Optimization
At first, lets check if we have correctly configured wan0 and lan0 interfaces. We can see this from Wanos web UI Reports > Networks > Interface stats to determine which interface should have more received/transmitted traffic. Alternatively, we can check directly from console.
tcpdump -i wan0
Example: If we are connected with ssh from LAN side we shouldn't see any SSH packets on wan0 interface. If we do, we should change it over using the Wanos web UI Reports > Networks > Interface Stats > Switch Interface Port Roles (checkbox) > Submit
Example of SSH traffic on wan0
root@wanos:~# tcpdump -i wan0 tcpdump: WARNING: lan0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan0, link-type EN10MB (Ethernet), capture size 65535 bytes 05:12:15.593858 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 1361930306:1361930418, ack 4233858220, win 1165, length 112 05:12:15.594880 IP 192.168.5.254.63976 > 192.168.5.2.ssh: Flags [.], ack 112, win 13235, length 0 05:12:15.595633 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 112:320, ack 1, win 1165, length 208 05:12:15.596823 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 320:720, ack 1, win 1165, length 400 05:12:15.597173 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 720:896, ack 1, win 1165, length 176 05:12:15.597518 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 896:1072, ack 1, win 1165, length 176 05:12:15.597868 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 1072:1248, ack 1, win 1165, length 176
We can now check if we are sending probes in TCP Options header.
root@wanos:~# tcpdump -i wan0 -X | grep "4c04 7a69"
If we can see any packets
root@wanos:~# tcpdump -i wan0 -X | grep "4c04 7a69" tcpdump: WARNING: wan0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wan0, link-type EN10MB (Ethernet), capture size 65535 bytes 0x0030: 0101 0402 4c04 7a69 ....L.zi 0x0030: 0101 0402 4c04 7a69 ....L.zi 0x0030: 0101 0402 4c04 7a69 ....L.zi
For more detailed log we can dump traffic in file and examine with Wireshark.
tcpdump -i wan0 -s 0 -w dump.pcap
For SYN TCP packet we should see under Options "Riverbed probe"
Now that we know that peer discovery probes are being sent we can also verify in Diagnostics > Logs > (switch) Debug to see "Peer Alive" messages. For more debug logs the VERBOSE=true flag can be set in the wanos.conf file.