AYIYA tunnel not starting properly
Shadow Hawkins on Wednesday, 19 November 2014 11:31:54
When I try starting the tunnel I get this on the CLI:
sock_getline() : "200 SixXS TIC Service on usqas01.sixxs.net ready (http://www.sixxs.net)"
sock_printf() : "client TIC/draft-00 AICCU/2007.01.15-console-linux Linux/3.17.3-1-ARCH"
sock_getline() : "200 Client Identity accepted"
sock_printf() : "get unixtime"
sock_getline() : "200 1416395271"
sock_printf() : "starttls"
sock_getline() : "200 Go ahead, we are now talking securely"
TLS Handshake completed successfully
sock_printf() : "username ***"
sock_getline() : "200 *** choose your authentication challenge please"
sock_printf() : "challenge md5"
sock_getline() : "200 ***"
sock_printf() : "authenticate md5 ***"
sock_getline() : "200 Successfully logged in using md5 as ***"
sock_printf() : "tunnel list"
sock_getline() : "201 Listing tunnels"
sock_getline() : "T158073 2001:15c0:65ff:812::2 ayiya simbx01"
sock_getline() : "202 <tunnel_id> <ipv6_endpoint> <ipv4_endpoint> <pop_name>"
sock_printf() : "tunnel show T158073"
sock_getline() : "201 Showing tunnel information for T158073"
sock_getline() : "TunnelId: T158073"
sock_getline() : "Type: ayiya"
sock_getline() : "IPv6 Endpoint: 2001:15c0:65ff:812::2"
sock_getline() : "IPv6 POP: 2001:15c0:65ff:812::1"
sock_getline() : "IPv6 PrefixLength: 64"
sock_getline() : "Tunnel MTU: 1280"
sock_getline() : "Tunnel Name: Mobile IPv6"
sock_getline() : "POP Id: simbx01"
sock_getline() : "IPv4 Endpoint: ayiya"
sock_getline() : "IPv4 POP: 212.18.63.73"
sock_getline() : "UserState: enabled"
sock_getline() : "AdminState: enabled"
sock_getline() : "Password: ***"
sock_getline() : "Heartbeat_Interval: 60"
sock_getline() : "202 Done"
Successfully retrieved tunnel information for T158073
sock_printf() : "QUIT Stranded"
Tunnel Information for T158073:
POP Id : simbx01
IPv6 Local : 2001:15c0:65ff:812::2/64
IPv6 Remote : 2001:15c0:65ff:812::1/64
Tunnel Type : ayiya
Adminstate : enabled
Userstate : enabled
RTNETLINK answers: Permission denied
RTNETLINK answers: No route to host
[AYIYA-start] : Anything in Anything (draft-02)
[AYIYA-tun->tundev] : (Socket to TUN) started
And the respective interfaces look like this:
4: sit0: <NOARP> mtu 1480 qdisc noop state DOWN group default
link/sit 0.0.0.0 brd 0.0.0.0
16: sixxs: <POINTOPOINT,MULTICAST,NOARP> mtu 1280 qdisc fq_codel state DOWN group default qlen 500
link/none
I installed radvd, as suggested by the Arch wiki, but those RTNETLINK messages remain. Any hints?
AYIYA tunnel not starting properly
Jeroen Massar on Wednesday, 19 November 2014 11:40:16 RTNETLINK answers: Permission denied RTNETLINK answers: No route to host
That could mean a firewalling issue or if you have some kind of security framework also a security filter.
Anything special that you have configured on your host?
16: sixxs: <POINTOPOINT,MULTICAST,NOARP> mtu 1280 qdisc fq_codel state DOWN group default qlen 500
That interface does not get marked 'up'. Are there any addresses on it?
Likely not, because of the above RTNETLINK errors.
AYIYA tunnel not starting properly
Shadow Hawkins on Wednesday, 19 November 2014 12:39:15
Jeroen Massar wrote:
> RTNETLINK answers: Permission denied
Nope. The router's firewall is configured as follows:
RTNETLINK answers: No route to host
That could mean a firewalling issue or if you have some kind of security framework also a security filter.
Anything special that you have configured on your host?config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config forwarding
option src 'lan'
option dest 'wan'
So outgoing traffic isn't firewalled at all. I don't know of any requirements for incoming traffic in this context.
> 16: sixxs: <POINTOPOINT,MULTICAST,NOARP> mtu 1280 qdisc fq_codel state DOWN group default qlen 500
That interface does not get marked 'up'. Are there any addresses on it?
Likely not, because of the above RTNETLINK errors.
Nope. When I manually set it UP I get:
16: sixxs: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
Also that "Permission denied" confuses me as of course the command is run as root.
AYIYA tunnel not starting properly
Jeroen Massar on Wednesday, 19 November 2014 12:44:29 RTNETLINK answers: Permission denied RTNETLINK answers: No route to host That could mean a firewalling issue or if you have some kind of security framework also a security filter. > Anything special that you have configured on your host? Nope.
You mean "Yep". REJECT and syn_flood options do not sound like standard options.
Looks also like that is an OpenWRT variant of a configuration file.
You might want to check with a 'iptables' and 'ip6tables' what the exact rules it is their mess generates.
Also that "Permission denied" confuses me as of course the command is run as root.
Can happen for a variety of reasons. One of them might be that you do not have IPv6 enabled or that some 'security feature' is blocking access to those commands.
You might want to check if your kernel has IPv6 support and what kind of standard things are working (eg, 'ip -6 addr show' and 'ip -6 ro show' should show link-local addresses).
Also check the big "Problems Checklist" on the contact page for a list of things to check and show in forum posts if you want further help.
Posting is only allowed when you are logged in. |