[hipl-users] Re: Unsure about correct usage of HITs and dummy0 interface
- From: Miika Komu <miika@xxxxxx>
- To: hipl-users@xxxxxxxxxxxxx
- Date: Wed, 3 May 2006 14:06:08 +0300 (EEST)
On Fri, 28 Apr 2006, Stephen Herborn wrote:
Stephen, thanks for your report. However, I could not find information how
you tried running the test applications (hipconf and ping6 in this case).
Stephen (and Andrey too), can you try the attached script? It is also
available from hipl--main--2.6--patch-114. The script goes through all of
the src and dst HIT pairs and tries to ping6 them. The script can be used
as follows:
Usage: test/pingtest.sh <DST_IP> <DST_HIT1> [DST_HIT2] [..DST_HIT_N]
The source HITs are determined automatically.
When running your tests with ping6, did you notice that you actually have
to add four mappings with hipconf if you want cycly through all of the HIT
pair combinations?
Earlier, the hip daemon made an academic guess of the source HIT that the
application was going to use. The current code uses a "brute force" method
guarantee that the application is going to succeed always. When adding a
HIT-IP mapping, four hadb entries are actually created (for each source
HIT).
The most elegant way of doing this would be to have a pair of HIT prefix /
8 based, generic security policies. These would be used for triggering
base exchange. The elegance of this approach comes from the fact that we
know the source HIT for the application when the base exchange is
triggered, so we can insert only a single, HIT/128 specific SP pair
instead of the four. See also:
http://hipl.hiit.fi/bugzilla/show_bug.cgi?id=98
The selection of src and dst HITs by the hip daemon is still unpredictable
after the patch. We performed tests by first initiating base exchange from
crash to oops and trying to ping from crash to oops using every combination
of src and dst HITS, then we repeated this in the opposite direction from
oops to crash.
I have attached a tar file of the results of our testing (containing the hipd
output for both oops and crash). Im not sure if this mailing list allows
attachments, so if this mail is rejected I will try to paste all the files in
as text.
\steve
Miika Komu wrote:
On Wed, 26 Apr 2006, Stephen Herborn wrote:
Is there any way to tell the hip daemon which HITs it should use to
communicate with the HITs of other hosts, in order to avoid this
mismatching? Could it be to do with the order of the entries in
/etc/hip/hosts?
The reason for this problem was that the userspace application ended up in
selecting a different HIT than hipd. I fixed this problem properly in
hipl--main--2.6--patch-110. Have a go with that version and please report
if it was successful?
--
Miika Komu miika@xxxxxx http://www.iki.fi/miika/
#!/bin/sh
PATH="$PATH:$PWD../tools:$PWD:$PWD/tools"
IFACE=dummy0
PREFIX="inet6 11"
SRC_HITS=`ip addr show $IFACE|grep "$PREFIX"|cut -d" " -f6|cut -d"/" -f1|tr
'\n' ' '`
DST_IP=$1; shift
DST_HITS=$@
ROUND=1
echo "Usage: $0 <DST_IP> <DST_HIT1> [DST_HIT2] [..DST_HIT_N]"
echo ""
echo "src HITs: $SRC_HITS"
echo ""
echo "dst HITs: $DST_HITS"
echo ""
echo "dst IP: $DST_IP"
echo ""
for DST_HIT in $DST_HITS
do
hipconf add map $DST_HIT $DST_IP
for SRC_HIT in $SRC_HITS
do
echo "--- Round $ROUND ---"
ping6 -c 4 -I $SRC_HIT $DST_HIT
ROUND=`echo $ROUND + 1|bc`
done
done
Other related posts:
