[hipl-users] Re: hipconf run normal NOT checking DNS
- From: Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>
- To: hipl-users@xxxxxxxxxxxxx
- Date: Thu, 1 Jan 2009 17:12:14 -0500
Miika Komu wrote:
Robert Moskowitz wrote:
Hi,
Robert Moskowitz wrote:
I tried to run telnet via 'hipconf run normal telnet <host>' where
host is an IPv6 addressed host.
When I try it to a host that is defined in /etc/hosts and
/etc/hip/hosts it works.
When I try it with a host in DNS (both AAAA record and HI via
instructions in ch 29), it seems like it is only trying IPv6, not
with the HIT (all the debug messages seem to imply this) and I get
permissions denied. Well I am NOT allowing port 21 in ip6tables,
counting on 'hipfw -Aid' to allow this over HIP.
So I change ip6tables to allow port 21 and now it connects, but
Wireshark shows that Telnet is running 'native' NOT over HIP. I
don't know how to show SAs (with hipconf, what options?).
The only thing of note is i am trying to telnet to my DNS server.
Will try to another system in a bit.
I just tried this to another client. Both clients are in my DNS with
AAAA and HI records. I can run conntest between them and even with
the SA up after conntest, the hipconf run normal telnet does not
work....
assuming that you were not running dnsproxy, I assume that conntest
worked only because you had HITs configured in /etc/hip/hosts.
I was not running dnsproxy and did not have the HITs in /etc/hip.
Oops. I just checked. Looks like I do have the HIT in /etc/hip/hosts. I
obviously had this set up before I got the DNS working and did not 'take
it out'. ARGH.
So I will run with dnsproxy tomorrow's testing.
Other related posts: