[hipl-users] Re: Problems with RVS

  • From: Paola Venuso <pa.venuso@xxxxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Mon, 14 Oct 2013 15:58:42 +0200

Hi Miika,

Yes, I did. But it didn't work.
Il giorno 14/ott/2013 15:40, "Miika Komu" <mkomu@xxxxxxxxx> ha scritto:

> Hi Paola,
>
> it seems that you got HIP working with IPv4 locators. Did you try with two
> locally configured IPv6 locators (3ffe::x/64)?
>
> On 10/14/2013 02:13 PM, Paola Venuso wrote:
>
>> Hi Miika,
>>
>> I checked and I think my site firewall isn't blocking Teredo traffic.
>> Anyway this is the output:
>>
>> paola@ubuntu:~$ dig -t aaaa www.google.com <http://www.google.com>
>>
>> ; <<>> DiG 9.8.1-P1 <<>> -t aaaa www.google.com <http://www.google.com>
>> ;; global options: +cmd
>> ;; Got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27694
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>>
>> ;; QUESTION SECTION:
>> ;www.google.com <http://www.google.com>.            IN    AAAA
>>
>> ;; ANSWER SECTION:
>> www.google.com <http://www.google.com>.        300    IN    AAAA
>> 2a00:1450:4002:804::1010
>>
>> ;; Query time: 165 msec
>> ;; SERVER: 127.0.0.53#53(127.0.0.53)
>> ;; WHEN: Mon Oct 14 03:22:40 2013
>> ;; MSG SIZE  rcvd: 60
>>
>>
>> paola@ubuntu:~$ ping6 2a00:1450:4010:c04::68
>> PING 2a00:1450:4010:c04::68(2a00:**1450:4010:c04::68) 56 data bytes
>> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=1 ttl=55 time=371 ms
>> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=2 ttl=55 time=110 ms
>> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=3 ttl=55 time=110 ms
>> ^C
>> --- 2a00:1450:4010:c04::68 ping statistics ---
>> 3 packets transmitted, 3 received, 0% packet loss, time 2004ms
>> rtt min/avg/max/mdev = 110.529/197.440/371.075/122.**778 ms
>>
>>
>>
>> paola@ubuntu:~$ ip route get 2a00:1450:4010:c04::68
>> 2a00:1450:4010:c04::68 from :: via 2a00:1450:4010:c04::68 dev teredo
>> src 2001:0:53aa:64c:2cb6:3c14:**4367:467f  metric 0
>>      cache
>>
>>
>> I also tried with your test machine:
>>
>> paola@ubuntu:~$ ping6 2001:0:53aa:64c:3026:52b2:**ad4a:8b91
>> PING
>> 2001:0:53aa:64c:3026:52b2:**ad4a:8b91(2001:0:53aa:64c:**
>> 3026:52b2:ad4a:8b91)
>> 56 data bytes
>> 64 bytes from 2001:0:53aa:64c:3026:52b2:**ad4a:8b91: icmp_seq=1 ttl=64
>> time=243 ms
>> 64 bytes from 2001:0:53aa:64c:3026:52b2:**ad4a:8b91: icmp_seq=2 ttl=64
>> time=112 ms
>> ^C
>> --- 2001:0:53aa:64c:3026:52b2:**ad4a:8b91 ping statistics ---
>> 2 packets transmitted, 2 received, 0% packet loss, time 1000ms
>> rtt min/avg/max/mdev = 112.229/177.819/243.410/65.591 ms
>>
>>
>>
>>
>> Then I tried in my network:
>>
>> - with eth0 I got only I1 packet
>> - with Teredo I got "destination unreachable" error
>>
>> And when I stopped ping6 there was 100% of packet loss. I also tried to
>> edit manually the hosts files with different configuration but the same
>> happened.
