[hipl-users] Re: Problems with RVS

  • From: Paola Venuso <pa.venuso@xxxxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Sun, 20 Oct 2013 00:43:30 +0200

Hi Miika,

thank you for re-enabling the service. I tried the connection with IPv4 and
as you expected it didn't work.
To priorize the IPv6 addresses I edited gai.conf file uncommenting the
lines:

label ::1/128       0
label ::/0          1
label 2002::/16     2
label ::/96         3
label ::ffff:0:0/96 4
label fec0::/10     5
label fc00::/7      6

I tested IPv6 visiting ipv6-test.com that gave me this result:

When both protocols are available, your browser uses
IPv6
 Your internet connection is IPv6 capable
2001:0:53aa:64c:807:6e66:a269:1d27
[?<http://db-ip.com/2001%3A0%3A53aa%3A64c%3A807%3A6e66%3Aa269%3A1d27>
]

Address type is
Teredo <http://wikipedia.org/wiki/Teredo_tunneling>
Tunneling from *93.150.226.216:37273* (server *83.170.6.76*)

So I guess this part is ok.
Then I registered to crossroads using its IPv6 address and tried nc6
connection from the initiator. Previously at the initiator  I edited
/etc/hosts (in wich I included IPv6 address of crossroads and the responder
hostname) and /etc/hip/hosts (in wich I included HIT and hostname of the
responder) and also restarted both machines. But the initiator couldn't
reach the responder.
Did I do something wrong?

Thanks,

Paola



2013/10/19 Miika Komu <mkomu@xxxxxxxxx>

> Hi Paola,
>
> I have re-enabled RVS functionality in crossroads and ashenvale now.
> Please bare in mind that a IPv4-over-UDP base exchange may not work because
> your NAT may block it (Teredo may be needed).
>
>
> On 10/19/2013 04:51 PM, Paola Venuso wrote:
>
>> Hi Miika,
>>
>> I read on the manual that crossroads could have been used as rvs. This
>> is written above the table in which are indicated the addresses of the
>> test servers. Maybe I misunderstood what is written.
>> Anyway I'm installing ubuntu on another computer and trying to configure
>> the server myself.
>>
>> Thanks again,
>>
>> Paola
>>
>> Il giorno 19/ott/2013 14:40, "Miika Komu" <mkomu@xxxxxxxxx
>> <mailto:mkomu@xxxxxxxxx>> ha scritto:
>>
>>
>>     Hi Paolo,
>>
>>     crossroads is not configured to act as a rendezvous (or relay). You
>>     should deploy and install your own rendezvous server. When you have
>>     done so, you will see some additional registration information in
>>     hipconf output at the responder and then also the initiator succeeds
>>     with the base exchange.
>>
>>     On 10/18/2013 09:44 PM, Paola Venuso wrote:
>>
>>         Hi Miika,
>>
>>         I replaced Windows with Ubuntu on my PCs and now the simple
>>         connection
>>         between the two hosts works perfectly! :D
>>         But I have problems with RVS. I tried registering with
>>         crossoroads.infrahip.net 
>> <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>> >
>>         <http://crossoroads.infrahip._**_net
>>
>>         <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>>>
>> and then
>>         started the connection (using different configuration). Only I1
>>         packet
>>         was sent. I stopped the connection and run "hipconf daemon get
>>         ha all".
>>         At the responder I had this output:
>>
>>         paola@ProBook:~$ hipconf daemon get ha all
>>         Sending user message 22 to HIPD on socket 3
>>         Sent 40 bytes
>>         Waiting to receive daemon info.
>>         240 bytes received from HIP daemon.
>>         HA is ESTABLISHED
>>            Shotgun mode is off.
>>            Broadcast mode is off.
>>            Local HIT: 2001:0018:66b5:52d3:e479:7810:**__8446:133b
>>            Peer  HIT: 2001:001b:a9be:c6a6:34e5:8361:**__c07f:a990
>>
>>            Local LSI: 1.0.0.1
>>            Peer  LSI: 1.0.0.2
>>            Local IP: 192.168.1.210
>>            Local NAT traversal UDP port: 10500
>>            Peer  IP: 193.167.187.134
>>            Peer  NAT traversal UDP port: 10500
>>            Peer  hostname: crossroads.infrahip.net
>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>> >
>>         <http://crossroads.infrahip.__**net <http://crossroads.infrahip.*
>> *net <http://crossroads.infrahip.net>>>
>>
>>
>>
>>         While at the initiator I had this output:
>>
>>         paola@ProBook:~$ hipconf daemon get ha all
>>         Sending user message 22 to HIPD on socket 3
>>         Sent 40 bytes
>>         Waiting to receive daemon info.
>>         240 bytes received from HIP daemon.
>>         HA is I1-SENT
>>            Shotgun mode is off.
>>            Broadcast mode is off.
>>            Local HIT: 20011:0013:e87a:b8e4:68c8:__**258b:0fb4:68b8
>>            Peer  HIT: 2001:0018:66b5:52d3:e479:7810:**__8446:133b
>>
>>            Local LSI: 1.0.0.1
>>            Peer  LSI: 1.0.0.2
>>            Local IP: 192.168.1.184
>>            Local NAT traversal UDP port: 10500
>>            Peer  IP: 193.167.187.134
>>            Peer  NAT traversal UDP port: 10500
>>            Peer  hostname:
>>
>>         Thanks,
>>
>>         Paola
>>
>>
>>         2013/10/17 Paola Venuso <pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx> <mailto:pa.venuso@xxxxxxxxx
>>
>>         <mailto:pa.venuso@xxxxxxxxx>>>
>>
>>              Hi Miika,
>>
>>              the reason why I used virtual machines is that I couldn't
>>         use Linux
>>              as the host machine. But now I convinced myself to use it
>>         because
>>              this test I have to run is for the last part of my thesis
>>         in which I
>>              have to use InfraHIP implementation. About miredo
>>         configuration, I
>>              have the default one (I only installed the miredo packet as
>> the
>>              manual says) .
>>              Tonight I'm going to install Linux on my machines and then
>>         to try
>>              again the test. I hope everything would be ok. I'll let you
>>         know.
>>
>>              Thank you for everything,
>>
>>              Paola
>>
>>
>>              2013/10/17 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>>
>>
>>                  Hi Paola,
>>
>>                  (returning offline discussion to online)
>>
>>                  my guess of the origins of your problem is that the
>>         host machine
>>                  of your virtual machines is Windows, and it does not
>>         allow raw
>>                  sockets, even for virtual machines. This is probably
>>         the reason
>>                  why HIP-over-UDP-over-IPv4 works, but HIP-over-IPv6
>>         doesn't.
>>
>>                  If you really want to do NAT traversal with HIP, please
>>         consider:
>>
>>                  1. Using Linux (or OS-X) as the host machine (Linux
>>         live CD/USB
>>                  images are available)
>>                  2. Use HIP over UDP and IPv4, and employ the relay
>>         server as
>>                  instructed in the manual (the relay server requires a
>>         public
>>                  IPv4 address)
>>
>>                  Btw, your Teredo configuration is not fully functional
>>         because I
>>                  can't reach your VMs, even though you can reach by
>>         yourself.
>>
>>                  P.S. OpenHIP has some native support for Windows.
>>
>>
>>                  On 10/16/2013 07:45 PM, Paola Venuso wrote:
>>
>>                      Hi Miika,
>>
>>
>>                      at the initiator:
>>
>>                      paola2@ubuntu2:~$ lsmod|grep xfrm
>>                      xfrm_user              31160  1
>>                      xfrm_algo              14952  3 xfrm_user,esp6,esp4
>>                      xfrm6_mode_beet        12577  1
>>                      xfrm4_mode_beet        12498  1
>>
>>
>>
>>                      at the responder :
>>
>>                      paola@ubuntu:~$ lsmod|grep xfrm
>>                      xfrm_user              31160  1
>>                      xfrm_algo              14952  3 xfrm_user,esp6,esp4
>>                      xfrm6_mode_beet        12577  2
>>                      xfrm4_mode_beet        12498  2
>>
>>
>>                      Then I used ping6 with the server address and I
>>         could reach
>>                      it. I
>>                      invoked add map command and ping6 and waited for
>>         more then a
>>                      minute but
>>                      nothing happened so I stopped it:
>>
>>                      paola@ubuntu:~$ ping6
>>                      2001:10:5403:41fe:a5df:5f02:__**__9680:b6d2PING
>>
>>         2001:10:5403:41fe:a5df:5f02:__**__9680:b6d2(2001:10:5403:41fe:**
>> ____a5df:5f02:9680:b6d2)
>>                      56 data bytes
>>                      ^C
>>                      --- 2001:10:5403:41fe:a5df:5f02:__**__9680:b6d2 ping
>>
>>         statistics ---
>>                      222 packets transmitted, 0 received, 100% packet
>>         loss, time
>>                      221196ms
>>
>>                      paola@ubuntu:~$ hipconf daemon get ha all
>>                      Sending user message 22 to HIPD on socket 3
>>                      Sent 40 bytes
>>                      Waiting to receive daemon info.
>>                      240 bytes received from HIP daemon.
>>                      HA is I1-SENT
>>                         Shotgun mode is off.
>>                         Broadcast mode is off.
>>                         Local HIT:
>>         2001:0012:421d:99a0:005d:d60f:**____73b0:4407
>>                         Peer  HIT:
>>         2001:0010:5403:41fe:a5df:5f02:**____9680:b6d2
>>
>>                         Local LSI: 1.0.0.1
>>                         Peer  LSI: 1.0.0.2
>>                         Local IP:
>>         3ffe:0000:0000:0000:0000:0000:**____0000:0002
>>
>>                         Local NAT traversal UDP port: 0
>>                         Peer  IP:
>>         3ffe:0000:0000:0000:0000:0000:**____0000:0001
>>
>>                         Peer  NAT traversal UDP port: 0
>>                         Peer  hostname:
>>
>>
>>
>>
>>
>>
>>                      2013/10/16 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>
>>                      <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>                      <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
>>
>>
>>
>>                           Hi Paola,
>>
>>
>>                           On 10/16/2013 12:46 PM, Paola Venuso wrote:
>>
>>                               Hi Miika,
>>
>>                               I deleted the incorrect line with
>>         "hipconf" and
>>                      changed the
>>                               debug mode
>>                               to "all". I'm sending two emails with the
>>         output of
>>                      the debug
>>                               because
>>                               the message is too big.
>>
>>
>>                           What does "lsmod|grep xfrm" give you? It
>>         should be:
>>                           xfrm_user              35921  1
>>                           xfrm6_mode_beet        12658  7
>>                           xfrm4_mode_beet        12611  7
>>
>>
>>                               This is the output of the initiator
>>
>>
>>                           I failed to see any 3ffe::xx/64 addresses in
>>         the log.
>>                      Did you forget
>>                           to invoke "hipconf daemon add map"?
>>
>>                           Here's an example (please do not copy paste
>>         blindly,
>>                      you need to
>>                           change the addresses and interface names):
>>
>>                           server:
>>                              sudo ip addr add 3ffe::1/64 dev eth0 # add
>>         IPv6 addr
>>                      for server
>>
>>                           client:
>>                              sudo ip addr add 3ffe::2/64 dev eth0 # add
>>         IPv6 addr
>>                      for client
>>                              ping6 3ffe::2 # can you reach the server?
>>                              sudo hipconf daemon rst all # reset hipd
>>         daemon state
>>                              hipconf daemon add map
>>                      2001:15:e156:8a78:3226:dbaa:__**____f2ff:ed06
>>                           3ffe::1
>>                              ping6
>>         2001:15:e156:8a78:3226:dbaa:__**____f2ff:ed06
>>
>>
>>                              <wait for one minute>
>>                              PING
>>
>>
>>         2001:15:e156:8a78:3226:dbaa:__**____f2ff:ed06(2001:15:e156:**
>> 8a78:______3226:dbaa:f2ff:**ed06)
>>
>>                           56 data bytes
>>                           64 bytes from
>>                      2001:15:e156:8a78:3226:dbaa:__**____f2ff:ed06:
>> icmp_seq=2
>>
>>                           ttl=64 time=29.8 ms
>>                           64 bytes from
>>                      2001:15:e156:8a78:3226:dbaa:__**____f2ff:ed06:
>> icmp_seq=3
>>
>>
>>                           ttl=64 time=47.5 ms
>>
>>                           I'd like to see "hipconf daemon get ha all"
>> output
>>                      after this.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>

Other related posts: