[hipl-users] Re: Problems with RVS
- From: frances_gao@xxxxxxx
- To: "hipl-users@xxxxxxxxxxxxx" <hipl-users@xxxxxxxxxxxxx>
- Date: Mon, 21 Oct 2013 10:23:45 +0100
who are you?
Sent from my iPhone
> On 2013年10月21日, at 10:17, Paola Venuso <pa.venuso@xxxxxxxxx> wrote:
>
> Hi Miika,
>
> I set up three machines and used Teredo addresses to test RVS service but it
> did'nt worked. I captured the traffic with wireshark and there was no HIP
> packets. Also "hipconf daemon get ha all" showed no HAs.
> I followed the steps on the manual. Is there some particular configuration
> for the host RVS ?
>
> Thank you,
>
> Paola
>
>
>
>
> 2013/10/20 Miika Komu <mkomu@xxxxxxxxx>
>> Hi Paola,
>>
>> hmm, the infrahip.net network seems to have some IPv6 connectivity problems
>> at the moment (at least for me), so I recommend that you set up three
>> machines of your own (initiator, rendezvous and responder). A successful
>> registration looks like this:
>>
>> $ sudo hipconf daemon add server rvs 2001:1b:a9be:c6a6:34e5:8361:c07f:a990
>> 193.167.187.134 1111
>> Requesting 1 service for 1024 seconds (lifetime 0x90) from
>> 2001:1b:a9be:c6a6:34e5:8361:c07f:a990 193.167.187.134.
>> Sending user message 104 to HIPD on socket 3
>> Sent 96 bytes
>>
>> Waiting to receive daemon info.
>> 96 bytes received from HIP daemon.
>> User message was sent successfully to the HIP daemon.
>>
>>
>> $ hipconf daemon get ha all
>> Sending user message 22 to HIPD on socket 3
>> Sent 40 bytes
>> Waiting to receive daemon info.
>> 456 bytes received from HIP daemon.
>>
>> HA is ESTABLISHED
>> Shotgun mode is off.
>> Broadcast mode is off.
>> Local HIT: 2001:0019:11ac:e3af:2367:11a4:1a36:36ec
>> Peer HIT: 2001:001b:a9be:c6a6:34e5:8361:c07f:a990
>> Local LSI: 1.0.0.1
>> Peer LSI: 1.0.0.100
>> Local IP: 192.168.1.127
>>
>> Local NAT traversal UDP port: 10500
>> Peer IP: 193.167.187.134
>> Peer NAT traversal UDP port: 10500
>> Peer hostname: crossroads.infrahip.net
>> Peer has granted us rendezvous service
>> ^^^^^^^^^^
>> HA is ESTABLISHED
>>
>>
>>
>>> On 10/20/2013 01:43 AM, Paola Venuso wrote:
>>> Hi Miika,
>>>
>>> thank you for re-enabling the service. I tried the connection with IPv4
>>> and as you expected it didn't work.
>>> To priorize the IPv6 addresses I edited gai.conf file uncommenting the
>>> lines:
>>>
>>> label ::1/128 0
>>> label ::/0 1
>>> label 2002::/16 2
>>> label ::/96 3
>>> label ::ffff:0:0/96 4
>>> label fec0::/10 5
>>> label fc00::/7 6
>>>
>>> I tested IPv6 visiting ipv6-test.com <http://ipv6-test.com> that gave me
>>>
>>> this result:
>>>
>>> When both protocols are available, your browser uses
>>> IPv6
>>> Your internet connection is IPv6 capable
>>> 2001:0:53aa:64c:807:6e66:a269:1d27^ [?
>>> <http://db-ip.com/2001%3A0%3A53aa%3A64c%3A807%3A6e66%3Aa269%3A1d27>]
>>>
>>> Address type is
>>> Teredo <http://wikipedia.org/wiki/Teredo_tunneling>
>>> Tunneling from *93.150.226.216:37273 <http://93.150.226.216:37273>*
>>> (server *83.170.6.76*)
>>>
>>>
>>> So I guess this part is ok.
>>> Then I registered to crossroads using its IPv6 address and tried nc6
>>> connection from the initiator. Previously at the initiator I edited
>>> /etc/hosts (in wich I included IPv6 address of crossroads and the
>>> responder hostname) and /etc/hip/hosts (in wich I included HIT and
>>> hostname of the responder) and also restarted both machines. But the
>>> initiator couldn't reach the responder.
>>> Did I do something wrong?
>>>
>>> Thanks,
>>>
>>> Paola
>>>
>>>
>>>
>>> 2013/10/19 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>
>>>
>>> Hi Paola,
>>>
>>> I have re-enabled RVS functionality in crossroads and ashenvale now.
>>> Please bare in mind that a IPv4-over-UDP base exchange may not work
>>> because your NAT may block it (Teredo may be needed).
>>>
>>>
>>> On 10/19/2013 04:51 PM, Paola Venuso wrote:
>>>
>>> Hi Miika,
>>>
>>> I read on the manual that crossroads could have been used as
>>> rvs. This
>>> is written above the table in which are indicated the addresses
>>> of the
>>> test servers. Maybe I misunderstood what is written.
>>> Anyway I'm installing ubuntu on another computer and trying to
>>> configure
>>> the server myself.
>>>
>>> Thanks again,
>>>
>>> Paola
>>>
>>> Il giorno 19/ott/2013 14:40, "Miika Komu" <mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>> ha scritto:
>>>
>>>
>>>
>>> Hi Paolo,
>>>
>>> crossroads is not configured to act as a rendezvous (or
>>> relay). You
>>> should deploy and install your own rendezvous server. When
>>> you have
>>> done so, you will see some additional registration
>>> information in
>>> hipconf output at the responder and then also the initiator
>>> succeeds
>>> with the base exchange.
>>>
>>> On 10/18/2013 09:44 PM, Paola Venuso wrote:
>>>
>>> Hi Miika,
>>>
>>> I replaced Windows with Ubuntu on my PCs and now the simple
>>> connection
>>> between the two hosts works perfectly! :D
>>> But I have problems with RVS. I tried registering with
>>> crossoroads.infrahip.net <http://crossoroads.infrahip.net>
>>> <http://crossoroads.infrahip.__net
>>> <http://crossoroads.infrahip.net>>
>>> <http://crossoroads.infrahip.____net
>>>
>>>
>>> <http://crossoroads.infrahip.__net
>>> <http://crossoroads.infrahip.net>>> and then
>>> started the connection (using different configuration).
>>> Only I1
>>> packet
>>> was sent. I stopped the connection and run "hipconf
>>> daemon get
>>> ha all".
>>> At the responder I had this output:
>>>
>>> paola@ProBook:~$ hipconf daemon get ha all
>>> Sending user message 22 to HIPD on socket 3
>>> Sent 40 bytes
>>> Waiting to receive daemon info.
>>> 240 bytes received from HIP daemon.
>>> HA is ESTABLISHED
>>> Shotgun mode is off.
>>> Broadcast mode is off.
>>> Local HIT: 2001:0018:66b5:52d3:e479:7810:____8446:133b
>>> Peer HIT: 2001:001b:a9be:c6a6:34e5:8361:____c07f:a990
>>>
>>>
>>> Local LSI: 1.0.0.1
>>> Peer LSI: 1.0.0.2
>>> Local IP: 192.168.1.210
>>> Local NAT traversal UDP port: 10500
>>> Peer IP: 193.167.187.134
>>> Peer NAT traversal UDP port: 10500
>>> Peer hostname: crossroads.infrahip.net
>>> <http://crossroads.infrahip.net>
>>> <http://crossroads.infrahip.__net
>>> <http://crossroads.infrahip.net>>
>>> <http://crossroads.infrahip.____net
>>>
>>> <http://crossroads.infrahip.__net <http://crossroads.infrahip.net>>>
>>>
>>>
>>>
>>> While at the initiator I had this output:
>>>
>>> paola@ProBook:~$ hipconf daemon get ha all
>>> Sending user message 22 to HIPD on socket 3
>>> Sent 40 bytes
>>> Waiting to receive daemon info.
>>> 240 bytes received from HIP daemon.
>>> HA is I1-SENT
>>> Shotgun mode is off.
>>> Broadcast mode is off.
>>> Local HIT: 20011:0013:e87a:b8e4:68c8:____258b:0fb4:68b8
>>> Peer HIT: 2001:0018:66b5:52d3:e479:7810:____8446:133b
>>>
>>>
>>> Local LSI: 1.0.0.1
>>> Peer LSI: 1.0.0.2
>>> Local IP: 192.168.1.184
>>> Local NAT traversal UDP port: 10500
>>> Peer IP: 193.167.187.134
>>> Peer NAT traversal UDP port: 10500
>>> Peer hostname:
>>>
>>> Thanks,
>>>
>>> Paola
>>>
>>>
>>> 2013/10/17 Paola Venuso <pa.venuso@xxxxxxxxx
>>> <mailto:pa.venuso@xxxxxxxxx>
>>> <mailto:pa.venuso@xxxxxxxxx
>>> <mailto:pa.venuso@xxxxxxxxx>> <mailto:pa.venuso@xxxxxxxxx
>>> <mailto:pa.venuso@xxxxxxxxx>
>>>
>>> <mailto:pa.venuso@xxxxxxxxx <mailto:pa.venuso@xxxxxxxxx>>>>
>>>
>>>
>>> Hi Miika,
>>>
>>> the reason why I used virtual machines is that I
>>> couldn't
>>> use Linux
>>> as the host machine. But now I convinced myself to
>>> use it
>>> because
>>> this test I have to run is for the last part of my
>>> thesis
>>> in which I
>>> have to use InfraHIP implementation. About miredo
>>> configuration, I
>>> have the default one (I only installed the miredo
>>> packet as the
>>> manual says) .
>>> Tonight I'm going to install Linux on my machines
>>> and then
>>> to try
>>> again the test. I hope everything would be ok.
>>> I'll let you
>>> know.
>>>
>>> Thank you for everything,
>>>
>>> Paola
>>>
>>>
>>> 2013/10/17 Miika Komu <mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
>>>
>>> Hi Paola,
>>>
>>> (returning offline discussion to online)
>>>
>>> my guess of the origins of your problem is
>>> that the
>>> host machine
>>> of your virtual machines is Windows, and it
>>> does not
>>> allow raw
>>> sockets, even for virtual machines. This is
>>> probably
>>> the reason
>>> why HIP-over-UDP-over-IPv4 works, but
>>> HIP-over-IPv6
>>> doesn't.
>>>
>>> If you really want to do NAT traversal with
>>> HIP, please
>>> consider:
>>>
>>> 1. Using Linux (or OS-X) as the host machine
>>> (Linux
>>> live CD/USB
>>> images are available)
>>> 2. Use HIP over UDP and IPv4, and employ the relay
>>> server as
>>> instructed in the manual (the relay server
>>> requires a
>>> public
>>> IPv4 address)
>>>
>>> Btw, your Teredo configuration is not fully
>>> functional
>>> because I
>>> can't reach your VMs, even though you can reach by
>>> yourself.
>>>
>>> P.S. OpenHIP has some native support for Windows.
>>>
>>>
>>> On 10/16/2013 07:45 PM, Paola Venuso wrote:
>>>
>>> Hi Miika,
>>>
>>>
>>> at the initiator:
>>>
>>> paola2@ubuntu2:~$ lsmod|grep xfrm
>>> xfrm_user 31160 1
>>> xfrm_algo 14952 3
>>> xfrm_user,esp6,esp4
>>> xfrm6_mode_beet 12577 1
>>> xfrm4_mode_beet 12498 1
>>>
>>>
>>>
>>> at the responder :
>>>
>>> paola@ubuntu:~$ lsmod|grep xfrm
>>> xfrm_user 31160 1
>>> xfrm_algo 14952 3
>>> xfrm_user,esp6,esp4
>>> xfrm6_mode_beet 12577 2
>>> xfrm4_mode_beet 12498 2
>>>
>>>
>>> Then I used ping6 with the server address
>>> and I
>>> could reach
>>> it. I
>>> invoked add map command and ping6 and
>>> waited for
>>> more then a
>>> minute but
>>> nothing happened so I stopped it:
>>>
>>> paola@ubuntu:~$ ping6
>>>
>>> 2001:10:5403:41fe:a5df:5f02:______9680:b6d2PING
>>>
>>>
>>>
>>> 2001:10:5403:41fe:a5df:5f02:______9680:b6d2(2001:10:5403:41fe:______a5df:5f02:9680:b6d2)
>>>
>>> 56 data bytes
>>> ^C
>>> ---
>>> 2001:10:5403:41fe:a5df:5f02:______9680:b6d2 ping
>>>
>>>
>>> statistics ---
>>> 222 packets transmitted, 0 received, 100%
>>> packet
>>> loss, time
>>> 221196ms
>>>
>>> paola@ubuntu:~$ hipconf daemon get ha all
>>> Sending user message 22 to HIPD on socket 3
>>> Sent 40 bytes
>>> Waiting to receive daemon info.
>>> 240 bytes received from HIP daemon.
>>> HA is I1-SENT
>>> Shotgun mode is off.
>>> Broadcast mode is off.
>>> Local HIT:
>>> 2001:0012:421d:99a0:005d:d60f:______73b0:4407
>>> Peer HIT:
>>> 2001:0010:5403:41fe:a5df:5f02:______9680:b6d2
>>>
>>>
>>> Local LSI: 1.0.0.1
>>> Peer LSI: 1.0.0.2
>>> Local IP:
>>> 3ffe:0000:0000:0000:0000:0000:______0000:0002
>>>
>>>
>>> Local NAT traversal UDP port: 0
>>> Peer IP:
>>> 3ffe:0000:0000:0000:0000:0000:______0000:0001
>>>
>>>
>>> Peer NAT traversal UDP port: 0
>>> Peer hostname:
>>>
>>>
>>>
>>>
>>>
>>>
>>> 2013/10/16 Miika Komu <mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>> <mailto:mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx>>>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>> <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>> <mailto:mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>> <mailto:mkomu@xxxxxxxxx>>>>>
>>>
>>>
>>>
>>> Hi Paola,
>>>
>>>
>>> On 10/16/2013 12:46 PM, Paola Venuso
>>> wrote:
>>>
>>> Hi Miika,
>>>
>>> I deleted the incorrect line with
>>> "hipconf" and
>>> changed the
>>> debug mode
>>> to "all". I'm sending two emails
>>> with the
>>> output of
>>> the debug
>>> because
>>> the message is too big.
>>>
>>>
>>> What does "lsmod|grep xfrm" give you? It
>>> should be:
>>> xfrm_user 35921 1
>>> xfrm6_mode_beet 12658 7
>>> xfrm4_mode_beet 12611 7
>>>
>>>
>>> This is the output of the initiator
>>>
>>>
>>> I failed to see any 3ffe::xx/64
>>> addresses in
>>> the log.
>>> Did you forget
>>> to invoke "hipconf daemon add map"?
>>>
>>> Here's an example (please do not copy
>>> paste
>>> blindly,
>>> you need to
>>> change the addresses and interface
>>> names):
>>>
>>> server:
>>> sudo ip addr add 3ffe::1/64 dev
>>> eth0 # add
>>> IPv6 addr
>>> for server
>>>
>>> client:
>>> sudo ip addr add 3ffe::2/64 dev
>>> eth0 # add
>>> IPv6 addr
>>> for client
>>> ping6 3ffe::2 # can you reach the
>>> server?
>>> sudo hipconf daemon rst all #
>>> reset hipd
>>> daemon state
>>> hipconf daemon add map
>>> 2001:15:e156:8a78:3226:dbaa:________f2ff:ed06
>>> 3ffe::1
>>> ping6
>>> 2001:15:e156:8a78:3226:dbaa:________f2ff:ed06
>>>
>>>
>>>
>>> <wait for one minute>
>>> PING
>>>
>>>
>>>
>>>
>>> 2001:15:e156:8a78:3226:dbaa:________f2ff:ed06(2001:15:e156:__8a78:______3226:dbaa:f2ff:__ed06)
>>>
>>>
>>> 56 data bytes
>>> 64 bytes from
>>>
>>> 2001:15:e156:8a78:3226:dbaa:________f2ff:ed06: icmp_seq=2
>>>
>>>
>>> ttl=64 time=29.8 ms
>>> 64 bytes from
>>>
>>> 2001:15:e156:8a78:3226:dbaa:________f2ff:ed06: icmp_seq=3
>>>
>>>
>>>
>>> ttl=64 time=47.5 ms
>>>
>>> I'd like to see "hipconf daemon get
>>> ha all" output
>>> after this.
>
Other related posts:
