFF. (not sure if needed, but restart BTSync just to be on the safe side)And the log will hopefully give you more information on what's going on. So the RPi can connect to your windows box within a minute? Is your windows box connected to any other devices (using the same secret as the RPi) From my understanding is that Windows should tell your RPi about the other clients and the clients about your RPi. Are you sure your firewall is forwarding the ports? Try running a simple service on them with BTS off, and connect to it from the outside. Also try again with UPnP enabled on your router. Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 21, 2014 Report Share Posted March 21, 2014 Might it be your RPi firewall dropping all packets that's not local? Shouldn't the drop rule be last? Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 21, 2014 Author Report Share Posted March 21, 2014 I disabled the firewall and activated UPnP. I can see that the port 8082 is opened in the UPnP status webpage of the routerID App Description External Port Protocol Internal Port IP Address Status2 BitTorrent Sync (TCP) 8082 TCP 8082 192.168.1.110 Enabled3 BitTorrent Sync (UDP) 8082 UDP 8082 192.168.1.110 EnabledI activated the logs with debug.txt and get the error message "Failed to get tracker ips"....Found peer for folder /btsync/testmg 0___8 192.168.1.105:8086 direct:1Got ping (broadcast: 1) from peer 192.168.1.105:8086 (0___8) for share 5___EFound peer for folder /btsync/testbts 0___8 192.168.1.105:8086 direct:1Failed to get tracker ipsSending broadcast ping for share E___D...My other PC (running linux) is behind the same router (its IP is 192.168.1.105), it can sync with clients outside the LAN.My RPi (192.168.1.110) can only sync with local PC 192.168.1.105. Both box are running btsync and are syncing btsync-keys directory from vrypan. Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 21, 2014 Report Share Posted March 21, 2014 This is interesting. I assume the RPi gets it IP from the routers DHCP server?What does arp -a say? Is your router in the list?Output of iptables -L Can you access the internet from the RPi? I'm sure you can, but I have to ask. I sent you a PM about adding an external share with pre-defined host. (just to see if it works) Not sure what "failed to get tracker ips really means".It can't resolve? Did you add all 3 ips in /etc/hosts? 54.225.92.50 t.usyncapp.com54.225.196.38 t.usyncapp.com54.225.100.8 t.usyncapp.com I am out of ideas for now. Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 21, 2014 Author Report Share Posted March 21, 2014 I think you are right a part of the problem comes from my firewall on the raspberry pi. I flushed the iptables rules and the logs looks better:...Got 2 relay ips[20140321 22:59:58.171] ip 67.215.231.242:3000[20140321 22:59:58.171] ip 67.215.229.106:3000[20140321 22:59:58.197] Got 1 tracker ips[20140321 22:59:58.197] ip 59.24.3.173:3000[20140321 22:59:58.197] Got 1 tracker ips[20140321 22:59:58.197] ip 59.24.3.173:3000[20140321 22:59:58.222] Got 1 tracker ips[20140321 22:59:58.223] ip 59.24.3.173:3000[20140321 22:59:58.248] Got 1 tracker ips[20140321 22:59:58.248] ip 59.24.3.173:3000[20140321 22:59:58.248] Got 1 tracker ips[20140321 22:59:58.249] ip 59.24.3.173:3000[20140321 22:59:59.090] Sending broadcast ping for share E___D[20140321 22:59:59.091] Requesting peers from tracker 59.24.3.173:3000 via UDP...$ sudo iptables -LChain INPUT (policy ACCEPT)target prot opt source destination Chain FORWARD (policy ACCEPT)target prot opt source destination Chain OUTPUT (policy ACCEPT)target prot opt source destination I have completed the hosts file with some redirections, but I doubt the mechanism can handle multiple IP for a singe host. I added your the external share and pre-defined host, but it does not sync... In sync.log it gives this strange message:...[20140322 00:41:40.097] Sending broadcast ping for share 14xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxssx65[20140322 00:41:40.098] Send ping to peer (0000000000000000000000000000000000000000) for share 14xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxssx65:[20140322 00:41:40.098] ping 0.0.0.0:0 directly[20140322 00:41:40.098] ping 0.0.0.0:0 via relay... Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 21, 2014 Report Share Posted March 21, 2014 The IP you get isn't one of the the trackers IPs. Maybe RomanZ can confirm this.What does the log say when you add the pre defined host? Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 22, 2014 Author Report Share Posted March 22, 2014 Your are right, the IP does not seem to be a tracker, moreover I cannot ping it.My /etc/hosts forces the following IPs:$ cat /etc/hosts# btsync tracker and relay IP54.225.92.50 t.usyncapp.com54.225.196.38 t.usyncapp.com54.225.100.8 t.usyncapp.com54.225.196.38 t.usyncapp.com67.215.231.242 r.usyncapp.com67.215.229.106 r.usyncapp.comA ping to t.usyncapp.com lead to a working IP$ ping t.usyncapp.comPING t.usyncapp.com (54.225.92.50) 56(84) bytes of data.64 bytes from t.usyncapp.com (54.225.92.50): icmp_req=1 ttl=35 time=298 ms64 bytes from t.usyncapp.com (54.225.92.50): icmp_req=2 ttl=35 time=292 ms^C--- t.usyncapp.com ping statistics ---2 packets transmitted, 2 received, 0% packet loss, time 1001msrtt min/avg/max/mdev = 292.746/295.641/298.537/2.946 msI did a test, in case /etc/hosts does not force any t.usyncapp.com IP a ping to t.usyncapp.com points to 59.24.3.173 (the wrong IP I see in my sync.log). So what we should understand is why btsync does not point to the IP which are forced in the /etc/hosts? Is there any DNS cache in btsync? I rebooted the Raspberry Pi but it does not change anything. Very strange issue... Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 22, 2014 Report Share Posted March 22, 2014 I didn't see this before. Try using a newer version on your RPi, go to the dir with btsync:wget http://syncapp.bittorrent.com/1.2.92/btsync_arm-1.2.92.tar.gzpkil btsynctar -zxvf 1.2.92/btsync_arm-1.2.92.tar.gz./btsync Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 22, 2014 Author Report Share Posted March 22, 2014 After updating btsync to 1.2.92 and an apt-get upgrade of the RPi, I see some improvements:I get access to your share (hello file contents the world) and I even see a peer connected to the same shared directory. But tracker IP in the log is always the wrong address 59.24.3.173. Really weird... Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 23, 2014 Author Report Share Posted March 23, 2014 I edited resolv.conf to use google DNS (8.8.8.8 and 8.8.4.4), the tracker IP is now sometimes 37.61.54.158 sometimes 59.24.3.173. Moreover this is what I get with nslookup.pi@raspbmc:~$ nslookup t.usyncapp.comServer: 8.8.8.8Address: 8.8.8.8#53Non-authoritative answer:Name: t.usyncapp.comAddress: 59.24.3.173pi@raspbmc:~$ nslookup t.usyncapp.comServer: 8.8.8.8Address: 8.8.8.8#53Non-authoritative answer:Name: t.usyncapp.comAddress: 37.61.54.158 Quote Link to comment Share on other sites More sharing options...
dms2013 Posted March 23, 2014 Report Share Posted March 23, 2014 That is the GFW changing the IP like a man in the middle. Take a closer look at /etc/hosts because it overrides dns servers. The problem must be there Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 23, 2014 Author Report Share Posted March 23, 2014 In fact the root DNS in China redirect to wrong IPs for "non harmonized" servers (such as btsync trackers it seems). My hosts is as followscat /etc/hosts::1 raspbmc localhost6.localdomain6 localhost6127.0.1.1 raspbmc127.0.0.1 localhost::1 localhost ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02::1 ip6-allnodesff02::2 ip6-allrouters# btsync tracker and relay IP54.225.92.50 t.usyncapp.com54.225.196.38 t.usyncapp.com54.225.100.8 t.usyncapp.com54.225.196.38 t.usyncapp.com67.215.231.242 r.usyncapp.com67.215.229.106 r.usyncapp.com23.21.106.161 syncapp.bittorrent.comI don't see any problem in my /etc/hosts (but I don't understand too much the ipv6 stuff). Do you see anything wrong? On my linux I am sure btsync get the tracker IP from /etc/hosts but I am wondering whether btsync for ARM uses DNS service to connect to tracker. If it is the case it would explain why modifying /etc/hosts on RPi does not have any effect on btsync. Quote Link to comment Share on other sites More sharing options...
RomanZ Posted March 25, 2014 Report Share Posted March 25, 2014 prosciutboy, You are getting wrong tracker IPs. Here are correct IPs: Non-authoritative answer:Name: t.usyncapp.comAddress: 54.225.92.50Name: t.usyncapp.comAddress: 54.225.196.38Name: t.usyncapp.comAddress: 54.225.100.8 All versions (including ARM) of BTSync refer to DNS name t.usyncapp.com, not the IP. In Linux, it is not necessary that your DNS resolver goes to hosts file first. I'd advise to check how resolver is working on Raspbian. Quote Link to comment Share on other sites More sharing options...
prosciutboy Posted March 27, 2014 Author Report Share Posted March 27, 2014 Hi RomanZ, your advice is good but I don't really know to check how the DNS resolver works... and I wonder if there is any easy way to modify the way it works. Anyway, I manage to bypass this issue and I can now sync with peers outside my network !As already stated, the problem is due to the DNS Poisoning performed by the Chinese Great Firewall (the famously terrible GFW). To prevent this alteration, I compiled and configured DNSCrypt on my RPi and the IP of t.usyncapp.com is now resolved perfectly. That might be useful for others so I will write a tutorial in the next days. Thanks again to dms2013 and RomanZ for their help. Quote Link to comment Share on other sites More sharing options...
RomanZ Posted March 27, 2014 Report Share Posted March 27, 2014 prosciutboy, Glad to hear you've found a workaround and now it works for you! Quote Link to comment Share on other sites More sharing options...
cz2000 Posted May 6, 2014 Report Share Posted May 6, 2014 Currently, I have encountered the same problem with you, do I also need to install DNSCrypt in my windows server? BTW, I am wondering how to do by GFW, it actually can be a priority of my local hosts file, and misled me into 59.24.3.173 [2014-05-07 00:29:49.157] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.157] Sending broadcast ping for share[2014-05-07 00:29:49.162] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.162] Sending broadcast ping for share[2014-05-07 00:29:49.167] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.167] Sending broadcast ping for share[2014-05-07 00:29:49.173] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.173] Sending broadcast ping for share[2014-05-07 00:29:49.178] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.179] Sending broadcast ping for share[2014-05-07 00:29:49.183] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.183] Sending broadcast ping for share[2014-05-07 00:29:49.188] Requesting peers from tracker 59.24.3.173:3000 via UDPHi RomanZ, your advice is good but I don't really know to check how the DNS resolver works... and I wonder if there is any easy way to modify the way it works. Anyway, I manage to bypass this issue and I can now sync with peers outside my network !As already stated, the problem is due to the DNS Poisoning performed by the Chinese Great Firewall (the famously terrible GFW). To prevent this alteration, I compiled and configured DNSCrypt on my RPi and the IP of t.usyncapp.com is now resolved perfectly. That might be useful for others so I will write a tutorial in the next days. Thanks again to dms2013 and RomanZ for their help. Quote Link to comment Share on other sites More sharing options...
cz2000 Posted May 7, 2014 Report Share Posted May 7, 2014 prosciutboy, Glad to hear you've found a workaround and now it works for you!Currently, I have encountered the same problem with you, do I also need to install DNSCrypt in my windows server? BTW, I am wondering how to do by GFW, it actually can be a priority of my local hosts file, and misled me into 59.24.3.173 [2014-05-07 00:29:49.157] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.157] Sending broadcast ping for share[2014-05-07 00:29:49.162] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.162] Sending broadcast ping for share[2014-05-07 00:29:49.167] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.167] Sending broadcast ping for share[2014-05-07 00:29:49.173] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.173] Sending broadcast ping for share[2014-05-07 00:29:49.178] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.179] Sending broadcast ping for share[2014-05-07 00:29:49.183] Requesting peers from tracker 59.24.3.173:3000 via UDP[2014-05-07 00:29:49.183] Sending broadcast ping for share[2014-05-07 00:29:49.188] Requesting peers from tracker 59.24.3.173:3000 via UDP Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.