>>
>> Thanks,
>>
>> Paola
>>
>>
>>
>> 2013/10/12 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>
>>     Hi Paola,
>>
>>     initially, Teredo traffic is forwarded through a Teredo server to
>>     guaranteee NAT traversal and then miredo software tries to pinhole
>>     the NAT. My guess is that your *site* firewall is blocking the
>>     inital messages with the Teredo server. You can double check this as
>>     follows:
>>
>>     mkomu@bling:~$ dig -t aaaa www.google.com <http://www.google.com>
>>
>>     ; <<>> DiG 9.8.1-P1 <<>> -t aaaa www.google.com <
>> http://www.google.com>
>>     ;; global options: +cmd
>>     ;; Got answer:
>>     ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12399
>>     ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>>
>>     ;; QUESTION SECTION:
>>     ;www.google.com <http://www.google.com>.                        IN
>>         AAAA
>>
>>     ;; ANSWER SECTION:
>>     www.google.com <http://www.google.com>.         214     IN      AAAA
>>         2a00:1450:4010:c03::93
>>
>>     ;; Query time: 333 msec
>>     ;; SERVER: 193.229.0.40#53(193.229.0.40)
>>     ;; WHEN: Sat Oct 12 14:20:35 2013
>>     ;; MSG SIZE  rcvd: 60
>>
>>     mkomu@bling:~$ ping6 2a00:1450:4010:c04::68
>>     PING 2a00:1450:4010:c04::68(2a00:__**1450:4010:c04::68) 56 data bytes
>>     64 bytes from 2a00:1450:4010:c04::68: icmp_seq=1 ttl=55 time=1363 ms
>>     64 bytes from 2a00:1450:4010:c04::68: icmp_seq=2 ttl=55 time=441 ms
>>     ^C
>>     --- 2a00:1450:4010:c04::68 ping statistics ---
>>     2 packets transmitted, 2 received, 0% packet loss, time 1000ms
>>     rtt min/avg/max/mdev = 441.913/902.595/1363.277/460._**_682 ms, pipe
>> 2
>>     mkomu@bling:~$ ip route get 2a00:1450:4010:c04::68
>>     2a00:1450:4010:c04::68 from :: via 2a00:1450:4010:c04::68 dev teredo
>>     src 2001:0:53aa:64c:473:6a2c:ab19:**__60e3  metric 0
>>
>>     If this does not work for you, it probably means that the firewall
>>     your site is blocking Teredo. You can contact your site
>>     administrator to open the UDP port 3544.
>>
>>     You can also try the 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91 (my test
>>     machine) which is actually behind a real NAT unlike the google
>>     server. If you can reach google server, but not mine, it most likely
>>     means that either of us is using a p2p-incompatible NAT.
>>
>>     You can also try e.g. 3ffe::x/64 address space for local experiments
>>     in your local LAN (or WLAN). Just configure it to the eth0 (or other
>>     device) for two machines and try pinging each other.
>>
>>
>>     On 10/11/2013 09:03 PM, Paola Venuso wrote:
>>
>>         Hi Miika,
>>
>>         I uncommented the line "Bindport 3545" in file miredo.conf as I
>>         read on
>>         the man page of miredo and checked ufw files for rules blocking
>> IPv6
>>         traffic (I uncommented two about forwarding, the others about
>>         enabling
>>         this traffic were already uncommented). Then I tried ping6 the
>>         locators
>>         and I got the message: unknown host.
>>         Also I tried manual set up with IPv4-based locators, as you
>>         wrote me,
>>         and my host exchanged HIP UPDATE and I1, R1, I2, R2 packets with
>>         another
>>         host, with address193.167.187.149, that I don't know but I guess
>>         maybe
>>         it's one of infrahip servers.
>>         Anyway, I am not sure I checked correctly for rules about IPv6
>>         traffic.
>>         What should I do about this? Could all this problems be
>>         connected also
>>         with virtual machine net configuration? It is NAT by default,
>>         but there
>>         are some other options.
>>
>>         Thanks for all the help you're giving to me.
>>
>>         Paola
>>
>>
>>         2013/10/11 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>
>>
>>
>>              Hi Paola,
>>
>>              it seems your installation is fine. Base on my own
>>         experiences, I
>>              think that a middlebox (firewall) is blocking your IPv6
>>         traffic (in
>>              the case of Teredo it's UDP port 3544). Did you try to
>>         ping6 the
>>              routable addresses (locators)?
>>
>>              I also recommend trying a manual set up with IPv4-based
>>         locators as
>>              follows:
>>
>>              hipconf daemon rst all
>>              hipconf daemon add map PEER_HIT PEER_IPV4_ADDRESS
>>              ping6 PEER_HIT
>>
>>
>>              On 10/10/2013 12:42 AM, Paola Venuso wrote:
>>
>>                  Hi Miika,
>>
>>                  hipd is running at the responder, the firewall is not
>>         blocking HIP
>>                  traffic and I don't use redhat-based distro.
>>                  This is the output of the commands from the manual:
>>
>>                  paola@ubuntu:~$ dpkg -l 'hipl*'
>>                  Desired=Unknown/Install/____**Remove/Purge/Hold
>>                  |
>>
>>         Status=Not/Inst/Conf-files/___**_Unpacked/halF-conf/Half-inst/**
>> ____trig-aWait/Trig-pend
>>
>>                  |/ Err?=(none)/Reinst-required (Status,Err:
>> uppercase=bad)
>>                  ||/ Nome           Versione       Descrizione
>>
>>         +++-==============-===========**____===-======================**
>> ==__==__==================
>>
>>                  ii  hipl-all       1.0.8-6429     HIP for Linux full
>>         software bundle
>>                  ii  hipl-daemon    1.0.8-6429     HIP for Linux IPsec key
>>                  management and
>>                  mobil
>>                  ii  hipl-dnsproxy  1.0.8-6429     HIP for Linux name
>>         lookup proxy
>>                  ii  hipl-doc       1.0.8-6429     HIP for Linux
>>         documentation
>>                  ii  hipl-firewall  1.0.8-6429     HIP for Linux
>>         multi-purpose
>>                  firewall
>>                  daemon
>>                  un  hipl-minimal   <nessuna>      (nessuna descrizione
>>         disponibile)
>>                  un  hipl-tools     <nessuna>      (nessuna descrizione
>>         disponibile)
>>                  paola@ubuntu:~$ hipconf daemon get ha all
>>                  Sending user message 22 to HIPD on socket 3
>>                  Sent 40 bytes
>>                  Waiting to receive daemon info.
>>                  240 bytes received from HIP daemon.
>>                  HA is I1-SENT
>>                     Shotgun mode is off.
>>                     Broadcast mode is off.
>>                     Local HIT: 2001:0012:421d:99a0:005d:d60f:**
>> ____73b0:4407
>>                     Peer  HIT: 2001:001a:2a72:f01c:d98e:311c:**
>> ____c76a:57c4
>>
>>                     Local LSI: 1.0.0.1
>>                     Peer  LSI: 1.0.0.2
>>                     Local IP: 2001:0000:53aa:064c:2cde:3e12:**
>> ____4367:467f
>>
>>                     Local NAT traversal UDP port: 10500
>>                     Peer  IP: 2001:0708:0140:0220:0000:0000:**
>> ____0000:0016
>>
>>                     Peer  NAT traversal UDP port: 10500
>>                     Peer  hostname:
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>                  paola@ubuntu:~$ uname -a
>>                  Linux ubuntu 3.5.0-41-generic #64~precise1-Ubuntu SMP
>>         Thu Sep 12
>>                  17:01:55 UTC 2013 i686 i686 i386 GNU/Linux
>>                  paola@ubuntu:~$ lsb_release -a
>>                  No LSB modules are available.
>>                  Distributor ID:    Ubuntu
>>                  Description:    Ubuntu 12.04.3 LTS
>>                  Release:    12.04
>>                  Codename:    precise
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>                  paola@ubuntu:~$ cat /etc/hip/hipd.conf
>>                  # Format of this file is as with hipconf, but without
>>         "hipconf
>>                  daemon"
>>                  prefix
>>                  # add hi default    # add all four HITs (see bug id
>> 592127)
>>                  # add map HIT IP    # preload some HIT-to-IP mappings
>>         to hipd
>>                  # add service rvs   # the host acts as HIP rendezvous
>>         (also see
>>                  relay.conf)
>>                  # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME>
>>         <lifetime-secs> #
>>                  register to rendezvous server
>>                  # add server relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME>
>>                  <lifetime-secs> #
>>                  register to relay server
>>                  # add server full-relay [RELAY-HIT] <RVS-IP-OR-HOSTNAME>
>>                  <lifetime-secs>
>>                  # register to relay server
>>                  hit-to-ip on # resolve HITs to locators in dynamic DNS
>> zone
>>                  # hit-to-ip set hit-to-ip.infrahip.net
>>         <http://hit-to-ip.infrahip.net**>
>>                  
>> <http://hit-to-ip.infrahip.**net__<http://hit-to-ip.infrahip.net__>
>> >
>>         <http://hit-to-ip.infrahip.__**net__
>>         <http://hit-to-ip.infrahip.**net__<http://hit-to-ip.infrahip.net__>
>> >>.
>>
>>
>>                  # resolve HITs to locators in dynamic DNS zone
>>                  nsupdate on # send dynamic DNS updates
>>                  # add server rvs hiprvs.infrahip.net
>>         <http://hiprvs.infrahip.net>
>>                  <http://hiprvs.infrahip.net>
>>         <http://hiprvs.infrahip.net> 50000
>>
>>
>>                  # Register to free RVS at infrahip
>>                  # heartbeat 10 # send ICMPv6 messages inside HIP tunnels
>>                  # locator on        # host sends all of its locators in
>>         base
>>                  exchange
>>                  # shotgun on # use all possible src/dst IP combinations
>>         to send
>>                  I1/UPDATE
>>                  # broadcast on # broadcast to LAN if no matching IP
>>         address found
>>                  # opp normal|advanced|none
>>                  # transform order 213 # crypto preference order (1=AES,
>>         2=3DES,
>>                  3=NULL)
>>                  nat plain-udp       # use UDP capsulation (for NATted
>>         environments)
>>                  #nat port local 11111 # change local default UDP port
>>                  #nat port peer 22222 # change local peer UDP port
>>                  debug medium        # debug verbosity: all, medium, low
>>         or none
>>                  default-hip-version 1 # default HIP version number for
>>         the I1
>>                  message.
>>                  (1=HIPv1, 2=HIPv2)
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>                  paola@ubuntu:~$ sudo iptables -L -n
>>                  Chain INPUT (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-INPUT  all  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     139  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     139  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>            udp spt:10500
>>                  ACCEPT     esp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     icmpv6-- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     all  -- 1.0.0.0/8 <http://1.0.0.0/8>
>>         <http://1.0.0.0/8>
>>                  <http://1.0.0.0/8> 1.0.0.0/8 <http://1.0.0.0/8>
>>         <http://1.0.0.0/8>
>>                  <http://1.0.0.0/8>
>>
>>
>>                  Chain FORWARD (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-FORWARD  all  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>
>>
>>                  Chain OUTPUT (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-OUTPUT  all  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     139  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     udp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>            udp dpt:10500
>>                  ACCEPT     esp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     icmpv6-- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>
>>                  ACCEPT     all  -- 1.0.0.0/8 <http://1.0.0.0/8>
>>         <http://1.0.0.0/8>
>>                  <http://1.0.0.0/8> 1.0.0.0/8 <http://1.0.0.0/8>
>>         <http://1.0.0.0/8>
>>                  <http://1.0.0.0/8>
>>
>>
>>                  Chain HIPFW-FORWARD (1 references)
>>                  target     prot opt source               destination
>>
>>                  Chain HIPFW-INPUT (1 references)
>>                  target     prot opt source               destination
>>                  NFQUEUE    udp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>            udp spt:10500 NFQUEUE num
>> 0
>>                  NFQUEUE    udp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>            udp dpt:10500 NFQUEUE num
>> 0
>>                  NFQUEUE    esp  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0>            NFQUEUE num 0
>>
>>
>>                  Chain HIPFW-OUTPUT (1 references)
>>                  target     prot opt source               destination
>>                  NFQUEUE    all  -- 0.0.0.0/0 <http://0.0.0.0/0>
>>         <http://0.0.0.0/0>
>>                  <http://0.0.0.0/0> 1.0.0.0/8 <http://1.0.0.0/8>
>>         <http://1.0.0.0/8>
>>                  <http://1.0.0.0/8>            NFQUEUE num 0
>>
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>
>>                  paola@ubuntu:~$ sudo ip6tables -L -n
>>                  Chain INPUT (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-INPUT  all      ::/0                 ::/0
>>                  ACCEPT     all      2001:10::/28         2001:10::/28
>>
>>                  Chain FORWARD (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-FORWARD  all      ::/0                 ::/0
>>
>>                  Chain OUTPUT (policy ACCEPT)
>>                  target     prot opt source               destination
>>                  HIPFW-OUTPUT  all      ::/0                 ::/0
>>                  ACCEPT     all      2001:10::/28         2001:10::/28
>>
>>                  Chain HIPFW-FORWARD (1 references)
>>                  target     prot opt source               destination
>>
>>                  Chain HIPFW-INPUT (1 references)
>>                  target     prot opt source               destination
>>                  NFQUEUE    esp      ::/0                 ::/0
>>                  NFQUEUE num 1
>>                  NFQUEUE    all      ::/0                 2001:10::/28
>>                  NFQUEUE num 1
>>
>>                  Chain HIPFW-OUTPUT (1 references)
>>                  target     prot opt source               destination
>>                  NFQUEUE    udp      ::/0                 2001:10::/28
>>                  NFQUEUE num 1
>>                  NFQUEUE    icmp     ::/0                 2001:10::/28
>>                  NFQUEUE num 1
>>                  NFQUEUE    tcp      ::/0                 2001:10::/28
>>                  NFQUEUE num 1
>>                  NFQUEUE    icmpv6    ::/0                 2001:10::/28
>>                  NFQUEUE num 1
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>                  paola@ubuntu:~$ ps axu | grep hip
>>                  nobody    1002  0.0  0.1   4980  2004 ?        S
>>           14:21   0:00
>>                  /usr/sbin/hipd -bkN
>>                  nobody    1092  0.0  0.1   5116  1220 ?        S
>>           14:21   0:00
>>                  /usr/sbin/hipfw -bklpFi
>>                  root      1477  0.0  0.6  10860  6576 ?        S
>>           14:21   0:00
>>                  python
>>                  /usr/sbin/hipdnsproxy -k
>>                  root      3144  0.0  0.0      0     0 ?        Z
>>           14:22   0:00
>>                  [hipconf] <defunct>
>>                  paola     3304  0.0  0.0   4412   832 pts/0    S+
>>         14:32   0:00
>>                  grep
>>                  --color=auto hip
>>
>>
>>         ------------------------------**____--------------------------**
>> --__--__----------------------**----__----__------------------**
>> ------__------
>>
>>
>>                  paola@ubuntu:~$ ps axu | grep dns
>>                  root      1477  0.0  0.6  10860  6576 ?        S
>>           14:21   0:00
>>                  python
>>                  /usr/sbin/hipdnsproxy -k
>>                  nobody    2155  0.0  0.1   5400  1388 ?        S
>>           14:21   0:00
>>                  /usr/sbin/dnsmasq --no-resolv --keep-in-foreground
>>         --no-hosts
>>                  --bind-interfaces
>>
>>         --pid-file=/var/run/sendsigs._**___omit.d/network-manager.____**
>> dnsmasq.pid
>>                  --listen-address=127.0.0.1
>>                  --conf-file=/var/run/nm-dns-__**__dnsmasq.conf
>>                  --cache-size=0 --proxy-dnssec --enable-dbus
>>                  --conf-dir=/etc/____**NetworkManager/dnsmasq.d
>>
>>                  paola     3307  0.0  0.0   4412   836 pts/0    S+
>>         14:32   0:00
>>                  grep
>>                  --color=auto dns
>>
>>
>>                  Thanks a lot,
>>
>>                  Paola
>>
>>
>>                  2013/10/9 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
>>
>>
>>                       Hi Paola,
>>
>>                       please provide some more information as instructed
>>         in the
>>                  manual:
>>
>>         
>> http://hipl.hiit.fi/hipl/_____**_manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/______manual/HOWTO.html#quick>
>>         
>> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick>
>> >
>>                  
>> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick>
>>         
>> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick>
>> >>
>>
>>
>>
>>           
>> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick>
>>         
>> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick>
>> >
>>                  
>> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick>
>>         
>> <http://hipl.hiit.fi/hipl/**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/manual/HOWTO.html#quick>
>> >>>
>>
>>                       Some additional questions:
>>
>>                       * Are running hipd at the responder?
>>                       * Is there a firewall blocking HIP traffic
>>         (default UDP
>>                  port 10500)
>>                       * If you use redhat-based distro, have you
>>         disabled SElinux
>>                  (please
>>                       refer to the manual)?
>>
>>
>>                       On 10/09/2013 12:27 PM, Paola Venuso wrote:
>>
>>                           Hi,
>>                           I have an update. I tried again direct
>>         communication
>>                  and now the
>>                           initiator can send the I1 packet. I tried also
>>         with Teredo
>>                           addresses but
>>                           its the same, I can see only I1 packet.
>>
>>
>>                           2013/10/8 Paola Venuso <pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>
>>                  <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx
>> >>
>>                           <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>
>>                  <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>>> <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>
>>                  <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx
>> >>
>>
>>                           <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx> <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>>>**>__>
>>
>>
>>
>>                                I typed wrong the name of the version,
>>         I've already
>>                           installed the
>>                                latest version. Anyway I tried out direct
>>                  communications as you
>>                                said, with different configurations, but
>>         with no
>>                  success.
>>                           I'm sorry
>>                                to bother you but I don't know what else
>>         to do. I
>>                  read the
>>                           manual
>>                                several times but obviously I'm still
>> missing
>>                  something. Maybe
>>                                something about hipl firewall?
>>
>>                                Thanks for your help.
>>
>>
>>
>>
>>                                2013/10/8 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>                           <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>
>>                           <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>>>>
>>
>>
>>
>>                                    Hi Paola,
>>
>>
>>                                    On 10/08/2013 01:44 PM, Paola Venuso
>>         wrote:
>>
>>                                        Hi Miika,
>>                                        Thanks for the quik answer. I'll
>>         try what
>>                  you said.
>>                           About
>>                                        the latest
>>                                        version, where can I find it? I
>>         downloaded
>>                  the hipl
>>                           1.0.7
>>                                        release from
>>                                        the infrahip site but I saw
>>         nothing about the
>>                           latest version.
>>
>>                                        Thank you very much,
>>
>>
>>                                    Source code:
>>
>>         
>> http://hipl.hiit.fi/index.php?**________index=source<http://hipl.hiit.fi/index.php?________index=source>
>>         
>> <http://hipl.hiit.fi/index.**php?______index=source<http://hipl.hiit.fi/index.php?______index=source>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?____index=source<http://hipl.hiit.fi/index.__php?____index=source>
>>         
>> <http://hipl.hiit.fi/index.**php?____index=source<http://hipl.hiit.fi/index.php?____index=source>
>> >>
>>
>>           
>> <http://hipl.hiit.fi/index.___**_php?__index=source<http://hipl.hiit.fi/index.____php?__index=source>
>>         
>> <http://hipl.hiit.fi/index.__**php?__index=source<http://hipl.hiit.fi/index.__php?__index=source>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?__index=source<http://hipl.hiit.fi/index.__php?__index=source>
>>         
>> <http://hipl.hiit.fi/index.**php?__index=source<http://hipl.hiit.fi/index.php?__index=source>
>> >>>
>>
>>
>>                    
>> <http://hipl.hiit.fi/index.___**___php?index=source<http://hipl.hiit.fi/index.______php?index=source>
>>         
>> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source>
>> >
>>                  
>> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source>
>>         
>> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source>
>> >>
>>
>>
>>
>>           
>> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source>
>>         
>> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source>
>>         
>> <http://hipl.hiit.fi/index.**php?index=source<http://hipl.hiit.fi/index.php?index=source>
>> >>>>
>>
>>                                    There are multiple ways to get HIPL
>>         source
>>                  code: binary
>>                           release,
>>                                    bazaar and the nightly tarball.
>>
>>                                    The binaries are here:
>>
>>         
>> http://hipl.hiit.fi/index.php?**________index=download<http://hipl.hiit.fi/index.php?________index=download>
>>         
>> <http://hipl.hiit.fi/index.**php?______index=download<http://hipl.hiit.fi/index.php?______index=download>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?____index=download<http://hipl.hiit.fi/index.__php?____index=download>
>>         
>> <http://hipl.hiit.fi/index.**php?____index=download<http://hipl.hiit.fi/index.php?____index=download>
>> >>
>>
>>           
>> <http://hipl.hiit.fi/index.___**_php?__index=download<http://hipl.hiit.fi/index.____php?__index=download>
>>         
>> <http://hipl.hiit.fi/index.__**php?__index=download<http://hipl.hiit.fi/index.__php?__index=download>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?__index=download<http://hipl.hiit.fi/index.__php?__index=download>
>>         
>> <http://hipl.hiit.fi/index.**php?__index=download<http://hipl.hiit.fi/index.php?__index=download>
>> >>>
>>
>>                    
>> <http://hipl.hiit.fi/index.___**___php?index=download<http://hipl.hiit.fi/index.______php?index=download>
>>         
>> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download>
>> >
>>                  
>> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download>
>>         
>> <http://hipl.hiit.fi/index.__**php?index=download<http://hipl.hiit.fi/index.__php?index=download>
>> >>
>>
>>           
>> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download>
>>         
>> <http://hipl.hiit.fi/index.__**php?index=download<http://hipl.hiit.fi/index.__php?index=download>
>> >
>>                  
>> <http://hipl.hiit.fi/index.__**php?index=download<http://hipl.hiit.fi/index.__php?index=download>
>>         
>> <http://hipl.hiit.fi/index.**php?index=download<http://hipl.hiit.fi/index.php?index=download>
>> >>>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>

Other related posts: