[hipl-users] Re: Problems with RVS

  • From: Paola Venuso <pa.venuso@xxxxxxxxx>
  • To: hipl-users@xxxxxxxxxxxxx
  • Date: Tue, 22 Oct 2013 15:56:26 +0200

Hi Miika,

thank you! The solution with plain IPv6 worked perfectly and now I can
finish my work analyzing the packets.
I followed the steps from basics to advanced and these are the results:

* basics
     1a. yes
     2a. yes
     3a. no (address unreachable)
   * medium (no RVS)
     1b. yes
     2b. yes
     3b. no (address unreachable)
   * advanced (with RVS)
     1c. no (only I1 packet sent)
     2c. yes
     3c. no  (no HiP packets)





2013/10/22 Miika Komu <mkomu@xxxxxxxxx>

> Hi Paola,
>
> few notes about testing in general (which should be obvious from the
> discussion already). Please test incrementally (start with basics, then
> head towards more complex configurations):
>
>    * basics
>      1a. does IPv4 connectivity work?
>      2a. does IPv6 local connectivity work?
>      3a. does Teredo connectivity work?
>    * medium (no RVS)
>      1b. does direct HIP-over-IPv4 connectivity work?
>      2b. does direct HIP-over-IPv6 connectivity work?
>      3b. does direct HIP-over-Teredo connectivity work?
>    * advanced (with RVS)
>      1c. does HIP-RVS work with IPv4?
>      2c. does HIP-RVS work with IPv6?
>      3c. does HIP-RVS work on top of Teredo?
>
> There is a dependency between the test cases with the same number. For
> instance, 1c does not work if 1b does not work, and 1b cannot work if 1a
> does not work (also, Teredo fails to work when plain IPv4 does not work). I
> think you haven't tried all this yet, so we haven't minimized the problem.
>
> P.S. I do have a patch for encapsulating HIP traffic over UDP when using
> IPv6 (or Teredo). If sending raw traffic over Teredo is really the issue,
> we can merge this patch, but you really show that this is really an issue
> (e.g. play with nc6 in UDP port 10500 and remember to stop hipd).
>
>
> On 10/22/2013 01:49 PM, Miika Komu wrote:
>
>> Hi Paola,
>>
>> I tried rendezvous in my local network. For me, Teredo addresses failed
>> to work, possibly because of so called NAT hairpinning problems (all
>> hosts behind the same NAT), so I could not run any traffic on top of
>> Teredo. So, I will show you how it works on plain IPv6.
>>
>> The hosts are:
>> Initiator: 3ffe::1
>> Rendezvous 3ffe::2
>> Responder: 3ffe::3
>>
>> 1. Enable rendezvous at rendezvous (you can also modify hipd.conf):
>>
>>     sudo hipconf daemon add service rvs
>>
>> 2. Register to rvs at the the responder and verify it works:
>>
>>    sudo hipconf daemon add server rvs
>> 2001:1a:493f:a501:6481:6b4:**cfdb:6d4e 3ffe::2 11111
>>
>>    hipconf daemon get ha all
>>      Sending user message 22 to HIPD on socket 3
>>      Sent 40 bytes
>>      Waiting to receive daemon info.
>>      248 bytes received from HIP daemon.
>>      HA is ESTABLISHED
>>      Shotgun mode is off.
>>      Broadcast mode is off.
>>      Local HIT: 2001:0016:8c08:9ca9:9e41:059d:**95e7:7d2f
>>      Peer  HIT: 2001:001a:493f:a501:6481:06b4:**cfdb:6d4e
>>      Local LSI: 1.0.0.1
>>      Peer  LSI: 1.0.0.2
>>      Local IP: 3ffe:0000:0000:0000:0000:0000:**0000:0003
>>      Local NAT traversal UDP port: 0
>>      Peer  IP: 3ffe:0000:0000:0000:0000:0000:**0000:0002
>>      Peer  NAT traversal UDP port: 0
>>      Peer  hostname: debian32
>>      Peer has granted us rendezvous service
>>
>> 3. Initiate base exchange at the initiator (via rvs)
>>
>>    hipconf  daemon add map 2001:16:8c08:9ca9:9e41:059d:**95e7:7d2f
>> 3ffe::2
>>    ping6 2001:16:8c08:9ca9:9e41:059d:**95e7:7d2f
>>    root@gaijin:~# ping6 2001:16:8c08:9ca9:9e41:059d:**95e7:7d2f
>>    PING
>> 2001:16:8c08:9ca9:9e41:059d:**95e7:7d2f(2001:16:8c08:9ca9:**
>> 9e41:59d:95e7:7d2f)
>>    56 data bytes
>>    64 bytes from 2001:16:8c08:9ca9:9e41:59d:**95e7:7d2f: icmp_seq=2
>> ttl=64
>> time=1.44 ms
>>    64 bytes from 2001:16:8c08:9ca9:9e41:59d:**95e7:7d2f: icmp_seq=3
>> ttl=64
>> time=1.36 ms
>>
>> I was also running tcpdump at the initiator to make sure that the
>> traffic goes through the rvs:
>>
>> tcpdump -n -i any proto 139 or esp
>> 13:20:33.356457 IP6 3ffe::1 > 3ffe::2: ip-proto-139 40
>> 13:20:33.397397 IP6 3ffe::3 > 3ffe::1: ip-proto-139 664
>> 13:20:33.417302 IP6 3ffe::1 > 3ffe::3: ip-proto-139 608
>> 13:20:33.462743 IP6 3ffe::3 > 3ffe::1: ip-proto-139 216
>> 13:20:34.351457 IP6 3ffe::1 > 3ffe::3: ESP(spi=0x94eb338c,seq=0x1),
>> length 116
>> 13:20:34.352712 IP6 3ffe::3 > 3ffe::1: ESP(spi=0x6118aed8,seq=0x1),
>> length 116
>> 13:20:35.352870 IP6 3ffe::1 > 3ffe::3: ESP(spi=0x94eb338c,seq=0x2),
>> length 116
>> 13:20:35.354062 IP6 3ffe::3 > 3ffe::1: ESP(spi=0x6118aed8,seq=0x2),
>> length 116
>>
>> If you observe the first the packets, you'll see that I1 packet goes to
>> the rendezvous (size 40) (which the rendezvous forwards to responder).
>> Then the responder replies directly back to the initiator (R1, size 664)
>> and further communications (I2, R2, ESP) are carried without rendezvous
>> interaction.
>>
>> P.S. Please note that observing teredo-encapsulated traffic requires
>> different rules.
>>
>> On 10/21/2013 12:17 PM, Paola Venuso wrote:
>>
>>> Hi Miika,
>>>
>>> I set up three machines and used Teredo addresses to test RVS service
>>> but it did'nt worked. I captured the traffic with wireshark and there
>>> was no HIP packets. Also  "hipconf daemon get ha all" showed no HAs.
>>> I followed the steps on the manual. Is there some particular
>>> configuration for the host RVS ?
>>>
>>> Thank you,
>>>
>>> Paola
>>>
>>>
>>>
>>>
>>> 2013/10/20 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>
>>>     Hi Paola,
>>>
>>>     hmm, the infrahip.net <http://infrahip.net> network seems to have
>>>     some IPv6 connectivity problems at the moment (at least for me), so
>>>     I recommend that you set up three machines of your own (initiator,
>>>     rendezvous and responder). A successful registration looks like this:
>>>
>>>     $ sudo hipconf daemon add server rvs
>>>     2001:1b:a9be:c6a6:34e5:8361:__**c07f:a990 193.167.187.134 1111
>>>     Requesting 1 service for 1024 seconds (lifetime 0x90) from
>>>     2001:1b:a9be:c6a6:34e5:8361:__**c07f:a990 193.167.187.134.
>>>     Sending user message 104 to HIPD on socket 3
>>>     Sent 96 bytes
>>>
>>>     Waiting to receive daemon info.
>>>     96 bytes received from HIP daemon.
>>>     User message was sent successfully to the HIP daemon.
>>>
>>>
>>>     $ hipconf daemon get ha all
>>>     Sending user message 22 to HIPD on socket 3
>>>     Sent 40 bytes
>>>     Waiting to receive daemon info.
>>>     456 bytes received from HIP daemon.
>>>
>>>     HA is ESTABLISHED
>>>       Shotgun mode is off.
>>>       Broadcast mode is off.
>>>       Local HIT: 2001:0019:11ac:e3af:2367:11a4:**__1a36:36ec
>>>       Peer  HIT: 2001:001b:a9be:c6a6:34e5:8361:**__c07f:a990
>>>       Local LSI: 1.0.0.1
>>>       Peer  LSI: 1.0.0.100
>>>       Local IP: 192.168.1.127
>>>
>>>       Local NAT traversal UDP port: 10500
>>>       Peer  IP: 193.167.187.134
>>>       Peer  NAT traversal UDP port: 10500
>>>       Peer  hostname: crossroads.infrahip.net
>>>     <http://crossroads.infrahip.**net <http://crossroads.infrahip.net>>
>>>       Peer has granted us rendezvous service
>>>                           ^^^^^^^^^^
>>>     HA is ESTABLISHED
>>>
>>>
>>>
>>>     On 10/20/2013 01:43 AM, Paola Venuso wrote:
>>>
>>>         Hi Miika,
>>>
>>>         thank you for re-enabling the service. I tried the connection
>>>         with IPv4
>>>         and as you expected it didn't work.
>>>         To priorize the IPv6 addresses I edited gai.conf file
>>>         uncommenting the
>>>         lines:
>>>
>>>         label ::1/128       0
>>>         label ::/0          1
>>>         label 2002::/16     2
>>>         label ::/96         3
>>>         label ::ffff:0:0/96 4
>>>         label fec0::/10     5
>>>         label fc00::/7      6
>>>
>>>         I tested IPv6 visiting ipv6-test.com <http://ipv6-test.com>
>>>         <http://ipv6-test.com> that gave me
>>>
>>>         this result:
>>>
>>>         When both protocols are available, your browser uses
>>>         IPv6
>>>         Your internet connection is IPv6 capable
>>>         2001:0:53aa:64c:807:6e66:a269:**__1d27^ [?
>>>
>>> <http://db-ip.com/2001%3A0%__**3A53aa%3A64c%3A807%3A6e66%__**
>>> 3Aa269%3A1d27
>>>
>>> <http://db-ip.com/2001%3A0%**3A53aa%3A64c%3A807%3A6e66%**3Aa269%3A1d27<http://db-ip.com/2001%3A0%3A53aa%3A64c%3A807%3A6e66%3Aa269%3A1d27>
>>> >>]
>>>
>>>         Address type is
>>>         Teredo 
>>> <http://wikipedia.org/wiki/__**Teredo_tunneling<http://wikipedia.org/wiki/__Teredo_tunneling>
>>>         
>>> <http://wikipedia.org/wiki/**Teredo_tunneling<http://wikipedia.org/wiki/Teredo_tunneling>
>>> >>
>>>         Tunneling from *93.150.226.216:37273
>>>         <http://93.150.226.216:37273> <http://93.150.226.216:37273>*
>>>         (server *83.170.6.76*)
>>>
>>>
>>>         So I guess this part is ok.
>>>         Then I registered to crossroads using its IPv6 address and
>>> tried nc6
>>>         connection from the initiator. Previously at the initiator  I
>>> edited
>>>         /etc/hosts (in wich I included IPv6 address of crossroads and the
>>>         responder hostname) and /etc/hip/hosts (in wich I included HIT
>>> and
>>>         hostname of the responder) and also restarted both machines.
>>> But the
>>>         initiator couldn't reach the responder.
>>>         Did I do something wrong?
>>>
>>>         Thanks,
>>>
>>>         Paola
>>>
>>>
>>>
>>>         2013/10/19 Miika Komu <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>
>>>
>>>
>>>              Hi Paola,
>>>
>>>              I have re-enabled RVS functionality in crossroads and
>>>         ashenvale now.
>>>              Please bare in mind that a IPv4-over-UDP base exchange may
>>>         not work
>>>              because your NAT may block it (Teredo may be needed).
>>>
>>>
>>>              On 10/19/2013 04:51 PM, Paola Venuso wrote:
>>>
>>>                  Hi Miika,
>>>
>>>                  I read on the manual that crossroads could have been
>>>         used as
>>>                  rvs. This
>>>                  is written above the table in which are indicated the
>>>         addresses
>>>                  of the
>>>                  test servers. Maybe I misunderstood what is written.
>>>                  Anyway I'm installing ubuntu on another computer and
>>>         trying to
>>>                  configure
>>>                  the server myself.
>>>
>>>                  Thanks again,
>>>
>>>                  Paola
>>>
>>>                  Il giorno 19/ott/2013 14:40, "Miika Komu"
>>>         <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>> ha scritto:
>>>
>>>
>>>
>>>                       Hi Paolo,
>>>
>>>                       crossroads is not configured to act as a
>>>         rendezvous (or
>>>                  relay). You
>>>                       should deploy and install your own rendezvous
>>>         server. When
>>>                  you have
>>>                       done so, you will see some additional registration
>>>                  information in
>>>                       hipconf output at the responder and then also the
>>>         initiator
>>>                  succeeds
>>>                       with the base exchange.
>>>
>>>                       On 10/18/2013 09:44 PM, Paola Venuso wrote:
>>>
>>>                           Hi Miika,
>>>
>>>                           I replaced Windows with Ubuntu on my PCs and
>>>         now the simple
>>>                           connection
>>>                           between the two hosts works perfectly! :D
>>>                           But I have problems with RVS. I tried
>>>         registering with
>>>         crossoroads.infrahip.net 
>>> <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>>> >
>>>         <http://crossoroads.infrahip._**_net
>>>         <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>>> >>
>>>                  <http://crossoroads.infrahip._**___net
>>>                  <http://crossoroads.infrahip._**_net
>>>         <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>
>>> >>>
>>>                           <http://crossoroads.infrahip._**_____net
>>>
>>>
>>>                           <http://crossoroads.infrahip._**___net
>>>                  <http://crossoroads.infrahip._**_net
>>>         
>>> <http://crossoroads.infrahip.**net<http://crossoroads.infrahip.net>>>>>
>>> and then
>>>                           started the connection (using different
>>>         configuration).
>>>                  Only I1
>>>                           packet
>>>                           was sent. I stopped the connection and run
>>>         "hipconf
>>>                  daemon get
>>>                           ha all".
>>>                           At the responder I had this output:
>>>
>>>                           paola@ProBook:~$ hipconf daemon get ha all
>>>                           Sending user message 22 to HIPD on socket 3
>>>                           Sent 40 bytes
>>>                           Waiting to receive daemon info.
>>>                           240 bytes received from HIP daemon.
>>>                           HA is ESTABLISHED
>>>                              Shotgun mode is off.
>>>                              Broadcast mode is off.
>>>                              Local HIT:
>>>         2001:0018:66b5:52d3:e479:7810:**______8446:133b
>>>                              Peer  HIT:
>>>         2001:001b:a9be:c6a6:34e5:8361:**______c07f:a990
>>>
>>>
>>>                              Local LSI: 1.0.0.1
>>>                              Peer  LSI: 1.0.0.2
>>>                              Local IP: 192.168.1.210
>>>                              Local NAT traversal UDP port: 10500
>>>                              Peer  IP: 193.167.187.134
>>>                              Peer  NAT traversal UDP port: 10500
>>>                              Peer  hostname: crossroads.infrahip.net
>>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>>> >
>>>                  <http://crossroads.infrahip.__**net
>>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>>> >>
>>>                           <http://crossroads.infrahip.__**__net
>>>                  <http://crossroads.infrahip.__**net
>>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>>> >>>
>>>                           <http://crossroads.infrahip.__**____net
>>>
>>>                  <http://crossroads.infrahip.__**__net
>>>         <http://crossroads.infrahip.__**net
>>>         <http://crossroads.infrahip.**net<http://crossroads.infrahip.net>
>>> >>>>
>>>
>>>
>>>
>>>                           While at the initiator I had this output:
>>>
>>>                           paola@ProBook:~$ hipconf daemon get ha all
>>>                           Sending user message 22 to HIPD on socket 3
>>>                           Sent 40 bytes
>>>                           Waiting to receive daemon info.
>>>                           240 bytes received from HIP daemon.
>>>                           HA is I1-SENT
>>>                              Shotgun mode is off.
>>>                              Broadcast mode is off.
>>>                              Local HIT:
>>>         20011:0013:e87a:b8e4:68c8:____**__258b:0fb4:68b8
>>>                              Peer  HIT:
>>>         2001:0018:66b5:52d3:e479:7810:**______8446:133b
>>>
>>>
>>>                              Local LSI: 1.0.0.1
>>>                              Peer  LSI: 1.0.0.2
>>>                              Local IP: 192.168.1.184
>>>                              Local NAT traversal UDP port: 10500
>>>                              Peer  IP: 193.167.187.134
>>>                              Peer  NAT traversal UDP port: 10500
>>>                              Peer  hostname:
>>>
>>>                           Thanks,
>>>
>>>                           Paola
>>>
>>>
>>>                           2013/10/17 Paola Venuso <pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx>
>>>                  <mailto:pa.venuso@xxxxxxxxx
>>> <mailto:pa.venuso@xxxxxxxxx>>
>>>                           <mailto:pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx>
>>>                  <mailto:pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx>>> <mailto:pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx>
>>>                  <mailto:pa.venuso@xxxxxxxxx
>>> <mailto:pa.venuso@xxxxxxxxx>>
>>>
>>>                           <mailto:pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx> <mailto:pa.venuso@xxxxxxxxx
>>>         <mailto:pa.venuso@xxxxxxxxx>>>**>__>
>>>
>>>
>>>                                Hi Miika,
>>>
>>>                                the reason why I used virtual machines is
>>>         that I
>>>                  couldn't
>>>                           use Linux
>>>                                as the host machine. But now I convinced
>>>         myself to
>>>                  use it
>>>                           because
>>>                                this test I have to run is for the last
>>>         part of my
>>>                  thesis
>>>                           in which I
>>>                                have to use InfraHIP implementation.
>>>         About miredo
>>>                           configuration, I
>>>                                have the default one (I only installed
>>>         the miredo
>>>                  packet as the
>>>                                manual says) .
>>>                                Tonight I'm going to install Linux on my
>>>         machines
>>>                  and then
>>>                           to try
>>>                                again the test. I hope everything would
>>>         be ok.
>>>                  I'll let you
>>>                           know.
>>>
>>>                                Thank you for everything,
>>>
>>>                                Paola
>>>
>>>
>>>                                2013/10/17 Miika Komu <mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>                           <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>>>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>                           <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>>>>>
>>>
>>>                                    Hi Paola,
>>>
>>>                                    (returning offline discussion to
>>> online)
>>>
>>>                                    my guess of the origins of your
>>>         problem is
>>>                  that the
>>>                           host machine
>>>                                    of your virtual machines is Windows,
>>>         and it
>>>                  does not
>>>                           allow raw
>>>                                    sockets, even for virtual machines.
>>>         This is
>>>                  probably
>>>                           the reason
>>>                                    why HIP-over-UDP-over-IPv4 works, but
>>>                  HIP-over-IPv6
>>>                           doesn't.
>>>
>>>                                    If you really want to do NAT
>>>         traversal with
>>>                  HIP, please
>>>                           consider:
>>>
>>>                                    1. Using Linux (or OS-X) as the host
>>>         machine
>>>                  (Linux
>>>                           live CD/USB
>>>                                    images are available)
>>>                                    2. Use HIP over UDP and IPv4, and
>>>         employ the relay
>>>                           server as
>>>                                    instructed in the manual (the relay
>>>         server
>>>                  requires a
>>>                           public
>>>                                    IPv4 address)
>>>
>>>                                    Btw, your Teredo configuration is not
>>>         fully
>>>                  functional
>>>                           because I
>>>                                    can't reach your VMs, even though you
>>>         can reach by
>>>                           yourself.
>>>
>>>                                    P.S. OpenHIP has some native support
>>>         for Windows.
>>>
>>>
>>>                                    On 10/16/2013 07:45 PM, Paola Venuso
>>>         wrote:
>>>
>>>                                        Hi Miika,
>>>
>>>
>>>                                        at the initiator:
>>>
>>>                                        paola2@ubuntu2:~$ lsmod|grep xfrm
>>>                                        xfrm_user              31160  1
>>>                                        xfrm_algo              14952  3
>>>                  xfrm_user,esp6,esp4
>>>                                        xfrm6_mode_beet        12577  1
>>>                                        xfrm4_mode_beet        12498  1
>>>
>>>
>>>
>>>                                        at the responder :
>>>
>>>                                        paola@ubuntu:~$ lsmod|grep xfrm
>>>                                        xfrm_user              31160  1
>>>                                        xfrm_algo              14952  3
>>>                  xfrm_user,esp6,esp4
>>>                                        xfrm6_mode_beet        12577  2
>>>                                        xfrm4_mode_beet        12498  2
>>>
>>>
>>>                                        Then I used ping6 with the server
>>>         address
>>>                  and I
>>>                           could reach
>>>                                        it. I
>>>                                        invoked add map command and
>>> ping6 and
>>>                  waited for
>>>                           more then a
>>>                                        minute but
>>>                                        nothing happened so I stopped it:
>>>
>>>                                        paola@ubuntu:~$ ping6
>>>
>>>                    2001:10:5403:41fe:a5df:5f02:__**______9680:b6d2PING
>>>
>>>
>>>
>>>
>>> 2001:10:5403:41fe:a5df:5f02:__**______9680:b6d2(2001:10:5403:_**
>>> _41fe:______a5df:5f02:9680:__**b6d2)
>>>
>>>
>>>                                        56 data bytes
>>>                                        ^C
>>>                                        ---
>>>                  2001:10:5403:41fe:a5df:5f02:__**______9680:b6d2 ping
>>>
>>>
>>>                           statistics ---
>>>                                        222 packets transmitted, 0
>>>         received, 100%
>>>                  packet
>>>                           loss, time
>>>                                        221196ms
>>>
>>>                                        paola@ubuntu:~$ hipconf daemon
>>>         get ha all
>>>                                        Sending user message 22 to HIPD
>>>         on socket 3
>>>                                        Sent 40 bytes
>>>                                        Waiting to receive daemon info.
>>>                                        240 bytes received from HIP
>>> daemon.
>>>                                        HA is I1-SENT
>>>                                           Shotgun mode is off.
>>>                                           Broadcast mode is off.
>>>                                           Local HIT:
>>>                           2001:0012:421d:99a0:005d:d60f:**
>>> ________73b0:4407
>>>                                           Peer  HIT:
>>>                           2001:0010:5403:41fe:a5df:5f02:**
>>> ________9680:b6d2
>>>
>>>
>>>                                           Local LSI: 1.0.0.1
>>>                                           Peer  LSI: 1.0.0.2
>>>                                           Local IP:
>>>                           3ffe:0000:0000:0000:0000:0000:**
>>> ________0000:0002
>>>
>>>
>>>                                           Local NAT traversal UDP port: 0
>>>                                           Peer  IP:
>>>                           3ffe:0000:0000:0000:0000:0000:**
>>> ________0000:0001
>>>
>>>
>>>                                           Peer  NAT traversal UDP port: 0
>>>                                           Peer  hostname:
>>>
>>>
>>>
>>>
>>>
>>>
>>>                                        2013/10/16 Miika Komu
>>>         <mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>                           <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>>>
>>>                                        <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>
>>>                           <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx> <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>
>>>                                        <mailto:mkomu@xxxxxxxxx
>>>         <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>
>>>         <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>
>>>                  <mailto:mkomu@xxxxxxxxx <mailto:mkomu@xxxxxxxxx>>>>>>
>>>
>>>
>>>
>>>                                             Hi Paola,
>>>
>>>
>>>                                             On 10/16/2013 12:46 PM,
>>>         Paola Venuso
>>>                  wrote:
>>>
>>>                                                 Hi Miika,
>>>
>>>                                                 I deleted the incorrect
>>>         line with
>>>                           "hipconf" and
>>>                                        changed the
>>>                                                 debug mode
>>>                                                 to "all". I'm sending
>>>         two emails
>>>                  with the
>>>                           output of
>>>                                        the debug
>>>                                                 because
>>>                                                 the message is too big.
>>>
>>>
>>>                                             What does "lsmod|grep xfrm"
>>>         give you? It
>>>                           should be:
>>>                                             xfrm_user
>>> 35921  1
>>>                                             xfrm6_mode_beet
>>> 12658  7
>>>                                             xfrm4_mode_beet
>>> 12611  7
>>>
>>>
>>>                                                 This is the output of
>>>         the initiator
>>>
>>>
>>>                                             I failed to see any
>>> 3ffe::xx/64
>>>                  addresses in
>>>                           the log.
>>>                                        Did you forget
>>>                                             to invoke "hipconf daemon
>>>         add map"?
>>>
>>>                                             Here's an example (please do
>>>         not copy
>>>                  paste
>>>                           blindly,
>>>                                        you need to
>>>                                             change the addresses and
>>>         interface
>>>                  names):
>>>
>>>                                             server:
>>>                                                sudo ip addr add
>>>         3ffe::1/64 dev
>>>                  eth0 # add
>>>                           IPv6 addr
>>>                                        for server
>>>
>>>                                             client:
>>>                                                sudo ip addr add
>>>         3ffe::2/64 dev
>>>                  eth0 # add
>>>                           IPv6 addr
>>>                                        for client
>>>                                                ping6 3ffe::2 # can you
>>>         reach the
>>>                  server?
>>>                                                sudo hipconf daemon rst
>>> all #
>>>                  reset hipd
>>>                           daemon state
>>>                                                hipconf daemon add map
>>>
>>>         2001:15:e156:8a78:3226:dbaa:__**________f2ff:ed06
>>>                                             3ffe::1
>>>                                                ping6
>>>                           2001:15:e156:8a78:3226:dbaa:__**
>>> ________f2ff:ed06
>>>
>>>
>>>
>>>                                                <wait for one minute>
>>>                                                PING
>>>
>>>
>>>
>>>
>>>
>>> 2001:15:e156:8a78:3226:dbaa:__**________f2ff:ed06(2001:15:**
>>> e156:____8a78:______3226:dbaa:**f2ff:____ed06)
>>>
>>>
>>>
>>>                                             56 data bytes
>>>                                             64 bytes from
>>>
>>>                    2001:15:e156:8a78:3226:dbaa:__**________f2ff:ed06:
>>>         icmp_seq=2
>>>
>>>
>>>                                             ttl=64 time=29.8 ms
>>>                                             64 bytes from
>>>
>>>                    2001:15:e156:8a78:3226:dbaa:__**________f2ff:ed06:
>>>         icmp_seq=3
>>>
>>>
>>>
>>>                                             ttl=64 time=47.5 ms
>>>
>>>                                             I'd like to see "hipconf
>>>         daemon get
>>>                  ha all" output
>>>                                        after this.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>

Other related posts: