ICMP応答がキャプチャされたがpingでは考慮されない

ICMP応答がキャプチャされたがpingでは考慮されない

tunint1トンネルインターフェイスにIPアドレスが割り当てられているホストがあります。このインターフェイスを介してpingしようとすると、応答は表示されませんが、tsharkを使用してキャプチャできるICMPパケット(要求と応答)があります。問題は、pingコマンドがこれらのICMPパケットを考慮しない理由と、この問題を解決する方法です。

フラット:

desktopuser@desktop:~$ ping -I tunint1 ya.ru
PING ya.ru (87.250.250.242) from 60.60.0.1 tunint1: 56(84) bytes of data.
^C
--- ya.ru ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8219ms

tsharkでキャプチャ:

desktopuser@desktop:~$ sudo tshark -i tunint1 
Running as user "root" and group "root". This could be dangerous.
Capturing on 'tunint1'
    1 07:27:53,679603780    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=1/256, ttl=64
    2 07:27:53,788377518 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=1/256, ttl=53 (request in 1)
    3 07:27:54,730464037    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=2/512, ttl=64
    4 07:27:54,832966645 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=2/512, ttl=53 (request in 3)
    5 07:27:55,754464273    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=3/768, ttl=64
    6 07:27:55,809589662 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=3/768, ttl=53 (request in 5)
    7 07:27:56,778472734    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=4/1024, ttl=64
    8 07:27:56,842580324 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=4/1024, ttl=53 (request in 7)
    9 07:27:57,802464734    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=5/1280, ttl=64
   10 07:27:57,875565627 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=5/1280, ttl=53 (request in 9)
   11 07:27:58,827464430    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=6/1536, ttl=64
   12 07:27:58,904626014 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=6/1536, ttl=53 (request in 11)
   13 07:27:59,851471889    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=7/1792, ttl=64
   14 07:27:59,947978524 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=7/1792, ttl=53 (request in 13)
   15 07:28:00,874467413    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=8/2048, ttl=64
   16 07:28:00,930381305 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=8/2048, ttl=53 (request in 15)
   17 07:28:01,899461748    60.60.0.1 → 87.250.250.242 ICMP 84 Echo (ping) request  id=0x6571, seq=9/2304, ttl=64
   18 07:28:01,981439474 87.250.250.242 → 60.60.0.1    ICMP 84 Echo (ping) reply    id=0x6571, seq=9/2304, ttl=53 (request in 17)
^C18 packets captured

設定されている場合:

desktopuser@desktop:~$ ifconfig 
enp6s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.23.17.21  netmask 255.255.0.0  broadcast 10.23.255.255
        inet6 fe80::94c6:8e21:7835:ce7c  prefixlen 64  scopeid 0x20<link>
        ether a8:a1:59:3e:9e:7a  txqueuelen 1000  (Ethernet)
        RX packets 36260578  bytes 39566996759 (39.5 GB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 31232948  bytes 28182106819 (28.1 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 69867276  bytes 3197422953678 (3.1 TB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 69867276  bytes 3197422953678 (3.1 TB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tunint1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 60.60.0.1  netmask 255.255.255.0  destination 60.60.0.1
        inet6 fe80::6bb4:1b6f:113c:786b  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 28  bytes 2352 (2.3 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 34  bytes 2640 (2.6 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

路線:

desktopuser@desktop:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.23.0.1       0.0.0.0         UG    100    0        0 enp6s0
10.23.0.0       0.0.0.0         255.255.0.0     U     100    0        0 enp6s0
60.60.0.0       0.0.0.0         255.255.255.0   U     0      0        0 tunint1
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 enp6s0
desktopuser@desktop:~$ ip route
default via 10.23.0.1 dev enp6s0 proto static metric 100 
10.23.0.0/16 dev enp6s0 proto kernel scope link src 10.23.17.21 metric 100 
60.60.0.0/24 dev tunint1 proto kernel scope link src 60.60.0.1 
169.254.0.0/16 dev enp6s0 scope link metric 1000  

IPテーブル:

desktopuser@desktop:~$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
desktopuser@desktop:~$ sudo iptables -S -t nat
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT

関連情報