[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 03956) Re: UMIP-0.4 MN Tunnel Setup and Binding Update Failure



Dear Arnaud and Shinta,

Many thanks for your comments. It is indeed the problem of sa.conf. Now the problem has been solved and MN can now send BU successfully to HA. I got another question, is it true that MN and HA cannot ping each other when the tunnel is established? In my testbed, MN and HA are both reachable from other IPv6 nodes and can ping other IPv6 nodes. But they cannot ping each other.

Thanks again for your help.
Best regards,
Alex

On 10/2/07, Shinta Sugimoto <shinta@xxxxxxxxxxxxxx> wrote:
Hi,

A couple of comments/questions:

- As Arnaud mentioned, it would be helpful if you could send/report
your SA configuration (no need disclose your confidential information
such as keys etc.) to make sure that IPsec configuration is made
properly.  BTW, have you verified that everything works without IPsec
configuration? (if not, I recommend to do so first, then turn on
IPsec configuration)
- W.r.t the IPsec configuration, please try the following. The type of
IPsecPolicy called "TunnelMh" needs to be deprecated.  We will remove
it from the next version.

IPsecPolicySet {
    HomeAgentAddress 2001:5c0:8ffe::2;
    HomeAddress 2001:5c0:8ffe::5/64;

    IPsecPolicy Mh UseESP;
    IPsecPolicy TunnelHomeTesting UseESP;
                ^^^^^^^^^^^^^^^^^
}

Regards,
Shinta

On Mon, 1 Oct 2007 22:27:50 +0200
Alex < hhappy14@xxxxxxxxx> wrote:

> Dear all,
>
> I am currently using UMIP-0.4 and the up-to-date linux-2.6-mip6 kernel
> pulled from USAGI git server to do some experiments on Mobile IPv6. I
> assumed the kernel was already patched and I just modified the required
> fields in .config file and compiled the kernel successfully.
>
> I had a problem with UMIP-0.4 configuration at Mobile Node side. The MN
> failed to establish the tunnel with HA and can not send out Binding update.
> When I started the mip6d daemon, the program stopped at "mh_send: local CoA
> 2001:5c0:8fff:0:20d:56ff:fe72:244b" and there is a reported error message:
> mip6d[4191]: Interface 3 (sit0):type 776 unsupported. I also use #tcpdump -n
> ipv6 to monitor the ipv6 traffic at the access router of the foreign network
> and the result is there is no IPv6 traffic when mip6d is running. I am not
> quite sure what's the problem and how to solve it. I would appreciate if I
> can get some help from this mailing list so that I can setup the MN side
> correctly. Many thanks.
>
> Best regards,
> Alex
>
>
> You can find the detailed configuration files and mip6d log message below.
>
>
> ====== Detailed information of Mobile Node
> configuration=================================
> #uname -a
> Linux localhost.localdomain 2.6.23-rc3-g29fb3243-dirty #1 SMP Fri Sep 28
> 16:12:33 CEST 2007 i686 i686 i386 GNU/Linux
>
> =========================================================================
> # ./mninstall.sh start
> mip6d[4191]: MIPL Mobile IPv6 for Linux v2.0.2-umip-0.4 started (Mobile
> Node)
> Mon Oct  1 11:32:24 main: MIPL Mobile IPv6 for Linux started in debug mode,
> not detaching from terminal
> Mon Oct  1 11:32:24 conf_show: config_file = /home/alex/umip/mip6d.conf
> Mon Oct  1 11:32:24 conf_show: vt_hostname = localhost
> Mon Oct  1 11:32:24 conf_show: vt_service = 7777
> Mon Oct  1 11:32:24 conf_show: mip6_entity = 1
> Mon Oct  1 11:32:24 conf_show: debug_level = 10
> Mon Oct  1 11:32:24 conf_show: debug_log_file = stderr
> Mon Oct  1 11:32:24 conf_show: PolicyModulePath = [internal]
> Mon Oct  1 11:32:24 conf_show: DefaultBindingAclPolicy = 0
> Mon Oct  1 11:32:24 conf_show: NonVolatileBindingCache = disabled
> Mon Oct  1 11:32:24 conf_show: KeyMngMobCapability = disabled
> Mon Oct  1 11:32:24 conf_show: UseMnHaIPsec = enabled
> Mon Oct  1 11:32:24 conf_show: MnMaxHaBindingLife = 262140
> Mon Oct  1 11:32:24 conf_show: MnMaxCnBindingLife = 420
> Mon Oct  1 11:32:24 conf_show: MnRouterProbes = 1
> Mon Oct  1 11:32:24 conf_show: MnRouterProbeTimeout = 0.000000
> Mon Oct  1 11:32:24 conf_show: InitialBindackTimeoutFirstReg = 1.500000
> Mon Oct  1 11:32:24 conf_show: InitialBindackTimeoutReReg = 1.000000
> Mon Oct  1 11:32:24 conf_show: UseCnBuAck = enabled
> Mon Oct  1 11:32:24 conf_show: DoRouteOptimizationMN = enabled
> Mon Oct  1 11:32:24 conf_show: MnUseAllInterfaces = disabled
> Mon Oct  1 11:32:24 conf_show: MnDiscardHaParamProb = enabled
> Mon Oct  1 11:32:24 conf_show: SendMobPfxSols = enabled
> Mon Oct  1 11:32:24 conf_show: OptimisticHandoff = disabled
> Mon Oct  1 11:32:24 conf_show: SendMobPfxAdvs = enabled
> Mon Oct  1 11:32:24 conf_show: SendUnsolMobPfxAdvs = enabled
> Mon Oct  1 11:32:24 conf_show: MaxMobPfxAdvInterval = 86400
> Mon Oct  1 11:32:24 conf_show: MinMobPfxAdvInterval = 600
> Mon Oct  1 11:32:24 conf_show: HaMaxBindingLife = 262140
> Mon Oct  1 11:32:24 conf_show: DoRouteOptimizationCN = enabled
> Mon Oct  1 11:32:24 xfrm_cn_init: Adding policies and states for CN
> Mon Oct  1 11:32:24 xfrm_mn_init: Adding policies and states for MN
> Mon Oct  1 11:32:24 conf_home_addr_info: HoA address 2001:5c0:8ffe:0:0:0:0:5
> Mon Oct  1 11:32:24 conf_home_addr_info: HA address 2001:5c0:8ffe:0:0:0:0:2
> Mon Oct  1 11:32:24 __tunnel_add: created tunnel ip6tnl1 (5) from
> 2001:5c0:8ffe:0:0:0:0:5 to 2001:5c0:8ffe:0:0:0:0:2 user count 1
> Mon Oct  1 11:32:24 conf_home_addr_info: Home address
> 2001:5c0:8ffe:0:0:0:0:5
> Mon Oct  1 11:32:24 flag_hoa: set HoA 2001:5c0:8ffe:0:0:0:0:5/128 iif 5
> flags 12 preferred_time 4294967295 valid_time 4294967295
> Mon Oct  1 11:32:24 conf_home_addr_info: Added new home_addr_info
> successfully
> Mon Oct  1 11:32:24 __md_discover_router: discover link on iface eth0 (2)
> mip6d[4191]: Interface 3 (sit0):type 776 unsupported
> Mon Oct  1 11:32:24 md_change_default_router: add new router
> fe80:0:0:0:213:10ff:fe92:bfcb on interface eth0 (2)
> Mon Oct  1 11:32:24 md_update_router_stats: add coa
> 2001:5c0:8fff:0:20d:56ff:fe72:244b on interface (2)
> Mon Oct  1 11:32:24 mn_move: 1578
> Mon Oct  1 11:32:24 mn_move: in foreign net
> Mon Oct  1 11:32:24 mn_block_rule_add: blackhole is already set.
> Mon Oct  1 11:32:24 mn_send_home_bu: 725
> Mon Oct  1 11:32:24 mn_get_home_lifetime: CoA lifetime 2591999 s, HoA
> lifetime 4294967295 s, BU lifetime 262140 s
> Mon Oct  1 11:32:24 mn_ro_pol_add: Adding default RO triggering policies for
> all Correspondent Nodes
> Mon Oct  1 11:32:24 process_first_home_bu: New bule for HA
> Mon Oct  1 11:32:24 bul_add: Adding bule
> == BUL_ENTRY ==
> Home address    2001:5c0:8ffe:0:0:0:0:5
> Care-of address 2001:5c0:8fff:0:20d:56ff:fe72:244b
> CN address      2001:5c0:8ffe:0:0:0:0:2
>  lifetime = 262140,  delay = 1500
>  flags: IP6_MH_BU_HOME IP6_MH_BU_ACK
> Mon Oct  1 11:32:24 mn_send_home_bu: New bule for HA
> Mon Oct  1 11:32:24 mh_send: sending MH type 5
> from 2001:5c0:8ffe:0:0:0:0:5
> to 2001:5c0:8ffe:0:0:0:0:2
> Mon Oct  1 11:32:24 mh_send: local CoA 2001:5c0:8fff:0:20d:56ff:fe72:244b
> ===================================================================================
>
> #ifconfig
> eth0      Link encap:Ethernet  HWaddr 00:0D:56:72:24:4B
>           inet addr:192.168.1.105  Bcast:192.168.1.255   Mask: 255.255.255.0
>           inet6 addr: fe80::20d:56ff:fe72:244b/64 Scope:Link
>           inet6 addr: 2001:5c0:8fff:0:20d:56ff:fe72:244b/64 Scope:Global
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:10 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:1127 ( 1.1 KiB)  TX bytes:7506 ( 7.3 KiB)
>           Interrupt:17
>
> ip6tnl1   Link encap:UNSPEC  HWaddr
> 20-01-05-C0-8F-FE-00-00-00-00-00-00-00-00-00-00
>           inet6 addr: 2001:5c0:8ffe::5/128 Scope:Global
>           inet6 addr: fe80::20d:56ff:fe72:244b/64 Scope:Link
>           UP POINTOPOINT RUNNING NOARP  MTU:1460  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1   Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:2060 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:2060 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:2444020 (2.3 MiB)  TX bytes:2444020 (2.3 MiB)
>
> ======================== mninstall.sh file
> =======================================
> #!/bin/sh
> set -e
>
> case "$1" in
>     start)
>         setkey -f /home/alex/umip/sa_setkey.conf
>         mip6d -c /home/alex/umip/mip6d.conf
>         echo "Starting MIPv6 MN."
>         ;;
>     stop)
>         killall mip6d
>         echo "Stopping MIPv6 MN."
>         ;;
> esac
> exit 0
> =========================mip6d.conf=======================================
> # This is an example of mip6d Mobile Node configuration file
>
> NodeConfig MN;
>
> ## If set to > 0, will not detach from tty
> DebugLevel 10;
>
> ## Support route optimization with other MNs
> DoRouteOptimizationCN enabled;
>
> ## Use route optimization with CNs
> DoRouteOptimizationMN enabled;
>
> UseCnBuAck enabled;
>
> MnDiscardHaParamProb enabled;
>
> Interface "eth0";
>
> MnRouterProbes 1;
>
> MnHomeLink "eth0" {
>     HomeAgentAddress 2001:5c0:8ffe::2;
>     HomeAddress 2001:5c0:8ffe::5/64;
>
>     #        address            opt.
>     #MnRoPolicy     3ffe:2060:6:1::3    enabled;
>     #MnRoPolicy                disabled;
> }
>
> ##
> ## IPsec configuration
> ##
>
> UseMnHaIPsec enabled;
>
> ## Key Management Mobility Capability
> KeyMngMobCapability disabled;
>
> IPsecPolicySet {
>     HomeAgentAddress 2001:5c0:8ffe::2;
>     HomeAddress 2001:5c0:8ffe::5/64;
>
>     IPsecPolicy Mh UseESP;
>     IPsecPolicy TunnelMh UseESP;
> }