Sorry, HIP over IPv6 didn't work. Il giorno 14/ott/2013 16:04, "Miika Komu" <mkomu@xxxxxxxxx> ha scritto: > Hi Paola, > > what didn't work? Directly IPv6 or HIP-over-IPv6? > > On 10/14/2013 04:58 PM, Paola Venuso wrote: > >> Hi Miika, >> >> Yes, I did. But it didn't work. >> >> Il giorno 14/ott/2013 15:40, "Miika Komu" <mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx>> ha scritto: >> >> Hi Paola, >> >> it seems that you got HIP working with IPv4 locators. Did you try >> with two locally configured IPv6 locators (3ffe::x/64)? >> >> On 10/14/2013 02:13 PM, Paola Venuso wrote: >> >> Hi Miika, >> >> I checked and I think my site firewall isn't blocking Teredo >> traffic. >> Anyway this is the output: >> >> paola@ubuntu:~$ dig -t aaaa www.google.com >> <http://www.google.com> <http://www.google.com> >> >> ; <<>> DiG 9.8.1-P1 <<>> -t aaaa www.google.com >> <http://www.google.com> <http://www.google.com> >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27694 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, >> ADDITIONAL: 0 >> >> ;; QUESTION SECTION: >> ;www.google.com <http://www.google.com> <http://www.google.com>. >> IN AAAA >> >> ;; ANSWER SECTION: >> www.google.com <http://www.google.com> <http://www.google.com>. >> 300 IN AAAA >> 2a00:1450:4002:804::1010 >> >> ;; Query time: 165 msec >> ;; SERVER: 127.0.0.53#53(127.0.0.53) >> ;; WHEN: Mon Oct 14 03:22:40 2013 >> ;; MSG SIZE rcvd: 60 >> >> >> paola@ubuntu:~$ ping6 2a00:1450:4010:c04::68 >> PING 2a00:1450:4010:c04::68(2a00:__**1450:4010:c04::68) 56 data >> bytes >> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=1 ttl=55 time=371 >> ms >> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=2 ttl=55 time=110 >> ms >> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=3 ttl=55 time=110 >> ms >> ^C >> --- 2a00:1450:4010:c04::68 ping statistics --- >> 3 packets transmitted, 3 received, 0% packet loss, time 2004ms >> rtt min/avg/max/mdev = 110.529/197.440/371.075/122.__**778 ms >> >> >> >> paola@ubuntu:~$ ip route get 2a00:1450:4010:c04::68 >> 2a00:1450:4010:c04::68 from :: via 2a00:1450:4010:c04::68 dev >> teredo >> src 2001:0:53aa:64c:2cb6:3c14:__**4367:467f metric 0 >> cache >> >> >> I also tried with your test machine: >> >> paola@ubuntu:~$ ping6 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91 >> PING >> 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91(2001:0:53aa:64c:__** >> 3026:52b2:ad4a:8b91) >> 56 data bytes >> 64 bytes from 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91: icmp_seq=1 >> ttl=64 >> time=243 ms >> 64 bytes from 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91: icmp_seq=2 >> ttl=64 >> time=112 ms >> ^C >> --- 2001:0:53aa:64c:3026:52b2:__**ad4a:8b91 ping statistics --- >> 2 packets transmitted, 2 received, 0% packet loss, time 1000ms >> rtt min/avg/max/mdev = 112.229/177.819/243.410/65.591 ms >> >> >> >> >> Then I tried in my network: >> >> - with eth0 I got only I1 packet >> - with Teredo I got "destination unreachable" error >> >> And when I stopped ping6 there was 100% of packet loss. I also >> tried to >> edit manually the hosts files with different configuration but >> the same >> happened. >> >> Thanks, >> >> Paola >> >> >> >> 2013/10/12 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> >> >> Hi Paola, >> >> initially, Teredo traffic is forwarded through a Teredo >> server to >> guaranteee NAT traversal and then miredo software tries to >> pinhole >> the NAT. My guess is that your *site* firewall is blocking >> the >> inital messages with the Teredo server. You can double >> check this as >> follows: >> >> mkomu@bling:~$ dig -t aaaa www.google.com >> <http://www.google.com> <http://www.google.com> >> >> ; <<>> DiG 9.8.1-P1 <<>> -t aaaa www.google.com >> <http://www.google.com> <http://www.google.com> >> ;; global options: +cmd >> ;; Got answer: >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12399 >> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, >> ADDITIONAL: 0 >> >> ;; QUESTION SECTION: >> ;www.google.com <http://www.google.com> >> <http://www.google.com>. IN >> AAAA >> >> ;; ANSWER SECTION: >> www.google.com <http://www.google.com> <http://www.google.com>. >> 214 IN AAAA >> 2a00:1450:4010:c03::93 >> >> ;; Query time: 333 msec >> ;; SERVER: 193.229.0.40#53(193.229.0.40) >> ;; WHEN: Sat Oct 12 14:20:35 2013 >> ;; MSG SIZE rcvd: 60 >> >> mkomu@bling:~$ ping6 2a00:1450:4010:c04::68 >> PING 2a00:1450:4010:c04::68(2a00:__**__1450:4010:c04::68) 56 >> data bytes >> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=1 ttl=55 >> time=1363 ms >> 64 bytes from 2a00:1450:4010:c04::68: icmp_seq=2 ttl=55 >> time=441 ms >> ^C >> --- 2a00:1450:4010:c04::68 ping statistics --- >> 2 packets transmitted, 2 received, 0% packet loss, time >> 1000ms >> rtt min/avg/max/mdev = 441.913/902.595/1363.277/460._** >> ___682 >> ms, pipe 2 >> mkomu@bling:~$ ip route get 2a00:1450:4010:c04::68 >> 2a00:1450:4010:c04::68 from :: via 2a00:1450:4010:c04::68 >> dev teredo >> src 2001:0:53aa:64c:473:6a2c:ab19:**____60e3 metric 0 >> >> If this does not work for you, it probably means that the >> firewall >> your site is blocking Teredo. You can contact your site >> administrator to open the UDP port 3544. >> >> You can also try the >> 2001:0:53aa:64c:3026:52b2:____**ad4a:8b91 (my test >> machine) which is actually behind a real NAT unlike the >> google >> server. If you can reach google server, but not mine, it >> most likely >> means that either of us is using a p2p-incompatible NAT. >> >> You can also try e.g. 3ffe::x/64 address space for local >> experiments >> in your local LAN (or WLAN). Just configure it to the eth0 >> (or other >> device) for two machines and try pinging each other. >> >> >> On 10/11/2013 09:03 PM, Paola Venuso wrote: >> >> Hi Miika, >> >> I uncommented the line "Bindport 3545" in file >> miredo.conf as I >> read on >> the man page of miredo and checked ufw files for rules >> blocking IPv6 >> traffic (I uncommented two about forwarding, the others >> about >> enabling >> this traffic were already uncommented). Then I tried >> ping6 the >> locators >> and I got the message: unknown host. >> Also I tried manual set up with IPv4-based locators, as >> you >> wrote me, >> and my host exchanged HIP UPDATE and I1, R1, I2, R2 >> packets with >> another >> host, with address193.167.187.149, that I don't know >> but I guess >> maybe >> it's one of infrahip servers. >> Anyway, I am not sure I checked correctly for rules >> about IPv6 >> traffic. >> What should I do about this? Could all this problems be >> connected also >> with virtual machine net configuration? It is NAT by >> default, >> but there >> are some other options. >> >> Thanks for all the help you're giving to me. >> >> Paola >> >> >> 2013/10/11 Miika Komu <mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>> >> >> >> Hi Paola, >> >> it seems your installation is fine. Base on my own >> experiences, I >> think that a middlebox (firewall) is blocking your >> IPv6 >> traffic (in >> the case of Teredo it's UDP port 3544). Did you try >> to >> ping6 the >> routable addresses (locators)? >> >> I also recommend trying a manual set up with >> IPv4-based >> locators as >> follows: >> >> hipconf daemon rst all >> hipconf daemon add map PEER_HIT PEER_IPV4_ADDRESS >> ping6 PEER_HIT >> >> >> On 10/10/2013 12:42 AM, Paola Venuso wrote: >> >> Hi Miika, >> >> hipd is running at the responder, the firewall >> is not >> blocking HIP >> traffic and I don't use redhat-based distro. >> This is the output of the commands from the >> manual: >> >> paola@ubuntu:~$ dpkg -l 'hipl*' >> Desired=Unknown/Install/______** >> Remove/Purge/Hold >> | >> >> >> Status=Not/Inst/Conf-files/___**___Unpacked/halF-conf/Half-** >> inst/______trig-aWait/Trig-**pend >> >> |/ Err?=(none)/Reinst-required (Status,Err: >> uppercase=bad) >> ||/ Nome Versione Descrizione >> >> >> +++-==============-===========**______===-====================** >> ==__==__==__================== >> >> ii hipl-all 1.0.8-6429 HIP for >> Linux full >> software bundle >> ii hipl-daemon 1.0.8-6429 HIP for >> Linux IPsec key >> management and >> mobil >> ii hipl-dnsproxy 1.0.8-6429 HIP for >> Linux name >> lookup proxy >> ii hipl-doc 1.0.8-6429 HIP for Linux >> documentation >> ii hipl-firewall 1.0.8-6429 HIP for Linux >> multi-purpose >> firewall >> daemon >> un hipl-minimal <nessuna> (nessuna >> descrizione >> disponibile) >> un hipl-tools <nessuna> (nessuna >> descrizione >> disponibile) >> paola@ubuntu:~$ hipconf daemon get ha all >> Sending user message 22 to HIPD on socket 3 >> Sent 40 bytes >> Waiting to receive daemon info. >> 240 bytes received from HIP daemon. >> HA is I1-SENT >> Shotgun mode is off. >> Broadcast mode is off. >> Local HIT: >> 2001:0012:421d:99a0:005d:d60f:**______73b0:4407 >> Peer HIT: >> 2001:001a:2a72:f01c:d98e:311c:**______c76a:57c4 >> >> Local LSI: 1.0.0.1 >> Peer LSI: 1.0.0.2 >> Local IP: >> 2001:0000:53aa:064c:2cde:3e12:**______4367:467f >> >> Local NAT traversal UDP port: 10500 >> Peer IP: >> 2001:0708:0140:0220:0000:0000:**______0000:0016 >> >> Peer NAT traversal UDP port: 10500 >> Peer hostname: >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> paola@ubuntu:~$ uname -a >> Linux ubuntu 3.5.0-41-generic >> #64~precise1-Ubuntu SMP >> Thu Sep 12 >> 17:01:55 UTC 2013 i686 i686 i386 GNU/Linux >> paola@ubuntu:~$ lsb_release -a >> No LSB modules are available. >> Distributor ID: Ubuntu >> Description: Ubuntu 12.04.3 LTS >> Release: 12.04 >> Codename: precise >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> paola@ubuntu:~$ cat /etc/hip/hipd.conf >> # Format of this file is as with hipconf, but >> without >> "hipconf >> daemon" >> prefix >> # add hi default # add all four HITs (see >> bug id 592127) >> # add map HIT IP # preload some HIT-to-IP >> mappings >> to hipd >> # add service rvs # the host acts as HIP >> rendezvous >> (also see >> relay.conf) >> # add server rvs [RVS-HIT] <RVS-IP-OR-HOSTNAME> >> <lifetime-secs> # >> register to rendezvous server >> # add server relay [RELAY-HIT] >> <RVS-IP-OR-HOSTNAME> >> <lifetime-secs> # >> register to relay server >> # add server full-relay [RELAY-HIT] >> <RVS-IP-OR-HOSTNAME> >> <lifetime-secs> >> # register to relay server >> hit-to-ip on # resolve HITs to locators in >> dynamic DNS zone >> # hit-to-ip set hit-to-ip.infrahip.net >> <http://hit-to-ip.infrahip.net**> >> >> <http://hit-to-ip.infrahip.**net__<http://hit-to-ip.infrahip.net__> >> > >> <http://hit-to-ip.infrahip.__**net__ >> <http://hit-to-ip.infrahip.**net__<http://hit-to-ip.infrahip.net__> >> >> >> <http://hit-to-ip.infrahip.___**_net__ >> <http://hit-to-ip.infrahip.__**net__ >> <http://hit-to-ip.infrahip.**net__<http://hit-to-ip.infrahip.net__> >> >>>. >> >> >> # resolve HITs to locators in dynamic DNS zone >> nsupdate on # send dynamic DNS updates >> # add server rvs hiprvs.infrahip.net >> <http://hiprvs.infrahip.net> >> <http://hiprvs.infrahip.net> >> <http://hiprvs.infrahip.net> >> <http://hiprvs.infrahip.net> 50000 >> >> >> # Register to free RVS at infrahip >> # heartbeat 10 # send ICMPv6 messages inside >> HIP tunnels >> # locator on # host sends all of its >> locators in >> base >> exchange >> # shotgun on # use all possible src/dst IP >> combinations >> to send >> I1/UPDATE >> # broadcast on # broadcast to LAN if no >> matching IP >> address found >> # opp normal|advanced|none >> # transform order 213 # crypto preference >> order (1=AES, >> 2=3DES, >> 3=NULL) >> nat plain-udp # use UDP capsulation (for >> NATted >> environments) >> #nat port local 11111 # change local default >> UDP port >> #nat port peer 22222 # change local peer UDP >> port >> debug medium # debug verbosity: all, >> medium, low >> or none >> default-hip-version 1 # default HIP version >> number for >> the I1 >> message. >> (1=HIPv1, 2=HIPv2) >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> paola@ubuntu:~$ sudo iptables -L -n >> Chain INPUT (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-INPUT all -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT 139 -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT 139 -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT udp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> udp spt:10500 >> ACCEPT esp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT icmpv6-- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT all -- 1.0.0.0/8 >> <http://1.0.0.0/8> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> <http://1.0.0.0/8> 1.0.0.0/8 >> <http://1.0.0.0/8> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> >> >> Chain FORWARD (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-FORWARD all -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> >> >> Chain OUTPUT (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-OUTPUT all -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT 139 -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT udp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> udp dpt:10500 >> ACCEPT esp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT icmpv6-- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> ACCEPT all -- 1.0.0.0/8 >> <http://1.0.0.0/8> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> <http://1.0.0.0/8> 1.0.0.0/8 >> <http://1.0.0.0/8> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> >> >> Chain HIPFW-FORWARD (1 references) >> target prot opt source >> destination >> >> Chain HIPFW-INPUT (1 references) >> target prot opt source >> destination >> NFQUEUE udp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> udp spt:10500 >> NFQUEUE num 0 >> NFQUEUE udp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> udp dpt:10500 >> NFQUEUE num 0 >> NFQUEUE esp -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> NFQUEUE num 0 >> >> >> Chain HIPFW-OUTPUT (1 references) >> target prot opt source >> destination >> NFQUEUE all -- 0.0.0.0/0 >> <http://0.0.0.0/0> <http://0.0.0.0/0> >> <http://0.0.0.0/0> >> <http://0.0.0.0/0> 1.0.0.0/8 >> <http://1.0.0.0/8> <http://1.0.0.0/8> >> <http://1.0.0.0/8> >> <http://1.0.0.0/8> NFQUEUE num 0 >> >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> >> paola@ubuntu:~$ sudo ip6tables -L -n >> Chain INPUT (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-INPUT all ::/0 ::/0 >> ACCEPT all 2001:10::/28 >> 2001:10::/28 >> >> Chain FORWARD (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-FORWARD all ::/0 >> ::/0 >> >> Chain OUTPUT (policy ACCEPT) >> target prot opt source >> destination >> HIPFW-OUTPUT all ::/0 ::/0 >> ACCEPT all 2001:10::/28 >> 2001:10::/28 >> >> Chain HIPFW-FORWARD (1 references) >> target prot opt source >> destination >> >> Chain HIPFW-INPUT (1 references) >> target prot opt source >> destination >> NFQUEUE esp ::/0 ::/0 >> NFQUEUE num 1 >> NFQUEUE all ::/0 >> 2001:10::/28 >> NFQUEUE num 1 >> >> Chain HIPFW-OUTPUT (1 references) >> target prot opt source >> destination >> NFQUEUE udp ::/0 >> 2001:10::/28 >> NFQUEUE num 1 >> NFQUEUE icmp ::/0 >> 2001:10::/28 >> NFQUEUE num 1 >> NFQUEUE tcp ::/0 >> 2001:10::/28 >> NFQUEUE num 1 >> NFQUEUE icmpv6 ::/0 >> 2001:10::/28 >> NFQUEUE num 1 >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> paola@ubuntu:~$ ps axu | grep hip >> nobody 1002 0.0 0.1 4980 2004 ? S >> 14:21 0:00 >> /usr/sbin/hipd -bkN >> nobody 1092 0.0 0.1 5116 1220 ? S >> 14:21 0:00 >> /usr/sbin/hipfw -bklpFi >> root 1477 0.0 0.6 10860 6576 ? S >> 14:21 0:00 >> python >> /usr/sbin/hipdnsproxy -k >> root 3144 0.0 0.0 0 0 ? Z >> 14:22 0:00 >> [hipconf] <defunct> >> paola 3304 0.0 0.0 4412 832 pts/0 >> S+ >> 14:32 0:00 >> grep >> --color=auto hip >> >> >> >> ------------------------------**______------------------------** >> --__--__--__------------------**----__----__----__------------** >> ------__------__------ >> >> >> paola@ubuntu:~$ ps axu | grep dns >> root 1477 0.0 0.6 10860 6576 ? S >> 14:21 0:00 >> python >> /usr/sbin/hipdnsproxy -k >> nobody 2155 0.0 0.1 5400 1388 ? S >> 14:21 0:00 >> /usr/sbin/dnsmasq --no-resolv >> --keep-in-foreground >> --no-hosts >> --bind-interfaces >> >> >> --pid-file=/var/run/sendsigs._**_____omit.d/network-manager.__** >> ____dnsmasq.pid >> --listen-address=127.0.0.1 >> --conf-file=/var/run/nm-dns-__** >> ____dnsmasq.conf >> --cache-size=0 --proxy-dnssec --enable-dbus >> --conf-dir=/etc/______** >> NetworkManager/dnsmasq.d >> >> paola 3307 0.0 0.0 4412 836 pts/0 >> S+ >> 14:32 0:00 >> grep >> --color=auto dns >> >> >> Thanks a lot, >> >> Paola >> >> >> 2013/10/9 Miika Komu <mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> >> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>> >> >> >> Hi Paola, >> >> please provide some more information as >> instructed >> in the >> manual: >> >> >> http://hipl.hiit.fi/hipl/_____**___manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/________manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/____**__manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/______manual/HOWTO.html#quick> >> > >> <http://hipl.hiit.fi/hipl/____** >> __manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/______manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> >> >> >> >> <http://hipl.hiit.fi/hipl/____**__manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/______manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> > >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick> >> >>> >> >> >> >> >> >> <http://hipl.hiit.fi/hipl/____**__manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/______manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> > >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick> >> >> >> >> >> <http://hipl.hiit.fi/hipl/____**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/____manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick> >> > >> >> <http://hipl.hiit.fi/hipl/__**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/__manual/HOWTO.html#quick> >> >> <http://hipl.hiit.fi/hipl/**manual/HOWTO.html#quick<http://hipl.hiit.fi/hipl/manual/HOWTO.html#quick> >> >>>> >> >> Some additional questions: >> >> * Are running hipd at the responder? >> * Is there a firewall blocking HIP traffic >> (default UDP >> port 10500) >> * If you use redhat-based distro, have you >> disabled SElinux >> (please >> refer to the manual)? >> >> >> On 10/09/2013 12:27 PM, Paola Venuso wrote: >> >> Hi, >> I have an update. I tried again direct >> communication >> and now the >> initiator can send the I1 packet. I >> tried also >> with Teredo >> addresses but >> its the same, I can see only I1 packet. >> >> >> 2013/10/8 Paola Venuso >> <pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx >> >> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx>>> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx >> >> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx>>>**> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx >> >> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx>>> >> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx>> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx> >> <mailto:pa.venuso@xxxxxxxxx >> <mailto:pa.venuso@xxxxxxxxx>>>**>__>__> >> >> >> >> I typed wrong the name of the >> version, >> I've already >> installed the >> latest version. Anyway I tried >> out direct >> communications as you >> said, with different >> configurations, but >> with no >> success. >> I'm sorry >> to bother you but I don't know >> what else >> to do. I >> read the >> manual >> several times but obviously I'm >> still missing >> something. Maybe >> something about hipl firewall? >> >> Thanks for your help. >> >> >> >> >> 2013/10/8 Miika Komu >> <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx>>> >> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>> >> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> >> >> <mailto:mkomu@xxxxxxxxx >> <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx> >> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>>> >> >> >> >> Hi Paola, >> >> >> On 10/08/2013 01:44 PM, >> Paola Venuso >> wrote: >> >> Hi Miika, >> Thanks for the quik >> answer. I'll >> try what >> you said. >> About >> the latest >> version, where can I >> find it? I >> downloaded >> the hipl >> 1.0.7 >> release from >> the infrahip site but I >> saw >> nothing about the >> latest version. >> >> Thank you very much, >> >> >> Source code: >> >> >> http://hipl.hiit.fi/index.php?**__________index=source<http://hipl.hiit.fi/index.php?__________index=source> >> >> <http://hipl.hiit.fi/index.**php?________index=source<http://hipl.hiit.fi/index.php?________index=source> >> > >> >> <http://hipl.hiit.fi/index.__**php?______index=source<http://hipl.hiit.fi/index.__php?______index=source> >> >> <http://hipl.hiit.fi/index.**php?______index=source<http://hipl.hiit.fi/index.php?______index=source> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_php?____index=source<http://hipl.hiit.fi/index.____php?____index=source> >> >> <http://hipl.hiit.fi/index.__**php?____index=source<http://hipl.hiit.fi/index.__php?____index=source> >> > >> >> <http://hipl.hiit.fi/index.__**php?____index=source<http://hipl.hiit.fi/index.__php?____index=source> >> >> <http://hipl.hiit.fi/index.**php?____index=source<http://hipl.hiit.fi/index.php?____index=source> >> >>> >> >> >> <http://hipl.hiit.fi/index.___**___php?__index=source<http://hipl.hiit.fi/index.______php?__index=source> >> >> <http://hipl.hiit.fi/index.___**_php?__index=source<http://hipl.hiit.fi/index.____php?__index=source> >> > >> >> <http://hipl.hiit.fi/index.___**_php?__index=source<http://hipl.hiit.fi/index.____php?__index=source> >> >> <http://hipl.hiit.fi/index.__**php?__index=source<http://hipl.hiit.fi/index.__php?__index=source> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_php?__index=source<http://hipl.hiit.fi/index.____php?__index=source> >> >> <http://hipl.hiit.fi/index.__**php?__index=source<http://hipl.hiit.fi/index.__php?__index=source> >> > >> >> <http://hipl.hiit.fi/index.__**php?__index=source<http://hipl.hiit.fi/index.__php?__index=source> >> >> <http://hipl.hiit.fi/index.**php?__index=source<http://hipl.hiit.fi/index.php?__index=source> >> >>>> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_____php?index=source<http://hipl.hiit.fi/index.________php?index=source> >> >> <http://hipl.hiit.fi/index.___**___php?index=source<http://hipl.hiit.fi/index.______php?index=source> >> > >> >> <http://hipl.hiit.fi/index.___**___php?index=source<http://hipl.hiit.fi/index.______php?index=source> >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> >> >> >> >> <http://hipl.hiit.fi/index.___**___php?index=source<http://hipl.hiit.fi/index.______php?index=source> >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> > >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> >> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source> >> >>> >> >> >> >> >> <http://hipl.hiit.fi/index.___**___php?index=source<http://hipl.hiit.fi/index.______php?index=source> >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> > >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> >> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_php?index=source<http://hipl.hiit.fi/index.____php?index=source> >> >> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source> >> > >> >> <http://hipl.hiit.fi/index.__**php?index=source<http://hipl.hiit.fi/index.__php?index=source> >> >> <http://hipl.hiit.fi/index.**php?index=source<http://hipl.hiit.fi/index.php?index=source> >> >>>>> >> >> There are multiple ways to >> get HIPL >> source >> code: binary >> release, >> bazaar and the nightly >> tarball. >> >> The binaries are here: >> >> >> http://hipl.hiit.fi/index.php?**__________index=download<http://hipl.hiit.fi/index.php?__________index=download> >> >> <http://hipl.hiit.fi/index.**php?________index=download<http://hipl.hiit.fi/index.php?________index=download> >> > >> >> <http://hipl.hiit.fi/index.__**php?______index=download<http://hipl.hiit.fi/index.__php?______index=download> >> >> <http://hipl.hiit.fi/index.**php?______index=download<http://hipl.hiit.fi/index.php?______index=download> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_php?____index=download<http://hipl.hiit.fi/index.____php?____index=download> >> >> <http://hipl.hiit.fi/index.__**php?____index=download<http://hipl.hiit.fi/index.__php?____index=download> >> > >> >> <http://hipl.hiit.fi/index.__**php?____index=download<http://hipl.hiit.fi/index.__php?____index=download> >> >> <http://hipl.hiit.fi/index.**php?____index=download<http://hipl.hiit.fi/index.php?____index=download> >> >>> >> >> <http://hipl.hiit.fi/index.___** >> ___php?__index=download<http://hipl.hiit.fi/index.______php?__index=download> >> >> <http://hipl.hiit.fi/index.___**_php?__index=download<http://hipl.hiit.fi/index.____php?__index=download> >> > >> >> <http://hipl.hiit.fi/index.___**_php?__index=download<http://hipl.hiit.fi/index.____php?__index=download> >> >> <http://hipl.hiit.fi/index.__**php?__index=download<http://hipl.hiit.fi/index.__php?__index=download> >> >> >> >> >> <http://hipl.hiit.fi/index.___**_php?__index=download<http://hipl.hiit.fi/index.____php?__index=download> >> >> <http://hipl.hiit.fi/index.__**php?__index=download<http://hipl.hiit.fi/index.__php?__index=download> >> > >> >> <http://hipl.hiit.fi/index.__**php?__index=download<http://hipl.hiit.fi/index.__php?__index=download> >> >> <http://hipl.hiit.fi/index.**php?__index=download<http://hipl.hiit.fi/index.php?__index=download> >> >>>> >> >> >> >> <http://hipl.hiit.fi/index.___**_____php?index=download<http://hipl.hiit.fi/index.________php?index=download> >> >> <http://hipl.hiit.fi/index.___**___php?index=download<http://hipl.hiit.fi/index.______php?index=download> >> > >> >> <http://hipl.hiit.fi/index.___**___php?index=download<http://hipl.hiit.fi/index.______php?index=download> >> >> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download> >> >> >> >> >> <http://hipl.hiit.fi/index.___**___php?index=download<http://hipl.hiit.fi/index.______php?index=download> >> >> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download> >> > >> >> <http://hipl.hiit.fi/index.___**_php?index=download<http://hipl.hiit.fi/index.____php?index=download> >> >> <http://hipl.hiit.fi/index.__**php?index=download<http://hipl.hiit.fi/index.__php?index=download> >> >>> > > ...