HIPL

Handshake

Asked by Abinaya

Hi
I got a few doubts. pls see below. I got these results from wireshark. Can you please tell me what are the 5,6,7 packets after the handshake and before the data packet. Are they part of handshaking?

1 0.000000 192.168.0.102 192.168.0.101 HIP HIP I1 (HIP Initiator Packet)
Time delta from previous captured frame: 0.000000000 seconds

2 0.000804 192.168.0.101 192.168.0.102 HIP HIP R1 (HIP Responder Packet)
Time delta from previous captured frame: 0.000804000 seconds

3 0.029545 192.168.0.102 192.168.0.101 HIP HIP I2 (Second HIP Initiator Packet)
Time delta from previous captured frame: 0.028741000 seconds

4 0.050490 192.168.0.101 192.168.0.102 HIP HIP R2 (Second HIP Responder Packet)
Time delta from previous captured frame: 0.020945000 seconds

5 0.050581 192.168.0.101 192.168.0.102 UDP Source port: hip-nat-t Destination port: hip-nat-t
Time delta from previous captured frame: 0.000091000 seconds

6 3.007378 192.168.0.102 192.168.0.101 UDP Source port: hip-nat-t Destination port: hip-nat-t
Time delta from previous captured frame: 2.956797000 seconds

7 3.009717 192.168.0.101 192.168.0.102 UDP Source port: hip-nat-t Destination port: hip-nat-t
Time delta from previous captured frame: 0.002339000 seconds

8 3.009717 2001:1a:d6e7:6916:1ec6:cef2:bfea:adc4 2001:1f:cd08:3391:32aa:3e9d:1eb:6f90 TCP commplex-link > 55132 [SYN, ACK] Seq=0 Ack=0 Win=5272 Len=0 MSS=1330 SACK_PERM=1 TSV=4001976 TSER=4082752 WS=6
Time delta from previous captured frame: 0.000000000 seconds

Question information

Language:
English Edit question
Status:
Answered
For:
HIPL Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Miika Komu (miika-iki) said : 		#1

They might be ICMPv6 request and response inside the tunnel. They are controlled by:

hipconf heartbeat <seconds> (0 seconds means off)

You can permanently deactivate it also from /etc/hip/hipd_config.

Revision history for this message
changyou xing (chyouxing) said : 		#2

When configuring HIPL using IPv4, I see the same problem, and all packets are tunneled with UDP. Could somebody tell me why, and how to use IPsec ESP just like using IPv6? Thank you!

Revision history for this message
Miika Komu (miika-iki) said : 		#3

The packets are ICMPv6 messages, I told already how to disable this fault-tolerance feature. The last packet is captured inside the tunnel.

You can temporarily disable UDP encapsulation with "hipconf nat none" or permanently by adding "nat none" to /etc/hip/hipd_config (requires hipd restart).

P.S. Please note that upstream versions of HIPL include changes in configuration file names!

Can you help with this problem?

Provide an answer of your own, or ask Abinaya for more information if necessary.

To post a message you must log in.