HIPL

unable to connect to address

Asked by Abinaya

I tried to connect two hosts using virtual machines. I use Fedora. I installed HIP successfully.
I followed http://infrahip.hiit.fi/hipl/manual/HOWTO.html#ch_prebuilt to connect using IPv6.
One host i executed
ifconfig eth0 inet6 add 3ffe::2/64
hipd #
nc6 -l -p 1111

In the other i added in/etc/hosts
HIT_OF_Abinaya HITvalue
3ffe::2 Abinaya

and executed
ifconfig eth0 inet6 add 3ffe::1/64
hipd
nc6 Abinaya 1111

I got the error
nc6: unable to connect to address Abinaya, service 1111.

Should i make any changes to /etc/hip/firewall.conf?

Can someone help me?

Question information

Language:
English Edit question
Status:
Solved
For:
HIPL Edit question
Assignee:
No assignee Edit question
Solved by:
Abinaya
Solved:
Last query:
Last reply:
Revision history for this message
Miika Komu (miika-iki) said : 		#1

What does "host Abinaya" give you at the other host?

What does "hipconf get ha all" tell you?

Are you running the DNS proxy?

Did you try to ping6 the HIT directly?

Revision history for this message
Abinaya (abeenaya) said : 		#2

Ran the DNS proxy but the output is as follows.
[root@Abinaya ~]# hipdnsproxy
Dns proxy for HIP started
Port 53 occupied, falling back to port 60600
Dnsmasq-resolvconf installation detected
DNS server is 127.0.0.53

dnsmasq: failed to create listening socket: Address already in use
Hooked with dnsmasq
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf

[root@Abinaya2 ~]# hipdnsproxy
Dns proxy for HIP started
Port 53 occupied, falling back to port 60600
Dnsmasq-resolvconf installation detected
DNS server is 127.0.0.53

dnsmasq: failed to create listening socket: Address already in use
Hooked with dnsmasq
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf

When i tried to connect using IPv6:
[root@Abinaya ~]# ifconfig eth0 inet6 add 3ffe::2/64
[root@Abinaya ~]# hipd #
info(hipd/hipd.c:350@hipd_main): hipd pid=2041 starting
error(lib/core/filemanip.c:92@hip_create_lock_file):
HIP daemon already running with pid 906
Give: -k option to kill old daemon.
[root@Abinaya ~]# nc6 -l -p 12345

[root@Abinaya2 ~]# ifconfig eth0 inet6 add 3ffe::1/64
[root@Abinaya2 ~]# hipd
info(hipd/hipd.c:350@hipd_main): hipd pid=1954 starting
error(lib/core/filemanip.c:92@hip_create_lock_file):
HIP daemon already running with pid 905
Give: -k option to kill old daemon.
[root@Abinaya2 ~]# nc6 Abinaya 12345
nc6: unable to connect to address Abinaya, service 12345
[root@Abinaya2 ~]#

"hipconf get ha all"
[root@Abinaya ~]# hipconf get ha all
Sending user message 22 to HIPD on socket 3
Sent 40 bytes
Waiting to receive daemon info.
40 bytes received from HIP daemon

[root@Abinaya2 ~]# hipconf get ha all
Sending user message 22 to HIPD on socket 3
Sent 40 bytes
Waiting to receive daemon info.
40 bytes received from HIP daemon

[root@Abinaya ~]# ping6 2001:1d:42e1:b475:f160:4283:a1a6:20f5
PING 2001:1d:42e1:b475:f160:4283:a1a6:20f5(2001:1d:42e1:b475:f160:4283:a1a6:20f5) 56 data bytes

--- 2001:1d:42e1:b475:f160:4283:a1a6:20f5 ping statistics ---
68 packets transmitted, 0 received, 100% packet loss, time 67086ms
[root@Abinaya ~]

Revision history for this message
Miika Komu (miika-iki) said : 		#3

What is the output of "host abinaya" ?

Revision history for this message
Abinaya (abeenaya) said : 		#4

There was no output from host Abinaya after
nc6 -l -p 12345

[root@Abinaya ~]# ifconfig eth0 inet6 add 3ffe::2/64
[root@Abinaya ~]# hipd #
info(hipd/hipd.c:350@hipd_main): hipd pid=2041 starting
error(lib/core/filemanip.c:92@hip_create_lock_file):
HIP daemon already running with pid 906
Give: -k option to kill old daemon.
[root@Abinaya ~]# nc6 -l -p 12345

Revision history for this message
Miika Komu (miika-iki) said : 		#5

Please try to check if you DNS configuration is still working before *and* after starting DNS proxy. Also, there's no need to start the daemons manually. Use the prebuilt binaries or build your own:

wget http://hipl.hiit.fi/hipl/hipl.tar.gz
cd hipl
<install the rpm/deb dependencies as instructed in the beginning of the INSTALL file>
autoreconf --install
./configure
make bin
<install the binaries, libraries first>

Did you notice that you had already hipd running when you started it manually? Did you read the output:

[root@Abinaya ~]# hipd #
info(hipd/hipd.c:350@hipd_main): hipd pid=2041 starting
error(lib/core/filemanip.c:92@hip_create_lock_file):
HIP daemon already running with pid 906
Give: -k option to kill old daemon.

I believe the same applies to DNS proxy. So, you may have tried to chain two DNS proxies, which may result in a non-working DNS configuration. Run "ps axu|grep dnsproxy" and "kill <pid>" the DNS proxies and "dhclient eth0" to reset the configuration. Alternative, you can just reboot.

So please don't install binaries and then try to start the same daemons again manually. With the binaries, you can control (start/stop/restart) the daemons with /etc/init.d/ scripts.

Revision history for this message
Abinaya (abeenaya) said : 		#6

I rebooted and still have the same problem with the DNS proxy and still i dont get connection between the hosts. Is it due to ISC bind? When i gave dig -x 127.0.0.1 I got DNS Server as 127.0.0.53. This is the same as HIP DNS proxy as i read in chapter 5 http://infrahip.hiit.fi/hipl/manual/HOWTO.html#sec_name_lookup

[root@Abinaya2 ~]# hipdnsproxy
Dns proxy for HIP started
Port 53 occupied, falling back to port 60600
Dnsmasq-resolvconf installation detected
DNS server is 127.0.0.53

dnsmasq: failed to create listening socket: Address already in use
Hooked with dnsmasq
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf
DNS server is 127.0.0.53
Rewrote resolv.conf

Revision history for this message
Miika Komu (miika-iki) said : 		#7

Please give me the following output:
* netstat -tanup|grep :53
* ps axu|grep dns
* rpm -qa|grep dns

Revision history for this message
Miika Komu (miika-iki) said : 		#8

Are you really running Bind on the same host? Did you read the section that you cited carefully:

The DNS proxy does not yet autodetect other DNS related software running on the same host. For example, it needs some help with ISC bind. You should associate bind explicitly with the IP addresses (or HITs) you want to use. The DNS proxy occupies IP address 127.0.0.53 and as long as bind uses different IP address than DNS proxy, both can co-exist on the same host.

You'll need the --ip flag for DNS proxy. I recommend the following method on Redhat-based systems:

Add a /etc/sysconfig/hipdnsproxy file :
OPTIONS="-bk --ip 127.0.0.53"
And then /etc/init.d/hipdnsproxy restart
<you may want to reinitialize network interfaces as well>

On Ubuntu the same, but the file is different (/etc/default/hipdnsproxy).

Sorry that this took so long.

Revision history for this message
Miika Komu (miika-iki) said : 		#9

Also, please make sure that you understand the sequence of DNS resolution. With a DNS proxy only installation, it is as follows:

1. Application -> dnsproxy:53 -> DNS

With dnsmasq it is as follows:

2. Application -> dnsmasq:53 -> dnsproxy:60600 -> DNS

While you do the same for a bind configuration (by modifying bind config files), but better to use separate IP addresses:

3. Application -> bind:<public-ip>:53 -> dnsproxy:127.0.0.53:53 -> DNS

Remember that the case with bind consists of two cases:

i. A local query from inside the host running bind (should be processed by DNS proxy)
ii. A remote query to bind (should *not* be processed by DNS proxy) for a couple of reasons.

Instruction 3 meets requirements i and ii.

Revision history for this message
Abinaya (abeenaya) said : 		#10

Thank u