[hipl-users] Re: Hip BE running into an endless loop
- From: Miika Komu <miika@xxxxxx>
- To: hipl-users@xxxxxxxxxxxxx
- Date: Thu, 16 Nov 2006 18:49:20 +0200 (EET)
On Thu, 16 Nov 2006, Tomi Hautakoski wrote:
On Wed, 15 Nov 2006, Miika Komu wrote:
On Fri, 10 Nov 2006, Tomi Hautakoski wrote:
I'm wondering if anyone has had problems like this before. I'm using a
test program running on two hosts, 3ffe::1 and 3ffe::3. First the
3ffe::1 makes the hipconf add map HIT_OF_3ffe:3 3ffe::3 and then pings
3ffe::3. Now the BE should be done and it sends a small UDP packet to the
other hosts HIT.
Sometimes this works just fine but most of the time I get weird symtoms
from hip, like I1,I1,R1,R1 (here's the log:
http://www.ee.oulu.fi/~thautako/hip-log-10-11-06.txt) and then it just
keeps on printing the "debug(nlink.c:209@netlink_talk): 0 0 0 1163164643"
message until I press ctrl-c.
Does setting hipd/hipd.h:HIP_NETLINK_TALK_ACK to zero help you? Hmm, I
remembered that this should have been zero by default. See also the long
comment in libhiptool/nlink.c:netlink_talk().
I changed this but it had no effect. However, looks like I was able to
debug what's the reason for the problems mentioned above. I've been
thinking that using RSA keys with all machines is ok and so my test
program also adds it's RSA public hit to the sender field of the ip packet
it sends. This was done because sometimes I need to send that same packet
labeled with my ipv6 address as sender.
I am not sure if I quite understand your description. Do you mean that you
communicate HITs in application layer payload (IP(TCP(HIT)))?
Now Ethereal showed that depending on the computer I was trying to
establish a hip connection, hipd used my RSA hit or DSA hit and it failed
because I always sent my ip packet with RSA hit. And all this while I'm
connecting to peers RSA HIT. Maybe this could be fixed sometime in the
future so that hipd doesnt start looping even when the user program is
using a wrong sender address.
It is possible for the initiator to use RSA and the responder to
use DSA and vice versa. Are you sure that your problem is related to this
or is the netlink interface just playing weird tricks on your platform?
Anyway, I'm wondering is there a way to force hip to use only RSA hits or
some other way to go around this problem? I tried leaving the ip packets
sender field empty and that way the hip traffic flows fine from my
programs point of view but the complication is that now I dont know which
sender hit I'm using with different peers. All the peers tested so far
have the same hip and kernel version. Right now I'm compiling the peers
kernel with the same .config as my host, maybe that will have same
effect...
Hmm.. currently the only way to do this is to delete the DSA hits from the
dummy interface.
And thanks for your patience Miika, your answers have been very valuable!
No problem, my pleasure.
--
Miika Komu http://www.iki.fi/miika/
Other related posts:
