Join Log in
Score:0
steventrouble avatar Server

Duplicate all outgoing IP packets

py flag
steventrouble

We're having an issue with our ISP where 75% of our outgoing IP packets are lost to the ether. Incoming packets are totally unaffected, and we assume we're not being throttled because we can send massive bursts of UDP packets without seeing an increase in the dropped packet ratio.

The ISP has been exceptionally slow (weeks) in fixing the issue, and we need to implement a workaround on our end until they can fix the issue. One solution that seems promising would be to duplicate all outgoing IP packets. I realize this might not be ideal for a host of reasons, but we'd still like to give a try.

Is it possible to duplicate all outgoing IP packets and if so, how?

We're mainly using Ubuntu Server 20.04 LTS, but also have some Windows 10 Pro desktops.

57
1 + 6
djdomi avatar
za flag
djdomi
take a lawyer and screw the isp.
0
Reply
Larryc avatar
jp flag
Larryc
I dont see this as a viable solution. On the receiving end there is no mechanism for discarding duplicate packets that do get through. I would escalate the problem with the isp. Your business is essentially "down" with this kind of issue.
3
Reply
jp flag
Esa Jokinen
Or get an offer from another ISP if this one can't do their job properly.
0
Reply
cn flag
Greg Askew
Who told you this is a "solution"? It seems to be missing some important steps.
0
Reply
Larryc avatar
jp flag
Larryc
@Greg Askew "One solution that seems promising would be to duplicate all outgoing IP packets. "
0
Reply
steventrouble avatar
py flag
steventrouble
"I realize this might not be ideal for a host of reasons, but we'd still like to give a try."
0
Reply
Score:2
Nikita Kipriyanov avatar Server
za flag
Nikita Kipriyanov

iptables -j TEE target is designed exactly to clone matched packets:

man iptables-extensions

TEE
The TEE target will clone a packet and redirect this clone to 
another machine on the local network segment. In other words, 
the nexthop must be the target, or you will have to configure 
the nexthop to forward it further if so desired.

--gateway ipaddr
    Send the cloned packet to the host reachable at the given 
IP address. Use of 0.0.0.0 (for IPv4 packets) or :: (IPv6) is 
invalid. 

To forward all incoming traffic on eth0 to an Network Layer 
logging box:

-t mangle -A PREROUTING -i eth0 -j TEE --gateway 2001:db8::1
+ 2
djdomi avatar
za flag
djdomi
but would spamming all packets a real solution instead of fixing the origin issue?
0
Reply
Nikita Kipriyanov avatar
za flag
Nikita Kipriyanov
No, I don't suggest leaving the origin issue. Actually I *had* problem like the described myself, and nobody went duplicating packets — we routed everything via other ISP for the time being while pressured the problematic one to fix their service, which they did, after several months of denial. (This wasn't the only thing screwed in that case.) However, this question was, "is it possible to duplicate packets, and how"; here's how.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.