Hi Miika,
thank you for re-enabling the service. I tried the connection with IPv4
and as you expected it didn't work.
To priorize the IPv6 addresses I edited gai.conf file uncommenting the
lines:
label ::1/128 0
label ::/0 1
label 2002::/16 2
label ::/96 3
label ::ffff:0:0/96 4
label fec0::/10 5
label fc00::/7 6
I tested IPv6 visiting ipv6-test.com <http://ipv6-test.com> that gave me
this result:
When both protocols are available, your browser uses
IPv6
Your internet connection is IPv6 capable
2001:0:53aa:64c:807:6e66:a269:1d27^ [?
<http://db-ip.com/2001%3A0%3A53aa%3A64c%3A807%3A6e66%3Aa269%3A1d27>]
Address type is
Teredo <http://wikipedia.org/wiki/Teredo_tunneling>
Tunneling from *93.150.226.216:37273 <http://93.150.226.216:37273>*
(server *83.170.6.76*)
So I guess this part is ok.
Then I registered to crossroads using its IPv6 address and tried nc6
connection from the initiator. Previously at the initiator I edited
/etc/hosts (in wich I included IPv6 address of crossroads and the
responder hostname) and /etc/hip/hosts (in wich I included HIT and
hostname of the responder) and also restarted both machines. But the
initiator couldn't reach the responder.
Did I do something wrong?
Thanks,
Paola
2013/10/19 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
Hi Paola,
I have re-enabled RVS functionality in crossroads and ashenvale now.
Please bare in mind that a IPv4-over-UDP base exchange may not work
because your NAT may block it (Teredo may be needed).
On 10/19/2013 04:51 PM, Paola Venuso wrote:
Hi Miika,
I read on the manual that crossroads could have been used as
rvs. This
is written above the table in which are indicated the addresses
of the
test servers. Maybe I misunderstood what is written.
Anyway I'm installing ubuntu on another computer and trying to
configure
the server myself.
Thanks again,
Paola
Il giorno 19/ott/2013 14:40, "Miika Komu" <mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> ha scritto:
Hi Paolo,
crossroads is not configured to act as a rendezvous (or
relay). You
should deploy and install your own rendezvous server. When
you have
done so, you will see some additional registration
information in
hipconf output at the responder and then also the initiator
succeeds
with the base exchange.
On 10/18/2013 09:44 PM, Paola Venuso wrote:
Hi Miika,
I replaced Windows with Ubuntu on my PCs and now the simple
connection
between the two hosts works perfectly! :D
But I have problems with RVS. I tried registering with
crossoroads.infrahip.net <http://crossoroads.infrahip.net>
<http://crossoroads.infrahip.__net
<http://crossoroads.infrahip.net>>
<http://crossoroads.infrahip.____net
<http://crossoroads.infrahip.__net
<http://crossoroads.infrahip.net>>> and then
started the connection (using different configuration).
Only I1
packet
was sent. I stopped the connection and run "hipconf
daemon get
ha all".
At the responder I had this output:
paola@ProBook:~$ hipconf daemon get ha all
Sending user message 22 to HIPD on socket 3
Sent 40 bytes
Waiting to receive daemon info.
240 bytes received from HIP daemon.
HA is ESTABLISHED
Shotgun mode is off.
Broadcast mode is off.
Local HIT: 2001:0018:66b5:52d3:e479:7810:____8446:133b
Peer HIT: 2001:001b:a9be:c6a6:34e5:8361:____c07f:a990
Local LSI: 1.0.0.1
Peer LSI: 1.0.0.2
Local IP: 192.168.1.210
Local NAT traversal UDP port: 10500
Peer IP: 193.167.187.134
Peer NAT traversal UDP port: 10500
Peer hostname: crossroads.infrahip.net
<http://crossroads.infrahip.net>
<http://crossroads.infrahip.__net
<http://crossroads.infrahip.net>>
<http://crossroads.infrahip.____net
<http://crossroads.infrahip.__net <http://crossroads.infrahip.net>>>
While at the initiator I had this output:
paola@ProBook:~$ hipconf daemon get ha all
Sending user message 22 to HIPD on socket 3
Sent 40 bytes
Waiting to receive daemon info.
240 bytes received from HIP daemon.
HA is I1-SENT
Shotgun mode is off.
Broadcast mode is off.
Local HIT: 20011:0013:e87a:b8e4:68c8:____258b:0fb4:68b8
Peer HIT: 2001:0018:66b5:52d3:e479:7810:____8446:133b
Local LSI: 1.0.0.1
Peer LSI: 1.0.0.2
Local IP: 192.168.1.184
Local NAT traversal UDP port: 10500
Peer IP: 193.167.187.134
Peer NAT traversal UDP port: 10500
Peer hostname:
Thanks,
Paola
2013/10/17 Paola Venuso <pa.venuso@xxxxxxxxx
<mailto:pa.venuso@xxxxxxxxx>
<mailto:pa.venuso@xxxxxxxxx
<mailto:pa.venuso@xxxxxxxxx>> <mailto:pa.venuso@xxxxxxxxx
<mailto:pa.venuso@xxxxxxxxx>
<mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx>>>>
Hi Miika,
the reason why I used virtual machines is that I
couldn't
use Linux
as the host machine. But now I convinced myself to
use it
because
this test I have to run is for the last part of my
thesis
in which I
have to use InfraHIP implementation. About miredo
configuration, I
have the default one (I only installed the miredo
packet as the
manual says) .
Tonight I'm going to install Linux on my machines
and then
to try
again the test. I hope everything would be ok.
I'll let you
know.
Thank you for everything,
Paola
2013/10/17 Miika Komu <mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
Hi Paola,
(returning offline discussion to online)
my guess of the origins of your problem is
that the
host machine
of your virtual machines is Windows, and it
does not
allow raw
sockets, even for virtual machines. This is
probably
the reason
why HIP-over-UDP-over-IPv4 works, but
HIP-over-IPv6
doesn't.
If you really want to do NAT traversal with
HIP, please
consider:
1. Using Linux (or OS-X) as the host machine
(Linux
live CD/USB
images are available)
2. Use HIP over UDP and IPv4, and employ the relay
server as
instructed in the manual (the relay server
requires a
public
IPv4 address)
Btw, your Teredo configuration is not fully
functional
because I
can't reach your VMs, even though you can reach by
yourself.
P.S. OpenHIP has some native support for Windows.
On 10/16/2013 07:45 PM, Paola Venuso wrote:
Hi Miika,
at the initiator:
paola2@ubuntu2:~$ lsmod|grep xfrm
xfrm_user 31160 1
xfrm_algo 14952 3
xfrm_user,esp6,esp4
xfrm6_mode_beet 12577 1
xfrm4_mode_beet 12498 1
at the responder :
paola@ubuntu:~$ lsmod|grep xfrm
xfrm_user 31160 1
xfrm_algo 14952 3
xfrm_user,esp6,esp4
xfrm6_mode_beet 12577 2
xfrm4_mode_beet 12498 2
Then I used ping6 with the server address
and I
could reach
it. I
invoked add map command and ping6 and
waited for
more then a
minute but
nothing happened so I stopped it:
paola@ubuntu:~$ ping6
2001:10:5403:41fe:a5df:5f02:______9680:b6d2PING
2001:10:5403:41fe:a5df:5f02:______9680:b6d2(2001:10:5403:41fe:______a5df:5f02:9680:b6d2)
56 data bytes
^C
---
2001:10:5403:41fe:a5df:5f02:______9680:b6d2 ping
statistics ---
222 packets transmitted, 0 received, 100%
packet
loss, time
221196ms
paola@ubuntu:~$ hipconf daemon get ha all
Sending user message 22 to HIPD on socket 3
Sent 40 bytes
Waiting to receive daemon info.
240 bytes received from HIP daemon.
HA is I1-SENT
Shotgun mode is off.
Broadcast mode is off.
Local HIT:
2001:0012:421d:99a0:005d:d60f:______73b0:4407
Peer HIT:
2001:0010:5403:41fe:a5df:5f02:______9680:b6d2
Local LSI: 1.0.0.1
Peer LSI: 1.0.0.2
Local IP:
3ffe:0000:0000:0000:0000:0000:______0000:0002
Local NAT traversal UDP port: 0
Peer IP:
3ffe:0000:0000:0000:0000:0000:______0000:0001
Peer NAT traversal UDP port: 0
Peer hostname:
2013/10/16 Miika Komu <mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
<mailto:mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx>>>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
<mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
<mailto:mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
<mailto:mkomu@xxxxxxxxx>>>>>
Hi Paola,
On 10/16/2013 12:46 PM, Paola Venuso
wrote:
Hi Miika,
I deleted the incorrect line with
"hipconf" and
changed the
debug mode
to "all". I'm sending two emails
with the
output of
the debug
because
the message is too big.
What does "lsmod|grep xfrm" give you? It
should be:
xfrm_user 35921 1
xfrm6_mode_beet 12658 7
xfrm4_mode_beet 12611 7
This is the output of the initiator
I failed to see any 3ffe::xx/64
addresses in
the log.
Did you forget
to invoke "hipconf daemon add map"?
Here's an example (please do not copy
paste
blindly,
you need to
change the addresses and interface
names):
server:
sudo ip addr add 3ffe::1/64 dev
eth0 # add
IPv6 addr
for server
client:
sudo ip addr add 3ffe::2/64 dev
eth0 # add
IPv6 addr
for client
ping6 3ffe::2 # can you reach the
server?
sudo hipconf daemon rst all #
reset hipd
daemon state
hipconf daemon add map
2001:15:e156:8a78:3226:dbaa:________f2ff:ed06
3ffe::1
ping6
2001:15:e156:8a78:3226:dbaa:________f2ff:ed06
<wait for one minute>
PING
2001:15:e156:8a78:3226:dbaa:________f2ff:ed06(2001:15:e156:__8a78:______3226:dbaa:f2ff:__ed06)
56 data bytes
64 bytes from
2001:15:e156:8a78:3226:dbaa:________f2ff:ed06: icmp_seq=2
ttl=64 time=29.8 ms
64 bytes from
2001:15:e156:8a78:3226:dbaa:________f2ff:ed06: icmp_seq=3
ttl=64 time=47.5 ms
I'd like to see "hipconf daemon get
ha all" output
after this.
