[hipl-users] Re: Something is broken - Re: Re: Server HIp state loss recovery - hipl-users

[hipl-users] Re: Something is broken - Re: Re: Server HIp state loss recovery

From: Miika Komu <miika.komu@xxxxxxx>
To: hipl-users@xxxxxxxxxxxxx
Date: Thu, 04 Sep 2008 01:30:26 +0300

Robert Moskowitz wrote:

Hi,

I tried direct ipv6-based connection without rvs with the followingconfiguration (initiator is i386 fedora):


initiator:
        /etc/hip/hosts:
        2001:12:f46c:72ec:b7c2:a1d7:a19d:ef29 responder

        /etc/hosts:
        3ffe::2 responder

The initiator has 3ffe::1 address and responder 3ffe::2. On both hosts,the hipd_config is all comments. I am running hipd on both sides andhipfw -Aid. It seems to work at least for me:

root@initiator:~/projects/hipl--userspace--2.6# test/conntest-client-hipresponder tcp 1111

=== Testing TCP connection to 'responder' on port 1111 ===
Asking serving Distributed Hash Table (DHT) gateway information
from the HIP daemon...
Distributed hash table (DHT) is not in use.
Searching for a HIT value for host 'responder' from file '/etc/hip/hosts'.

Found a HIT/LSI value for host 'responder' on line 6 of file'/etc/hip/hosts'.

Mapped a HIT to an IPv6 address:
2001:12:f46c:72ec:b7c2:a1d7:a19d:ef29 -> 3ffe::2.
Please input some text to be sent to 'responder'.
Empty row or "CTRL+d" sends data.
adsad
Connecting to HIT 2001:12:f46c:72ec:b7c2:a1d7:a19d:ef29.
Connecting socket to remote socket address took 3.03838 seconds.
Data exchange took 0.08675 seconds.
Sent/received 6/6 bytes payload data to/from 'responder'.
=== Connection test result: SUCCESS ===

Try commenting all out from your hipd_config, check ipv6 addresses inhosts file (+ remove LSIs) and double check the default HIT of theresponder. If it does not still work, please send me (privately):


* 2 x hosts files from initiator
* hipd_config from both sides
* output of hipd and hipfw on both sides
* initiator tcpdump -n -i any proto 253 or port 50500 or esp

Thanks.

Miika Komu wrote:

Robert Moskowitz wrote:

Hi,
you were using RVS and IPv6 for the conntest-client test? I get sometrouble with that particular configuration too.

No RVS. Direct connection. Both systems having RA assigned global IPv6addresses on the same subnet.

Nope...

Miika Komu wrote:

Robert Moskowitz wrote:

Hi,
Miika Komu wrote:
Robert Moskowitz wrote:

Hi,

sorry it is actually "hipconf add hi default" currently.
And that did not work. Something is broken as even with this, I getthe src address of the packet being the HIT rather than the IPv6address of the client.
please type in exactly the following and report again. First, checkyour code version:
mkomu@halko:~/projects/hipl--userspace--2.6$ baz logs|tail -1
patch-1680
If you are using an older version, please "tla replay", recompileand reinstall.

On both systems I have done the replay, ./autogen.sh, make install(and on the client make rpm to build a new set of rpms).


Second, please start hipd and check the default HIT:

mkomu@halko:~/projects/hipl--userspace--2.6$ sudo hipd/hipd

mkomu@halko:~/projects/hipl--userspace--2.6$ ifconfig dummy0
dummy0 Link encap:Ethernet HWaddr b2:48:84:75:22:a3
inet6 addr: 2001:1c:9d:1d34:7d57:bd54:1d10:a393/28 Scope:Global

Different default HIT now. So I had to change me /etc/hip/hosts onthe client.

but I try the conntest and am watching the client connect with theHIT, not the iPv6 address. So all I see are the I1 and I2 (I2 goingoff to LaLaland).

inet6 addr: fe80::b048:84ff:fe75:22a3/64 Scope:Link
UP BROADCAST RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)

Third, you can try that adding multiple HITs is working:

mkomu@halko:~/projects/hipl--userspace--2.6$ sudo tools/hipconf addhi default

[sudo] password for mkomu:
Using hostname: halko
No key file given, using default.
Using dsa (anon hi) filenamebase: /etc/hip/hip_host_dsa_key_anon
Using dsa (pub hi) filenamebase: /etc/hip/hip_host_dsa_key_pub
hit: 2001:001f:4c25:3ef2:ffdd:752c:f640:9b2c
hi is private dsa
DSA HIT: 2001:001f:4c25:3ef2:ffdd:752c:f640:9b2c
hit: 2001:0013:1163:8be6:6905:147a:12b2:4a79
hi is private dsa
DSA HIT: 2001:0013:1163:8be6:6905:147a:12b2:4a79
Waiting to receive daemon info.
Using hostname: halko
No key file given, using default.
Using RSA (anon HI) filenamebase: /etc/hip/hip_host_rsa_key_anon.
rsa_to_hip_endpoint called
hit: 2001:0019:6775:2d32:4da6:c2e8:b72e:fb3a
hi is private rsa
RSA HIT: 2001:0019:6775:2d32:4da6:c2e8:b72e:fb3a
Waiting to receive daemon info.
Using hostname: halko
No key file given, using default.
Using RSA (pub HI) filenamebase: /etc/hip/hip_host_rsa_key_pub
rsa_to_hip_endpoint called
hit: 2001:001c:009d:1d34:7d57:bd54:1d10:a393
hi is private rsa
RSA HIT: 2001:001c:009d:1d34:7d57:bd54:1d10:a393
Waiting to receive daemon info.
User message was sent successfully to the HIP daemon.
mkomu@halko:~/projects/hipl--userspace--2.6$ ifconfig dummy0
dummy0 Link encap:Ethernet HWaddr b2:48:84:75:22:a3
inet6 addr: 2001:19:6775:2d32:4da6:c2e8:b72e:fb3a/28 Scope:Global
inet6 addr: 2001:1c:9d:1d34:7d57:bd54:1d10:a393/28 Scope:Global
inet6 addr: fe80::b048:84ff:fe75:22a3/64 Scope:Link
inet6 addr: 2001:13:1163:8be6:6905:147a:12b2:4a79/28 Scope:Global
inet6 addr: 2001:1f:4c25:3ef2:ffdd:752c:f640:9b2c/28 Scope:Global
UP BROADCAST RUNNING NOARP MTU:1280 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)

Follow-Ups:
- [hipl-users] Working - Re: Re: Something is broken - Re: Re: Server HIp state loss recovery
  - From: Robert Moskowitz

References:
- [hipl-users] Re: Something is broken - Re: Re: Server HIp state loss recovery
  - From: Robert Moskowitz

[hipl-users] Re: Something is broken - Re: Re: Server HIp state loss recovery

Other related posts: