The device keeps saying “offline” on balena cloud, and the proxy server doesn’t show any log.
Systemctl shows that redsocks service is working.
it’s worth noticing we can get curl working by simply exporting the url of the proxy: export https_proxy=http://128.1.1.49:8080. Then curl works (returns the expected response from our servers), and the proxy server logs the request.
Proxy config:
# redsocks.conf
base {
log_debug = off;
log_info = on;
daemon = off;
redirector = iptables;
}
redsocks {
type = http-connect;
ip = 128.1.1.49;
port = 8080;
local_ip = 0.0.0.0;
local_port = 12345;
}
And static ip config, as the client doesn’t have a DHCP server:
Hello @mpous , thank you for the response, we weren’t able to fix it yet, we have the client waiting on us to finish this setup, it would be really helpful if you could give us some insight, thank you!
More info about the issue:
this is our updated redsocks file
base {
log_debug = on;
log_info = on;
log = "file:/tmp/redsocks.log";
daemon = off;
redirector = iptables;
}
redsocks {
type = socks5;
ip = 128.1.1.49; // CLIENT'S OFFICES PROXY
port = 8080;
local_ip = 10.114.103.1; // if we change this we get a redsocks warning
local_port = 12345;
}
dnsu2t {
local_ip = 10.114.103.1; // balena default, we can't change this right?
local_port = 5313;
remote_ip = 192.168.0.1; // CLIENT'S OFFICES DNS
remote_port = 53;
}
First of all, are configuring the dns correctly? look how we are using the same dns ip for both files.
We’ve noticed that using nslookup is not working, it is trying to use the dns defined in resolv.conf (127.0.0.2), is this expected? how can we make sure we are configuring dns correctly?
We also can’t reach the 123 port of the client’s server (it is working when we try telnet from other PC).
Hey @lucas thanks for your patience here and for sharing so much context.
I think when looking at your diagram I assumed the the gateway would be performing NAT, but then noticed that the IP ranges in use aren’t private ones. The ranges and subnets mentioned on the diagram are a bit confusing - it looks like you’re using 128.1.0.0/16, so everything spanning from 128.1.0.0 to 128.1.255.255, is that right?
I noticed I can actually ping the IP address that you have listed for your device, which I’m assuming isn’t the actual device given it’s having connectivity issues.
Are the devices that you’re describing at the client’s office physically on site or are they cloud services? As far as I can tell these addresses are owned by https://www.zenlayer.com/
If your device has an IP privately which is conflicting with another one on the internet, I expect it could cause issues?
Either way if you can clarify a bit more on what’s going on here, we’ll continue to help