Hi, On 05/28/2012 11:20 AM, Nerea Toledo Gandarias wrote:
Hi, we are facing some problems with the HIPL release 1.0.7. We have two PCs with ubuntu 10.04 running on a 2.6.32-38 kernel. We have installed HIPL through compilation.
I assume that you're running precise, right? It appears that there has been some changes in Precise related to DNS.
In the /etc/hosts file of the initiator (crash) we have the following: HIT_de_oops oops ipv6_de_oops oops In both hosts, we have the demon running, but the firewall and the dns are shutted down. If we do the following in oops nc6 -l -p 1111 and in crash nc6 oops 1111
you can try with -v option to get verbose output and you'll notice that nc6 did not select a HIT.
we can see using the wireshark that the HIP association is established correctly, but the application (netcat) establishes the TCP session before the HIP association is established, that is, it does not wait to HIP. Then, we have seen that the data goes in clear over the TCP connection, instead of going through ESP. We do see ESP traffic, but it belongs to ICMPv6 pings in both directions.
Was the HIP association really related to connection you're trying to establish? Hipd creates automatically another association with our our DNS server. Check "hipconf daemon get ha all" output.
("hipconf daemon rst all" might be useful as well)
On the other hand, if we do nc6 HIT_de_crash 1111 instead of nc6 crash 1111, it works perfectly. Why can this be?
I can repeat this problem. I noticed that it does not repeat when using IPv4 locators. As another workaround, you can store the locator mapping only in hipd_config (daemon add map HIT IP) and have only the HIT in hosts files (requires restarting hipd).
I have a deadline on 2th of July and I cannot contribute a proper fix to this problem before this, sorry.