hello again, I tried adding tcp port 1111 to ip6tqbles and we are still unable to transfer data. Here is the information of the system at the time of the issue: Responder information: SAs Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is ESTABLISHED Local HIT: 2001:0018:ea59:a472:459f:ec45:0cdc:7113 Peer HIT: 2001:001a:c2da:a601:1cfd:e9dd:5719:37dc Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 3ffe:0000:0000:0000:0000:0000:0000:0002 Local NAT traversal UDP port: 0 Peer IP: 3ffe:0000:0000:0000:0000:0000:0000:0004 Peer NAT traversal UDP port: 0 Peer hostname: ip xfrm src 3ffe::2 dst 3ffe::4 proto esp spi 0x70e176a1 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0xbd7c623ba16ee3b08c0cfd0619d0f003940d4cec enc cbc(aes) 0x82cc95e7d55624bb2dca3ae8302a6fc4 sel src 2001:18:ea59:a472:459f:ec45:cdc:7113/128 dst 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 src 3ffe::4 dst 3ffe::2 proto esp spi 0xdfcd7423 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0x01db34f498c91be1ad6aa858dd765f484d69fc52 enc cbc(aes) 0x10a036d9e3558f9dbc1ff00e4e0f28e5 sel src 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 dst 2001:18:ea59:a472:459f:ec45:cdc:7113/128 uname Linux vault101 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux hipd_config # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd # add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server hit-to-ip on # resolve HITs to locators in dynamic DNS zone # hit-to-ip set hit-to-ip.infrahip.net. # resolve HITs to locators in dynamic DNS zone nsupdate off # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net 50000 # Register to free RVS at infrahip opendht off # turn DHT support on (use /etc/hip/dhtservers to define the used server) # locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) #nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none iptables Chain INPUT (policy ACCEPT) target prot opt source destination HIPFW-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE all -- 0.0.0.0/0 1.0.0.0/8 ip6tables Chain INPUT (policy ACCEPT) target prot opt source destination HIPFW-INPUT all ::/0 ::/0 Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD all ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE all ::/0 2001:10::/28 ps aux|grep hip nobody 3615 0.0 0.0 14668 2504 pts/0 S+ 11:30 0:00 hipd root 4916 0.0 0.0 3336 788 pts/3 R+ 11:43 0:00 grep hip ps aux|grep dns root 4918 0.0 0.0 3336 788 pts/3 R+ 11:43 0:00 grep dns Initiator's info Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is ESTABLISHED Local HIT: 2001:001a:c2da:a601:1cfd:e9dd:5719:37dc Peer HIT: 2001:0018:ea59:a472:459f:ec45:0cdc:7113 Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 3ffe:0000:0000:0000:0000:0000:0000:0004 Local NAT traversal UDP port: 0 Peer IP: 3ffe:0000:0000:0000:0000:0000:0000:0002 Peer NAT traversal UDP port: 0 Peer hostname: vault101 src 3ffe::4 dst 3ffe::2 proto esp spi 0xdfcd7423 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0x01db34f498c91be1ad6aa858dd765f484d69fc52 enc cbc(aes) 0x10a036d9e3558f9dbc1ff00e4e0f28e5 sel src 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 dst 2001:18:ea59:a472:459f:ec45:cdc:7113/128 src 3ffe::2 dst 3ffe::4 proto esp spi 0x70e176a1 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0xbd7c623ba16ee3b08c0cfd0619d0f003940d4cec enc cbc(aes) 0x82cc95e7d55624bb2dca3ae8302a6fc4 sel src 2001:18:ea59:a472:459f:ec45:cdc:7113/128 dst 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 Linux vault113 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd # add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server hit-to-ip on # resolve HITs to locators in dynamic DNS zone # hit-to-ip set hit-to-ip.infrahip.net. # resolve HITs to locators in dynamic DNS zone nsupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net 50000 # Register to free RVS at infrahip opendht on # turn DHT support on (use /etc/hip/dhtservers to define the used server) # locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none iptable Chain INPUT (policy ACCEPT) target prot opt source destination HIPFW-INPUT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1111 Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE all -- 0.0.0.0/0 1.0.0.0/8 ip6table Chain INPUT (policy ACCEPT) target prot opt source destination HIPFW-INPUT all ::/0 ::/0 ACCEPT tcp ::/0 ::/0 tcp dpt:1111 Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD all ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE all ::/0 2001:10::/28 Chain HIPFW-OUTPUT (1 references) target prot opt source destination nobody 13663 0.0 0.0 14792 2792 pts/0 S+ 11:36 0:00 hipd root 14735 0.0 0.0 3336 788 pts/2 R+ 11:52 0:00 grep hip root 14737 0.0 0.0 3336 792 pts/2 R+ 11:52 0:00 grep dns thanks, Adrian On Mon, Jun 8, 2009 at 10:09 AM, Miika Komu <miika.komu@xxxxxxx> wrote: > Adrian Alvarez wrote: > > Hi, > > I got connection refused, but after allowing tcp port 1111 in > iptables/ip6tables it started working. > > I added some bug reporting instructions to bugzilla. Please give all > information for us to try to reproduce the problem: > > http://infrahip.hiit.fi/hipl/manual/ch08.html > > Are you running kernel version >= 2.6.27? > > Hi all, >> We are having some problems trying establish communications between two >> hosts using hip. We have followed the instruction of the manual very >> closely, however, it is impossible to transfer some date from one host to >> another using hip. >> >> We are using wireshark to monitor the exchange, and we were able to >> observe the following: >> >> 1) HIP base exchange between the two hosts is completed. >> 2) TCP data transfer via HIP is not realized. >> 3) The initiator node sends a TCP SYN with the HIT info, but the responder >> node fails to send an ACK back. >> >> This seems similar to Shashank's issue. >> Any light on this matter would be useful. >> >> Thank you all. >> Adrian. >> >> On Sun, Jun 7, 2009 at 3:56 PM, shashank m <shashanm@xxxxxxxxx <mailto: >> shashanm@xxxxxxxxx>> wrote: >> >> Hello, >> >> I was trying to connect two systems locally using hip with an >> IPV6 application given in the manual.*Conntest-client* and >> *conntest-server*.I have disabled opendht support as I have >> given the mapping between the HIT s and Ipv6 addresses manually >> using *hipconf*. >> >> >> after executing "Conntest-client-hip [HIT_server] tcp 1111" >> >> it prints the mapping with the hit and IPV6 address of the >> server and the base exchange happens but the messages are not >> transmitted to the server .I think that the mapping is not >> working properly in the code .Please do solve the problem >> >> >> in the client console i often see this messsae >> >> >> """------State established not triggering bex--------" this >> message comes repeatedly .I think this is only because of the >> mapping problem .Correct me if I am wrong. >> >> >> >> Thanks in advance, >> >> Regards, >> Shashank.M. >> >> >> > >