[hipl-users] Re: Problems with RVS

  • From: Paola Venuso <pa.venuso@xxxxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Mon, 21 Oct 2013 11:17:41 +0200

Hi Miika,

I set up three machines and used Teredo addresses to test RVS service but
it did'nt worked. I captured the traffic with wireshark and there was no
HIP packets. Also  "hipconf daemon get ha all" showed no HAs.
I followed the steps on the manual. Is there some particular configuration
for the host RVS ?

Thank you,

Paola




2013/10/20 Miika Komu <mkomu@xxxxxxxxx>

> Hi Paola,
>
> hmm, the infrahip.net network seems to have some IPv6 connectivity
> problems at the moment (at least for me), so I recommend that you set up
> three machines of your own (initiator, rendezvous and responder). A
> successful registration looks like this:
>
> $ sudo hipconf daemon add server rvs 2001:1b:a9be:c6a6:34e5:8361:**c07f:a990
> 193.167.187.134 1111
> Requesting 1 service for 1024 seconds (lifetime 0x90) from
> 2001:1b:a9be:c6a6:34e5:8361:**c07f:a990 193.167.187.134.
> Sending user message 104 to HIPD on socket 3
> Sent 96 bytes
>
> Waiting to receive daemon info.
> 96 bytes received from HIP daemon.
> User message was sent successfully to the HIP daemon.
>
>
> $ hipconf daemon get ha all
> Sending user message 22 to HIPD on socket 3
> Sent 40 bytes
> Waiting to receive daemon info.
> 456 bytes received from HIP daemon.
>
> HA is ESTABLISHED
>  Shotgun mode is off.
>  Broadcast mode is off.
>  Local HIT: 2001:0019:11ac:e3af:2367:11a4:**1a36:36ec
>  Peer  HIT: 2001:001b:a9be:c6a6:34e5:8361:**c07f:a990
>  Local LSI: 1.0.0.1
>  Peer  LSI: 1.0.0.100
>  Local IP: 192.168.1.127
>
>  Local NAT traversal UDP port: 10500
>  Peer  IP: 193.167.187.134
>  Peer  NAT traversal UDP port: 10500
>  Peer  hostname: crossroads.infrahip.net
>  Peer has granted us rendezvous service
>                      ^^^^^^^^^^
> HA is ESTABLISHED
>
>
>
> On 10/20/2013 01:43 AM, Paola Venuso wrote:
>
>> Hi Miika,
>>
>> thank you for re-enabling the service. I tried the connection with IPv4
>> and as you expected it didn't work.
>> To priorize the IPv6 addresses I edited gai.conf file uncommenting the
>> lines:
>>
>> label ::1/128       0
>> label ::/0          1
>> label 2002::/16     2
>> label ::/96         3
>> label ::ffff:0:0/96 4
>> label fec0::/10     5
>> label fc00::/7      6
>>
>> I tested IPv6 visiting ipv6-test.com <http://ipv6-test.com> that gave me
>>
>> this result:
>>
>> When both protocols are available, your browser uses
>> IPv6
>> Your internet connection is IPv6 capable
>> 2001:0:53aa:64c:807:6e66:a269:**1d27^ [?
>> <http://db-ip.com/2001%3A0%**3A53aa%3A64c%3A807%3A6e66%**3Aa269%3A1d27<http://db-ip.com/2001%3A0%3A53aa%3A64c%3A807%3A6e66%3Aa269%3A1d27>
>> >]
>>
>> Address type is
>> Teredo 
>> <http://wikipedia.org/wiki/**Teredo_tunneling<http://wikipedia.org/wiki/Teredo_tunneling>
>> >
>> Tunneling from *93.150.226.216:37273 <http://93.150.226.216:37273>*
>> (server *83.170.6.76*)
>>
>>
>> So I guess this part is ok.
>> Then I registered to crossroads using its IPv6 address and tried nc6
>> connection from the initiator. Previously at the initiator  I edited
>> /etc/hosts (in wich I included IPv6 address of crossroads and the
>> responder hostname) and /etc/hip/hosts (in wich I included HIT and
>> hostname of the responder) and also restarted both machines. But the
>> initiator couldn't reach the responder.
>> Did I do something wrong?
>>
>> Thanks,
>>
>> Paola
>>
>>
>>
>> 2013/10/19 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>
>>
>>     Hi Paola,
>>
>>     I have re-enabled RVS functionality in crossroads and ashenvale now.
>>     Please bare in mind that a IPv4-over-UDP base exchange may not work
>>     because your NAT may block it (Teredo may be needed).
>>
>>
>>     On 10/19/2013 04:51 PM, Paola Venuso wrote:
>>
>>         Hi Miika,
>>
>>         I read on the manual that crossroads could have been used as
>>         rvs. This
>>         is written above the table in which are indicated the addresses
>>         of the
>>         test servers. Maybe I misunderstood what is written.
>>         Anyway I'm installing ubuntu on another computer and trying to
>>         configure
>>         the server myself.
>>
>>         Thanks again,
>>
>>         Paola
>>
>>         Il giorno 19/ott/2013 14:40, "Miika Komu" <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> ha scritto:
>>
>>
>>
>>              Hi Paolo,
>>
>>              crossroads is not configured to act as a rendezvous (or
>>         relay). You
>>              should deploy and install your own rendezvous server. When
