Miika Komu wrote: Hi,I am not sure what is the problem in your system, but we might try to isolate the problem. Here's a guess, please try:
/etc/init.d/hipfw stopon both sides. It might be that the firewall is blocking all HIP traffic for some reason. Make sure that there are no rules left ("ip(6)tables -L -n"). If there are, just start "hipfw -k" from the command line and press ctrl+c. This will flush the rules.
shashank m wrote: Hi,for some reason the server is not responding to the I1. Do you see the I1 message on both sides and are you sure that the server is also running HIP?Hi again,I have just updated the kernel to 2.6.28 and getting the same problem here is the information required about the error.I dont have selinux enabled.As iam trying to connect two machines locally the two machines are not connected to internet and we added the mapping manually between the HIT and ipv6 address.without taking the support of dht.still we are unable to send the packets between the two systems.Please help. Thanks in advance. _ Here is the ocnfiguration on the server :_ root@pluton:~# dpkg -l 'hipl*' Desired=Unknown/Install/Remove/Purge/Hold| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)||/ Name Version Description+++-==============-==============-============================================ ii hipl-agent 1.0.4-42 Graphical user interface for HIP for Linux. ii hipl-all 1.0.4-42 HIPL software bundle: HIP for Linux librarie ii hipl-daemon 1.0.4-42 HIP for Linux IPsec key management and mobil ii hipl-dnsproxy 1.0.4-42 Name look-up proxy for HIP for Linux. Intercii hipl-doc 1.0.4-42 documentation for HIP for Linuxii hipl-firewall 1.0.4-42 HIPL multi-purpose firewall daemon. Public-kii hipl-lib 1.0.4-42 HIP for Linux librariesii hipl-test 1.0.4-42 netcat-like command line tools with built-in ii hipl-tools 1.0.4-42 Command line tools to control hipd from comm___________________-------------------------------------------------------------------------------------------root@pluton:~# hipconf get ha all Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 40 bytes received from HIP daemon ------------------------------------------------------- root@pluton:~# ip xfrm state ------------------------------------------------------- root@pluton:~# uname -aLinux pluton 2.6.28.10 #1 SMP Fri Jun 19 11:00:49 CEST 2009 i686 GNU/Linux ----------------------------------------------------------------------------root@pluton:~# cat /etc/hip/hipd_config # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd# add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous serverhit-to-ip on # resolve HITs to locators in dynamic DNS zone# hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net>. # resolve HITs to locators in dynamic DNS zonensupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels# add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net> 50000 # Register to free RVS at infrahip opendht on # turn DHT support on (use /etc/hip/dhtservers to define the used server)# locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none--------------------------------------------------------------------------root@pluton:~# ip6tables -L -n Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 ::/0 ::/0 ACCEPT tcp ::/0 ::/0 tcp dpt:1111ACCEPT tcp ::/0 ::/0 tcp spt:1111 Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD 0 ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT 0 ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0 Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0 Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0 -----------------------------------------------------------------------------------------------root@pluton:~# iptables -L -n Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-FORWARD (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> root@pluton:~# ---------------------------------------------------------------------------------------------------root@pluton:~# ps axu |grep hip nobody 9261 0.0 0.0 22432 2468 pts/0 S+ 11:57 0:00 hipd root 9290 0.0 0.0 13164 1220 pts/1 S+ 11:57 0:00 hipfw root 9393 0.0 0.0 2972 752 pts/4 R+ 12:03 0:00 grep hip ---------------------------------------------------- root@pluton:~# ps axu|grep dns root 9395 0.0 0.0 2972 760 pts/4 S+ 12:04 0:00 grep dns _ __Here is the ocnfiguration on the client:_ dpkg -l 'hipl*' Desired=Unknown/Install/ Remove/Purge/Hold| Status=Not/Installed/Config-f/Unpacked/Failed-cfg/Half-inst/t-aWait/T-pend |/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)||/ Name Version Description+++-==============-==============-======================================================================================================== ii hipl-agent 1.0.4-42 Graphical user interface for HIP for Linux. Provides user-friendly access control "buddy" lists for HIP. ii hipl-all 1.0.4-42 HIPL software bundle: HIP for Linux libraries, daemons and documentation ii hipl-daemon 1.0.4-42 HIP for Linux IPsec key management and mobility daemon ii hipl-dnsproxy 1.0.4-42 Name look-up proxy for HIP for Linux. Intercepts DNS look-ups and returns HIT or LSIs when correspondingii hipl-doc 1.0.4-42 documentation for HIP for Linuxii hipl-firewall 1.0.4-42 HIPL multi-purpose firewall daemon. Public-key/HIT-based access control, Local Scope Identifier support,ii hipl-lib 1.0.4-42 HIP for Linux librariesii hipl-test 1.0.4-42 netcat-like command line tools with built-in HIP support for developers ii hipl-tools 1.0.4-42 Command line tools to control hipd from command linehipconf get ha all Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is I1-SENT Local HIT: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 Peer HIT: 2001:0010:46cb:2c84:144e:f93c:4133:c357 Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 2001:0100:0006:5000:0214:6cff:fe53:180a Local NAT traversal UDP port: 0 Peer IP: 2001:0002:0000:0000:0000:0000:0000:0002 Peer NAT traversal UDP port: 0 Peer hostname: ip xfrm state -- no output uname -aLinux apollo3-laptop 2.6.28.10 #2 SMP Fri Jun 19 10:19:59 CEST 2009 i686 GNU/Linuxcat /etc/hip/hipd_config # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd# add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous serverhit-to-ip on # resolve HITs to locators in dynamic DNS zone# hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net/>. # resolve HITs to locators in dynamic DNS zonensupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels# add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net/> 50000 # Register to free RVS at infrahip opendht on # turn DHT support on (use /etc/hip/dhtservers to define the used server)# locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none cat /etc/selinux/config iptables -L -n Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ACCEPT 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-FORWARD (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp spt:50500 QUEUE udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> udp dpt:50500 QUEUE esp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> QUEUE 139 -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> ip6tables -L -nChain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 ::/0 ::/0 ACCEPT tcp ::/0 ::/0 tcp dpt:1111 ACCEPT 0 2001:10::/28 2001:10::/28 ACCEPT tcp ::/0 ::/0 tcp dpt:1111ACCEPT tcp ::/0 ::/0 tcp spt:1111 Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD 0 ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT 0 ::/0 ::/0 ACCEPT 0 2001:10::/28 2001:10::/28 Chain HIPFW-FORWARD (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0 Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0 Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE udp ::/0 ::/0 udp spt:50500QUEUE udp ::/0 ::/0 udp dpt:50500QUEUE esp ::/0 ::/0 QUEUE 139 ::/0 ::/0ps axu| grep hip nobody 9232 0.0 0.5 22472 2612 pts/1 S+ 11:55 0:00 hipd root 9263 0.0 0.2 13164 1240 pts/3 S+ 11:55 0:00 hipfw root 9437 0.0 0.1 2972 756 pts/7 S+ 12:06 0:00 grep hip ping ps axu| grep dns root 9439 0.0 0.1 2972 752 pts/7 R+ 12:06 0:00 grep dns _ _ 2009/6/16 Miika Komu <miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx>> shashank m wrote: Hi, you're system is running too old kernel. Please either use userspace ipsec or upgrade to 2.6.27 or higher. I hope this is now more clear in the manual: http://infrahip.hiit.fi/hipl/manual/ch02.html Hi , I have added the tcp port in the ip6 tables and restarted the hifw and still have the same problem.I am just pasting all the information of my configuration .And i dont have SELINUX enabled in my Ubuntu dist here is the in formation at my server .it always try to connect to dht gateway though we provide mapping manually. please do check this ,Thank s in advance .eth0 Link encap:Ethernet HWaddr 00:1C:23:2F:1D:56 inet addr:192.168.12.165 Bcast:192.168.12.255 Mask:255.255.255.0inet6 addr: 2001:2::2/64 Scope:Global inet6 addr: fe80::21c:23ff:fe2f:1d56/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1303 errors:0 dropped:0 overruns:0 frame:0 TX packets:1074 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:597647 (583.6 KB) TX bytes:169937 (165.9 KB) Interrupt:17 on the server console hipconf add map 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 2001:100:6:5000:214:6cff:fe53:180a we added the mapping of the client's hit and clients IPv6 address manually.But I dont know why it always try to connect using the IPv4 address to the opendht but normally when we try to ping this address it works. # hipconf get ha all Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is ESTABLISHED Local HIT: 2001:0010:46cb:2c84:144e:f93c:4133:c357 Peer HIT: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 2001:0002:0000:0000:0000:0000:0000:0002 Local NAT traversal UDP port: 0 Peer IP: 2001:0100:0006:5000:0214:6cff:fe53:180a Peer NAT traversal UDP port: 0 Peer hostname: root@pluton:/etc# ip xfrm state src 2001:2::2 dst 2001:100:6:5000:214:6cff:fe53:180a proto esp spi 0xe9f6f347 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0x2bd52bfa74ba4e4618edaff0d44afcd2e9513a3a enc cbc(aes) 0x9703989ad6c8d03dd6d983ac05ceaa67 sel src 2001:10:46cb:2c84:144e:f93c:4133:c357/128 dst 2001:13:cea1:6bc9:2032:b90b:e96a:2130/128 src 2001:100:6:5000:214:6cff:fe53:180a dst 2001:2::2 proto esp spi 0x3e8555c7 reqid 0 mode beet replay-window 0 auth hmac(sha1) 0xfb865ed61ac0315c4a832a6b13c71581fdc8f5fd enc cbc(aes) 0x180fd0a470d0d093d1ec910c12c8fdea sel src 2001:13:cea1:6bc9:2032:b90b:e96a:2130/128 dst 2001:10:46cb:2c84:144e:f93c:4133:c357/128 root@pluton:/sbin# cat /etc/hip/hipd_config# Format of this file is as with hipconf, but without hipconf prefix# add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd # add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server hit-to-ip on # resolve HITs to locators in dynamic DNS zone # hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net>. # resolve HITs to locators in dynamic DNS zone nsupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net> 50000 # Register to free RVS at infrahip opendht on # turn DHT support on (use /etc/hip/dhtservers to define the used server) # locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL)nat plain-udp # use UDP capsulation (for NATted environments)debug medium # debug verbosity: all, medium or none root@pluton:/sbin# uname -a Linux pluton 2.6.22-14-generic #1 SMP Tue Feb 12 07:42:25 UTC 2008 i686 GNU/Linux root@pluton:/sbin# cat /etc/hip/hipd_config# Format of this file is as with hipconf, but without hipconf prefix# add hi default # add all four HITs (see bug id 522) # add map HIT IP # preload some HIT-to-IP mappings to hipd # add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous server hit-to-ip on # resolve HITs to locators in dynamic DNS zone # hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net>. # resolve HITs to locators in dynamic DNS zone nsupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net> 50000 # Register to free RVS at infrahip opendht on # turn DHT support on (use /etc/hip/dhtservers to define the used server) # locator on # host sends all of its locators in base exchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL)nat plain-udp # use UDP capsulation (for NATted environments)debug medium # debug verbosity: all, medium or none iptables Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD 0 -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> Chain OUTPUT (policy ACCEPT)target prot opt source destination HIPFW-OUTPUT 0 -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE 0 -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> 1.0.0.0/8 <http://1.0.0.0/8> <http://1.0.0.0/8> # ip6tables -L -n Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT 0 ::/0 ::/0 ACCEPT tcp ::/0 ::/0 tcpdpt:1111 Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD 0 ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT 0 ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE 0 ::/0 2001:10::/28 Chain HIPFW-OUTPUT (1 references)target prot opt source destination ps axu |grep hip nobody 6531 0.0 0.1 25672 5864 pts/0 S+ Jun15 0:21 hipd nobody 6784 0.0 0.0 13344 1096 pts/2 S Jun15 0:00 /usr/sbin/hipfw -bklpF root 7695 0.0 0.0 2976 768 pts/1 S+ 15:00 0:00 grep hip # ps axu |grep dns root 7697 0.0 0.0 2972 760 pts/1 R+ 15:00 0:00 grep dns On th server console: info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 info(input.c:460@hip_receive_control_packet): HIT Sender: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(input.c:461@hip_receive_control_packet): HIT Receiver: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(hadb.c:138@hip_hadb_find_byhits): HIT1: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(hadb.c:139@hip_hadb_find_byhits): HIT2: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(output.c:970@hip_xmit_r1): hip_xmit_r1(): ripkt->hitr: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(input.c:460@hip_receive_control_packet): HIT Sender: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(input.c:461@hip_receive_control_packet): HIT Receiver: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(hadb.c:138@hip_hadb_find_byhits): HIT1: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(hadb.c:139@hip_hadb_find_byhits): HIT2: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(input.c:1669@hip_handle_i2): i2_saddr: 2001:0100:0006:5000:0214:6cff:fe53:180a info(input.c:1670@hip_handle_i2): i2_daddr: 2001:0002:0000:0000:0000:0000:0000:0002 info(hadb.c:2248@hip_init_peer): peer's hit: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(hadb.c:2249@hip_init_peer): entry's hit: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(xfrmapi.c:513@hip_add_sa): src_hit: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 info(xfrmapi.c:514@hip_add_sa): dst_hit: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(xfrmapi.c:513@hip_add_sa): src_hit: 2001:0010:46cb:2c84:144e:f93c:4133:c357 info(xfrmapi.c:514@hip_add_sa): dst_hit: 2001:0013:cea1:6bc9:2032:b90b:e96a:2130 error(update.c:3074@hip_handle_locator_parameter): No locator to handle error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host info(update.c:3254@hip_build_locators): Created one locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3275@hip_build_locators): Created one locator item: : 192.168.12.165 info(update.c:3289@hip_build_locators): Looking for reflexive, prefered addres: : 2001:0100:0006:5000:0214:6cff:fe53:180a info(update.c:3291@hip_build_locators): Looking for reflexive, local addres: : 2001:0002:0000:0000:0000:0000:0000:0002 info(update.c:3295@hip_build_locators): Looking for reflexive addr: : 0000:0000:0000:0000:0000:0000:0000:0000 info(update.c:3350@hip_build_locators): Created one local type2 locator item: : 2001:0002:0000:0000:0000:0000:0000:0002 info(debug.c:832@hip_print_locator): LOCATOR from UDP: 192.168.12.165 info(debug.c:723@hip_print_locator_addresses): LOCATOR: 192.168.12.165 error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host error(libhipopendht.c:313@opendht_send): Error opendht_send: No route to host 2009/6/8 Miika Komu <miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx> <mailto:miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx>>> Adrian Alvarez wrote: Hi, run "/etc/init.d/hipfw restart" on both sides and please try again. It appears that you have the queue rules in place but no hipfw running (crashed?). This causes ESP packets to be "stuck". Hope this helps... hello again, I tried adding tcp port 1111 to ip6tqbles and we are still unable to transfer data. Here is the information of the system at the time of the issue: Responder information: SAs Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is ESTABLISHED Local HIT: 2001:0018:ea59:a472:459f:ec45: 0cdc:7113 Peer HIT: 2001:001a:c2da:a601:1cfd:e9dd:5719:37dc Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 3ffe:0000:0000:0000:0000:0000:0000:0002 Local NAT traversal UDP port: 0 Peer IP: 3ffe:0000:0000:0000:0000:0000:0000:0004 Peer NAT traversal UDP port: 0 Peer hostname: ip xfrm src 3ffe::2 dst 3ffe::4 proto esp spi 0x70e176a1 reqid 0 mode beet replay-window 0auth hmac(sha1) 0xbd7c623ba16ee3b08c0cfd0619d0f003940d4cecenc cbc(aes) 0x82cc95e7d55624bb2dca3ae8302a6fc4 sel src 2001:18:ea59:a472:459f:ec45:cdc:7113/128 dst 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 src 3ffe::4 dst 3ffe::2 proto esp spi 0xdfcd7423 reqid 0 mode beet replay-window 0auth hmac(sha1) 0x01db34f498c91be1ad6aa858dd765f484d69fc52enc cbc(aes) 0x10a036d9e3558f9dbc1ff00e4e0f28e5 sel src 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 dst 2001:18:ea59:a472:459f:ec45:cdc:7113/128 uname Linux vault101 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux hipd_config # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522)# add map HIT IP # preload some HIT-to-IP mappings to hipd# add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous serverhit-to-ip on # resolve HITs to locators in dynamic DNS zone# hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net/>. # resolve HITs to locators in dynamic DNS zone nsupdate off # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net/> 50000 # Register to free RVS at infrahipopendht off # turn DHT support on (use /etc/hip/dhtservers todefine the used server)# locator on # host sends all of its locators in baseexchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) #nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none iptables Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> Chain OUTPUT (policy ACCEPT)target prot opt source destination HIPFW-OUTPUT all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> Chain HIPFW-FORWARD (1 references)target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 1.0.0.0/8 <http://1.0.0.0/8> <http://1.0.0.0/8> <http://1.0.0.0/8> ip6tables Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT all ::/0 ::/0 Chain FORWARD (policy ACCEPT) target prot opt source destination HIPFW-FORWARD all ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE all ::/0 2001:10::/28ps aux|grep hip nobody 3615 0.0 0.0 14668 2504 pts/0 S+ 11:30 0:00 hipd root 4916 0.0 0.0 3336 788 pts/3 R+ 11:43 0:00 grep hip ps aux|grep dns root 4918 0.0 0.0 3336 788 pts/3 R+ 11:43 0:00 grep dns Initiator's info Sending user message 22 to HIPD on socket 3 Sent 40 bytes Waiting to receive daemon info. 216 bytes received from HIP daemon HA is ESTABLISHED Local HIT: 2001:001a:c2da:a601:1cfd:e9dd:5719:37dc Peer HIT: 2001:0018:ea59:a472:459f:ec45:0cdc:7113 Local LSI: 1.0.0.1 Peer LSI: 1.0.0.2 Local IP: 3ffe:0000:0000:0000:0000:0000:0000:0004 Local NAT traversal UDP port: 0 Peer IP: 3ffe:0000:0000:0000:0000:0000:0000:0002 Peer NAT traversal UDP port: 0 Peer hostname: vault101 src 3ffe::4 dst 3ffe::2 proto esp spi 0xdfcd7423 reqid 0 mode beet replay-window 0auth hmac(sha1) 0x01db34f498c91be1ad6aa858dd765f484d69fc52enc cbc(aes) 0x10a036d9e3558f9dbc1ff00e4e0f28e5 sel src 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 dst 2001:18:ea59:a472:459f:ec45:cdc:7113/128 src 3ffe::2 dst 3ffe::4 proto esp spi 0x70e176a1 reqid 0 mode beet replay-window 0auth hmac(sha1) 0xbd7c623ba16ee3b08c0cfd0619d0f003940d4cecenc cbc(aes) 0x82cc95e7d55624bb2dca3ae8302a6fc4 sel src 2001:18:ea59:a472:459f:ec45:cdc:7113/128 dst 2001:1a:c2da:a601:1cfd:e9dd:5719:37dc/128 Linux vault113 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux # Format of this file is as with hipconf, but without hipconf prefix # add hi default # add all four HITs (see bug id 522)# add map HIT IP # preload some HIT-to-IP mappings to hipd# add service rvs # the host acts as HIP rendezvous (see also /etc/hip/relay_config) # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> <lifetime-secs> # register to rendezvous serverhit-to-ip on # resolve HITs to locators in dynamic DNS zone# hit-to-ip set hit-to-ip.infrahip.net <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net> <http://hit-to-ip.infrahip.net>. # resolve HITs to locators in dynamic DNS zone nsupdate on # send dynamic DNS updates # heartbeat 10 # send ICMPv6 messages inside HIP tunnels # add server rvs hiprvs.infrahip.net <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net> <http://hiprvs.infrahip.net> 50000 # Register to free RVS at infrahipopendht on # turn DHT support on (use /etc/hip/dhtservers todefine the used server)# locator on # host sends all of its locators in baseexchange # opp normal|advanced|none # transform order 213 # crypto preference order (1=AES, 2=3DES, 3=NULL) nat plain-udp # use UDP capsulation (for NATted environments) debug medium # debug verbosity: all, medium or none iptable Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> tcp dpt:1111Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0> <http://0.0.0.0/0> Chain OUTPUT (policy ACCEPT)target prot opt source destination HIPFW-OUTPUT all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0> <http://0.0.0.0/0><http://0.0.0.0/0> Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination Chain HIPFW-OUTPUT (1 references) target prot opt source destination QUEUE all -- 0.0.0.0/0 <http://0.0.0.0/0><http://0.0.0.0/0> <http://0.0.0.0/0> 1.0.0.0/8 <http://1.0.0.0/8> <http://1.0.0.0/8><http://1.0.0.0/8>ip6table Chain INPUT (policy ACCEPT)target prot opt source destination HIPFW-INPUT all ::/0 ::/0 ACCEPT tcp ::/0 ::/0 tcpdpt:1111 Chain FORWARD (policy ACCEPT)target prot opt source destination HIPFW-FORWARD all ::/0 ::/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination HIPFW-OUTPUT all ::/0 ::/0 Chain HIPFW-FORWARD (1 references) target prot opt source destination Chain HIPFW-INPUT (1 references) target prot opt source destination QUEUE all ::/0 2001:10::/28Chain HIPFW-OUTPUT (1 references)target prot opt source destination nobody 13663 0.0 0.0 14792 2792 pts/0 S+ 11:360:00 hipd root 14735 0.0 0.0 3336 788 pts/2 R+ 11:52 0:00 grep hip root 14737 0.0 0.0 3336 792 pts/2 R+ 11:52 0:00 grep dns thanks, Adrian On Mon, Jun 8, 2009 at 10:09 AM, Miika Komu <miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx> <mailto:miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx>> <mailto:miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx> <mailto:miika.komu@xxxxxxx <mailto:miika.komu@xxxxxxx>>>> wrote: Adrian Alvarez wrote: Hi, I got connection refused, but after allowing tcp port 1111 in iptables/ip6tables it started working. I added some bug reporting instructions to bugzilla. Please give all information for us to try to reproduce the problem: http://infrahip.hiit.fi/hipl/manual/ch08.html Are you running kernel version >= 2.6.27? Hi all, We are having some problems trying establish communications between two hosts using hip. We have followed the instruction ofthe manual very closely, however, it is impossible totransfer some date from one host to another using hip.We are using wireshark to monitor the exchange, and wewere able to observe the following: 1) HIP base exchange between the two hosts is completed. 2) TCP data transfer via HIP is not realized. 3) The initiator node sends a TCP SYN with the HIT info, but the responder node fails to send an ACK back. This seems similar to Shashank's issue. Any light on this matter would be useful. Thank you all. Adrian. On Sun, Jun 7, 2009 at 3:56 PM, shashank m <shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx>> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx>>> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx>> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx> <mailto:shashanm@xxxxxxxxx <mailto:shashanm@xxxxxxxxx>>>>> wrote: Hello,I was trying to connect two systemslocally using hip with an IPV6 application given in the manual.*Conntest-client* and *conntest-server*.I have disabled opendht support as I have given the mapping between the HIT s and Ipv6 addresses manually using *hipconf*. after executing "Conntest-client-hip [HIT_server] tcp 1111" it prints the mapping with the hit and IPV6 address of the server and the base exchange happens but the messages are not transmitted to the server .I think that the mapping is not working properly in the code .Please do solve the problemin the client console i often see this messsae"""------State established not triggering bex--------" thismessage comes repeatedly .I think this is onlybecause of the mapping problem .Correct me if I am wrong. Thanks in advance, Regards, Shashank.M. Regards, Shashank.M.Regards,Shashank.M.