[support] How to prevent routing header option from being used

Millar, Brian H. brian.millar at ngc.com
Sat Oct 11 03:25:59 JST 2008 

Romain,

Ok, I've figured out how to make it work. It doesn't exactly match the
NEPL How To though.

My Home link was 2201:3:6:0::/56
My MR link was 2201:3:6:200::/56
MR Home Address is 2201:3:6::20.
This normally works fine.

When I added your patches I got a status 132, which usually means I
messed up the config.

I then changed my HaServedPrefix to 2201:3:6::/48, and then it works. 

When I try to initiate a connection from the MR now it takes about 10
seconds before the HA responds to the syn packet. The tcpdump shows my
packet going back through the tunnel, just a bit delayed.

Would you expect this configuration change be required?
I've read where people have identified both types of addressing schemes
for NEMOv6, but haven't found a preference for one over the other until
now.

Here's the HA log when it's broken. Looks similar to a working log until
I get to the status 132. This dump was taken with the last argument
corrected to 0.

This same configuration works without these patches in, so I don't
usually see the 132 status.

Thanks
Brian

mip6d[1545]: MIPL Mobile IPv6 for Linux v2.0.2-umip-0.4 started (Home
Agent)
Fri Oct 10 11:53:06 main: MIPL Mobile IPv6 for Linux started in debug
mode, not detaching from terminal
Fri Oct 10 11:53:06 conf_show: config_file = /etc/mip6d-mcoa.conf
Fri Oct 10 11:53:06 conf_show: mip6_entity = 2
Fri Oct 10 11:53:06 conf_show: debug_level = 10
Fri Oct 10 11:53:06 conf_show: debug_log_file = stderr
Fri Oct 10 11:53:06 conf_show: PolicyModulePath = [internal]
Fri Oct 10 11:53:06 conf_show: DefaultBindingAclPolicy = 129
Fri Oct 10 11:53:06 conf_show: NonVolatileBindingCache = disabled
Fri Oct 10 11:53:06 conf_show: KeyMngMobCapability = disabled
Fri Oct 10 11:53:06 conf_show: UseMnHaIPsec = disabled
Fri Oct 10 11:53:06 conf_show: MnMaxHaBindingLife = 262140
Fri Oct 10 11:53:06 conf_show: MnMaxCnBindingLife = 420
Fri Oct 10 11:53:06 conf_show: MnRouterProbes = 0
Fri Oct 10 11:53:06 conf_show: MnRouterProbeTimeout = 0.000000
Fri Oct 10 11:53:06 conf_show: InitialBindackTimeoutFirstReg = 1.500000
Fri Oct 10 11:53:06 conf_show: InitialBindackTimeoutReReg = 1.000000
Fri Oct 10 11:53:06 conf_show: UseCnBuAck = disabled
Fri Oct 10 11:53:06 conf_show: DoRouteOptimizationMN = enabled
Fri Oct 10 11:53:06 conf_show: MnUseAllInterfaces = disabled
Fri Oct 10 11:53:06 conf_show: MnDiscardHaParamProb = disabled
Fri Oct 10 11:53:06 conf_show: SendMobPfxSols = enabled
Fri Oct 10 11:53:06 conf_show: OptimisticHandoff = disabled
Fri Oct 10 11:53:06 conf_show: MobRtrUseExplicitMode = enabled
Fri Oct 10 11:53:06 conf_show: SendMobPfxAdvs = enabled
Fri Oct 10 11:53:06 conf_show: SendUnsolMobPfxAdvs = enabled
Fri Oct 10 11:53:06 conf_show: MaxMobPfxAdvInterval = 86400
Fri Oct 10 11:53:06 conf_show: MinMobPfxAdvInterval = 600
Fri Oct 10 11:53:06 conf_show: HaMaxBindingLife = 262140
Fri Oct 10 11:53:06 conf_show: HaAcceptMobRtr = enabled
Fri Oct 10 11:53:06 conf_show: HaAcceptMCoAReg = enabled
Fri Oct 10 11:53:06 conf_show: DoRouteOptimizationCN = enabled
Fri Oct 10 11:53:06 xfrm_cn_init: Adding policies and states for CN
Fri Oct 10 11:53:07 xfrm_ha_init: Adding policies and states for HA
Fri Oct 10 11:53:07 ha_if_addr_setup: Joined anycast group
2201:3:6:ff:ffff:ffff:ffff:fffe on iface 2
Fri Oct 10 11:53:09 mh_bu_parse: Binding Update Received
Fri Oct 10 11:53:09 ha_recv_bu_worker: BUI option, and HA is configured
for MCoA.
Fri Oct 10 11:53:09 ha_recv_bu_worker: BID = 100, Priority = 10
Fri Oct 10 11:53:09 mh_send_ba: status 132
Fri Oct 10 11:53:09 mh_create_opt_bid: BUI sub-option created with BID =
100 and priority 10
Fri Oct 10 11:53:09 mh_try_pad: Added 6 bytes for padding
Fri Oct 10 11:53:09 mh_send: sending MH type 6
from 2201:3:6:0:0:0:0:2
to 2201:3:6:0:0:0:0:20
Fri Oct 10 11:53:09 mh_send: remote CoA 2208:3:2:0:230:64ff:fe04:c9d4
 

-----Original Message-----
From: support-bounces at ml.nautilus6.org
[mailto:support-bounces at ml.nautilus6.org] On Behalf Of Romain KUNTZ
Sent: Friday, October 10, 2008 10:19 AM
To: Support ML
Subject: Re: [support] How to prevent routing header option from being
used

Hi Brian,

On 2008/10/10, at 0:37, Millar, Brian H. wrote:
> I tried the suggestions you had below, but they resulted in the MR 
> complaining that the HA is unable to handle the binding.

Could you post the HA logs please? I suspect the HA not to be able to
install the policies which result in rejecting the BU.

> I've tried a couple of different combinations of the code snippets 
> below and they all resulted in similar errors.
>
> Also, I am running with the MCoA patches in, and did notice that some 
> the code changes you suggested did included mcoa references.

Note that if you run with the MCoA patches and use MCoA, then packets
are supposed to be always reverse-tunneled.

> I created the following patch, and tried to change both things you 
> suggested and also tried just your first suggestion.

I cannot test it on my testbed at the moment, as I'm quite busy for
others things. But I have posted some comments inline below, pleae have
a look. Also, if you post the HA logs, I may be able to guide you.

> diff -Naur mipv6-daemon-umip-0.4/src/xfrm.c 
> mipv6-daemon-umip-0.4-ForceRevTun/src/xfrm.c
> --- mipv6-daemon-umip-0.4/src/xfrm.c	2008-09-25 12:14:44.000000000
> -0400
> +++ mipv6-daemon-umip-0.4-ForceRevTun/src/xfrm.c	2008-10-08
> 08:29:21.000000000 -0400
> @@ -1513,11 +1513,18 @@
> 	struct xfrm_selector sel;
>
> 	/* MN - CN case data out & in */
> -	create_rh_tmpl(&tmpl);
> +/* ForceRevTun patch 10/8/2009
> +*	create_rh_tmpl(&tmpl);
> +*	set_selector(peer_addr, our_addr, 0, 0, 0, 0, &sel);
> +*	if (xfrm_mip_policy_add(&sel, replace, XFRM_POLICY_OUT,
> XFRM_POLICY_ALLOW,
> +*				MIP6_PRIO_RO_BCE_DATA, &tmpl, 1))
> +*		return -1;
> + */
> 	set_selector(peer_addr, our_addr, 0, 0, 0, 0, &sel);
> 	if (xfrm_mip_policy_add(&sel, replace, XFRM_POLICY_OUT, 
> XFRM_POLICY_ALLOW,
> -				MIP6_PRIO_RO_BCE_DATA, &tmpl, 1))
> +				MIP6_PRIO_RO_BCE_DATA, NULL, 1))

This should be 0 instead of 1 here in the last argument of the function.
This number tells how many templates are in "tmpl", but as you give
"NULL" as argument, you must set this number to 0.

Cheers,
romain
_______________________________________________
Support mailing list
Support at ml.nautilus6.org
http://ml.nautilus6.org/mailman/listinfo/support

More information about the Support mailing list