>>         you have
>>              done so, you will see some additional registration
>>         information in
>>              hipconf output at the responder and then also the initiator
>>         succeeds
>>              with the base exchange.
>>
>>              On 10/18/2013 09:44 PM, Paola Venuso wrote:
>>
>>                  Hi Miika,
>>
>>                  I replaced Windows with Ubuntu on my PCs and now the
>> simple
>>                  connection
>>                  between the two hosts works perfectly! :D
>>                  But I have problems with RVS. I tried registering with
>>         crossoroads.infrahip.net 
>> <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>> >
>>         <http://crossoroads.infrahip._**_net
>>         <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>> >>
>>                  <http://crossoroads.infrahip._**___net
>>
>>
>>                  <http://crossoroads.infrahip._**_net
>>         
>> <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>>>>
>> and then
>>                  started the connection (using different configuration).
>>         Only I1
>>                  packet
>>                  was sent. I stopped the connection and run "hipconf
>>         daemon get
>>                  ha all".
>>                  At the responder I had this output:
>>
>>                  paola@ProBook:~$ hipconf daemon get ha all
>>                  Sending user message 22 to HIPD on socket 3
>>                  Sent 40 bytes
>>                  Waiting to receive daemon info.
>>                  240 bytes received from HIP daemon.
>>                  HA is ESTABLISHED
>>                     Shotgun mode is off.
>>                     Broadcast mode is off.
>>                     Local HIT: 2001:0018:66b5:52d3:e479:7810:**
>> ____8446:133b
>>                     Peer  HIT: 2001:001b:a9be:c6a6:34e5:8361:**
>> ____c07f:a990
>>
>>
>>                     Local LSI: 1.0.0.1
>>                     Peer  LSI: 1.0.0.2
>>                     Local IP: 192.168.1.210
>>                     Local NAT traversal UDP port: 10500
>>                     Peer  IP: 193.167.187.134
>>                     Peer  NAT traversal UDP port: 10500
>>                     Peer  hostname: crossroads.infrahip.net
>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>> >
>>                  <http://crossroads.infrahip.__**net
>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>> >>
>>                  <http://crossroads.infrahip.__**__net
>>
>>         <http://crossroads.infrahip.__**net <http://crossroads.infrahip.*
>> *net <http://crossroads.infrahip.net>>>>
>>
>>
>>
>>                  While at the initiator I had this output:
>>
>>                  paola@ProBook:~$ hipconf daemon get ha all
>>                  Sending user message 22 to HIPD on socket 3
>>                  Sent 40 bytes
>>                  Waiting to receive daemon info.
>>                  240 bytes received from HIP daemon.
>>                  HA is I1-SENT
>>                     Shotgun mode is off.
>>                     Broadcast mode is off.
>>                     Local HIT: 20011:0013:e87a:b8e4:68c8:____**
>> 258b:0fb4:68b8
>>                     Peer  HIT: 2001:0018:66b5:52d3:e479:7810:**
>> ____8446:133b
>>
>>
>>                     Local LSI: 1.0.0.1
>>                     Peer  LSI: 1.0.0.2
>>                     Local IP: 192.168.1.184
>>                     Local NAT traversal UDP port: 10500
>>                     Peer  IP: 193.167.187.134
>>                     Peer  NAT traversal UDP port: 10500
>>                     Peer  hostname:
>>
>>                  Thanks,
>>
>>                  Paola
>>
>>
>>                  2013/10/17 Paola Venuso <pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>
>>                  <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>> <mailto:pa.venuso@xxxxxxxxx
>>         <mailto:pa.venuso@xxxxxxxxx>
>>
>>                  <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx
>> >>>**>
>>
>>
>>                       Hi Miika,
>>
>>                       the reason why I used virtual machines is that I
>>         couldn't
>>                  use Linux
>>                       as the host machine. But now I convinced myself to
>>         use it
>>                  because
>>                       this test I have to run is for the last part of my
>>         thesis
>>                  in which I
>>                       have to use InfraHIP implementation. About miredo
>>                  configuration, I
>>                       have the default one (I only installed the miredo
>>         packet as the
>>                       manual says) .
>>                       Tonight I'm going to install Linux on my machines
>>         and then
>>                  to try
>>                       again the test. I hope everything would be ok.
>>         I'll let you
>>                  know.
>>
>>                       Thank you for everything,
>>
>>                       Paola
>>
>>
>>                       2013/10/17 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
>>
>>                           Hi Paola,
>>
>>                           (returning offline discussion to online)
>>
>>                           my guess of the origins of your problem is
>>         that the
>>                  host machine
>>                           of your virtual machines is Windows, and it
>>         does not
>>                  allow raw
>>                           sockets, even for virtual machines. This is
>>         probably
>>                  the reason
>>                           why HIP-over-UDP-over-IPv4 works, but
>>         HIP-over-IPv6
>>                  doesn't.
>>
>>                           If you really want to do NAT traversal with
>>         HIP, please
>>                  consider:
>>
>>                           1. Using Linux (or OS-X) as the host machine
>>         (Linux
>>                  live CD/USB
>>                           images are available)
>>                           2. Use HIP over UDP and IPv4, and employ the
>> relay
>>                  server as
>>                           instructed in the manual (the relay server
>>         requires a
>>                  public
>>                           IPv4 address)
>>
>>                           Btw, your Teredo configuration is not fully
>>         functional
>>                  because I
>>                           can't reach your VMs, even though you can reach
>> by
>>                  yourself.
>>
>>                           P.S. OpenHIP has some native support for
>> Windows.
>>
>>
>>                           On 10/16/2013 07:45 PM, Paola Venuso wrote:
>>
>>                               Hi Miika,
>>
>>
>>                               at the initiator:
>>
>>                               paola2@ubuntu2:~$ lsmod|grep xfrm
>>                               xfrm_user              31160  1
>>                               xfrm_algo              14952  3
>>         xfrm_user,esp6,esp4
>>                               xfrm6_mode_beet        12577  1
>>                               xfrm4_mode_beet        12498  1
>>
>>
>>
>>                               at the responder :
>>
>>                               paola@ubuntu:~$ lsmod|grep xfrm
>>                               xfrm_user              31160  1
>>                               xfrm_algo              14952  3
>>         xfrm_user,esp6,esp4
>>                               xfrm6_mode_beet        12577  2
>>                               xfrm4_mode_beet        12498  2
>>
>>
>>                               Then I used ping6 with the server address
>>         and I
>>                  could reach
>>                               it. I
>>                               invoked add map command and ping6 and
>>         waited for
>>                  more then a
>>                               minute but
>>                               nothing happened so I stopped it:
>>
>>                               paola@ubuntu:~$ ping6
>>
>>           2001:10:5403:41fe:a5df:5f02:__**____9680:b6d2PING
>>
>>
>>         2001:10:5403:41fe:a5df:5f02:__**____9680:b6d2(2001:10:5403:**
>> 41fe:______a5df:5f02:9680:**b6d2)
>>
>>                               56 data bytes
>>                               ^C
>>                               ---
>>         2001:10:5403:41fe:a5df:5f02:__**____9680:b6d2 ping
>>
>>
>>                  statistics ---
>>                               222 packets transmitted, 0 received, 100%
>>         packet
>>                  loss, time
>>                               221196ms
>>
>>                               paola@ubuntu:~$ hipconf daemon get ha all
>>                               Sending user message 22 to HIPD on socket 3
>>                               Sent 40 bytes
>>                               Waiting to receive daemon info.
>>                               240 bytes received from HIP daemon.
>>                               HA is I1-SENT
>>                                  Shotgun mode is off.
>>                                  Broadcast mode is off.
>>                                  Local HIT:
>>                  2001:0012:421d:99a0:005d:d60f:**______73b0:4407
>>                                  Peer  HIT:
>>                  2001:0010:5403:41fe:a5df:5f02:**______9680:b6d2
>>
>>
>>                                  Local LSI: 1.0.0.1
>>                                  Peer  LSI: 1.0.0.2
>>                                  Local IP:
>>                  3ffe:0000:0000:0000:0000:0000:**______0000:0002
>>
>>
>>                                  Local NAT traversal UDP port: 0
>>                                  Peer  IP:
>>                  3ffe:0000:0000:0000:0000:0000:**______0000:0001
>>
>>
>>                                  Peer  NAT traversal UDP port: 0
>>                                  Peer  hostname:
>>
>>
>>
>>
>>
>>
>>                               2013/10/16 Miika Komu <mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>                               <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>>
>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>                               <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>         <mailto:mkomu@xxxxxxxxx>>>>>
>>
>>
>>
>>                                    Hi Paola,
>>
>>
>>                                    On 10/16/2013 12:46 PM, Paola Venuso
>>         wrote:
>>
>>                                        Hi Miika,
>>
>>                                        I deleted the incorrect line with
>>                  "hipconf" and
>>                               changed the
>>                                        debug mode
>>                                        to "all". I'm sending two emails
>>         with the
>>                  output of
>>                               the debug
>>                                        because
>>                                        the message is too big.
>>
>>
>>                                    What does "lsmod|grep xfrm" give you?
>> It
>>                  should be:
>>                                    xfrm_user              35921  1
>>                                    xfrm6_mode_beet        12658  7
>>                                    xfrm4_mode_beet        12611  7
>>
>>
>>                                        This is the output of the initiator
>>
>>
>>                                    I failed to see any 3ffe::xx/64
>>         addresses in
>>                  the log.
>>                               Did you forget
>>                                    to invoke "hipconf daemon add map"?
>>
>>                                    Here's an example (please do not copy
>>         paste
>>                  blindly,
>>                               you need to
>>                                    change the addresses and interface
>>         names):
>>
>>                                    server:
>>                                       sudo ip addr add 3ffe::1/64 dev
>>         eth0 # add
>>                  IPv6 addr
>>                               for server
>>
>>                                    client:
>>                                       sudo ip addr add 3ffe::2/64 dev
>>         eth0 # add
>>                  IPv6 addr
>>                               for client
>>                                       ping6 3ffe::2 # can you reach the
>>         server?
>>                                       sudo hipconf daemon rst all #
>>         reset hipd
>>                  daemon state
>>                                       hipconf daemon add map
>>                               2001:15:e156:8a78:3226:dbaa:__**
>> ______f2ff:ed06
>>                                    3ffe::1
>>                                       ping6
>>                  2001:15:e156:8a78:3226:dbaa:__**______f2ff:ed06
>>
>>
>>
>>                                       <wait for one minute>
>>                                       PING
>>
>>
>>
>>         2001:15:e156:8a78:3226:dbaa:__**______f2ff:ed06(2001:15:e156:_**
>> _8a78:______3226:dbaa:f2ff:__**ed06)
>>
>>
>>                                    56 data bytes
>>                                    64 bytes from
>>
>>           2001:15:e156:8a78:3226:dbaa:__**______f2ff:ed06: icmp_seq=2
>>
>>
>>                                    ttl=64 time=29.8 ms
>>                                    64 bytes from
>>
>>           2001:15:e156:8a78:3226:dbaa:__**______f2ff:ed06: icmp_seq=3
>>
>>
>>
>>                                    ttl=64 time=47.5 ms
>>
>>                                    I'd like to see "hipconf daemon get
>>         ha all" output
>>                               after this.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>

Other related posts: