SixXS::Sunset 2017-06-06

Ticket ID: SIXXS #1226415
Ticket Status: User

PoP: plpoz01 - Poznan Supercomputing and Networking Center (Poznan)

Heartbeat tunnel not working
[pl] Carmen Sandiego on Sunday, 11 October 2009 12:52:00
Hello. Aiccu sets up heartbeat tunnel to plpoz01.sixxs.net, but it's not working. When trying to ping PoP endpoint sniffer shows the following:
12:45:46.681644 IP 212.122.215.145 > 150.254.166.147: IP6 2001:808:100:1f::2 > 2001:808:100:1f::1: ICMP6, echo request, seq 1, length 64 12:45:46.710957 IP 150.254.166.147 > 212.122.215.145: ICMP 150.254.166.147 protocol 41 port 0 unreachable, length 132 12:45:47.682351 IP 212.122.215.145 > 150.254.166.147: IP6 2001:808:100:1f::2 > 2001:808:100:1f::1: ICMP6, echo request, seq 2, length 64 12:45:47.700844 IP 150.254.166.147 > 212.122.215.145: ICMP 150.254.166.147 protocol 41 port 0 unreachable, length 132
Trying to ping from outside:
PING 2001:808:100:1f::2(2001:808:100:1f::2) 56 data bytes From 2001:808::207:e9ff:fed4:1a1b icmp_seq=1 Destination unreachable: No route
Connection data:
Tunnel Information for T23201: POP Id : plpoz01 IPv6 Local : 2001:808:100:1f::2/64 IPv6 Remote : 2001:808:100:1f::1/64 Tunnel Type : 6in4-heartbeat Adminstate : enabled Userstate : enabled
State change: user Locked
[ch] Jeroen Massar SixXS Staff on Sunday, 11 October 2009 16:20:58
Message is Locked
The state of this ticket has been changed to user
Heartbeat tunnel not working
[ch] Jeroen Massar SixXS Staff on Sunday, 11 October 2009 16:22:37
12:45:46.681644 IP 212.122.215.145 > 150.254.166.147: IP6 2001:808:100:1f::2 > 2001:808:100:1f::1: ICMP6, echo request, seq 1, length 64
12:45:46.710957 IP 150.254.166.147 > 212.122.215.145: ICMP 150.254.166.147 protocol 41 port 0 unreachable, length 132
Which is exactly what you will see when your host is not sending any heartbeats. The PoP also reports that it did not see any valid heartbeat packets yet.
Aiccu sets up heartbeat tunnel to plpoz01.sixxs.net
Please elaborate kon that part and provide the details as requested in that big orange box.
Connection data:
Those are just the settings, doesn't say anything about anything.
Heartbeat tunnel not working
[pl] Carmen Sandiego on Sunday, 11 October 2009 22:29:15
12:45:46.681644 IP 212.122.215.145 > 150.254.166.147: IP6 2001:808:100:1f::2 > 2001:808:100:1f::1: ICMP6, echo request, seq 1, length 64
12:45:46.710957 IP 150.254.166.147 > 212.122.215.145: ICMP 150.254.166.147 protocol 41 port 0 unreachable, length 132
Which is exactly what you will see when your host is not sending any heartbeats. The PoP also reports that it did not see any valid heartbeat packets yet.
Firewall disabled and I see (on the next router) packets like this: 22:15:28.774755 IP 212.122.215.145.39590 > 150.254.166.147.3740: UDP, length 86 0x0000: 4500 0072 68d2 4000 4011 e80a d47a d791 E..rh.@.@....z.. 0x0010: 96fe a693 9aa6 0e9c 005e 7933 4845 4152 .........^y3HEAR 0x0020: 5442 4541 5420 5455 4e4e 454c 2032 3030 TBEAT.TUNNEL.200 0x0030: 313a 3830 383a 3130 303a 3166 3a3a 3220 1:808:100:1f::2. 0x0040: 7365 6e64 6572 2031 3235 3532 3932 3132 sender.125529212 0x0050: 3820 3135 3763 3434 6133 3163 6566 3331 8.157c44a31cef31 0x0060: 6238 6639 3563 6464 3331 3737 3131 3862 b8f95cdd3177118b 0x0070: 3337 37 22:15:28.774839 IP 212.122.215.145.39590 > 150.254.166.147.3740: UDP, length 86 0x0000: 4500 0072 68d2 4000 3f11 e90a d47a d791 E..rh.@.?....z.. 0x0010: 96fe a693 9aa6 0e9c 005e 7933 4845 4152 .........^y3HEAR 0x0020: 5442 4541 5420 5455 4e4e 454c 2032 3030 TBEAT.TUNNEL.200 0x0030: 313a 3830 383a 3130 303a 3166 3a3a 3220 1:808:100:1f::2. 0x0040: 7365 6e64 6572 2031 3235 3532 3932 3132 sender.125529212 0x0050: 3820 3135 3763 3434 6133 3163 6566 3331 8.157c44a31cef31 0x0060: 6238 6639 3563 6464 3331 3737 3131 3862 b8f95cdd3177118b 0x0070: 3337 37 I guess they're heartbeats, right?
Aiccu sets up heartbeat tunnel to plpoz01.sixxs.net
Please elaborate kon that part and provide the details as requested in that big orange box.
It creates tunnel with endpoint set to plpoz01. syslog: Oct 11 21:52:14 Solo aiccu: sock_getline() : "200 SixXS TIC Service on noc.sixxs.net ready (http://www.sixxs.net)" [...] Oct 11 21:52:15 Solo aiccu: sock_getline() : "202 Done" Oct 11 21:52:15 Solo aiccu: Succesfully retrieved tunnel information for T23201 Oct 11 21:52:15 Solo aiccu: sock_printf() : "QUIT Even the spirits are afraid" Oct 11 21:52:15 Solo aiccu: AICCU running as PID 23980 Oct 11 21:52:15 Solo aiccu: heartbeat_socket() - IPv4 : 212.122.215.145 Oct 11 21:52:15 Solo aiccu: [HB] HEARTBEAT TUNNEL 2001:808:100:1f::2 sender 1255290735 0a679c00d92a97813018c5ad125fccb7 Oct 11 21:52:15 Solo aiccu: [HB] HEARTBEAT TUNNEL 2001:808:100:1f::2 sender 1255290735 0a679c00d92a97813018c5ad125fccb7 [more HEARTBEAT TUNNEL messages] While troubleshooting I've also modified aiccu to send IP instead of "sender", without success. Aiccu test fails only at ###### [6/8] Ping the IPv6 Remote/PoP Inner Tunnel Endpoint (2001:808:100:1f::1) (other tests passes via 6to4 tunnel). No NATs are involved. Debian stable with linux 2.6.25.11 (custom) and aiccu 20070115-9. Clock synchronized with local NTP server just before tests. Traceroute: traceroute to plpoz01.sixxs.net (150.254.166.147), 64 hops max, 40 byte packets 1 gw-3.wavelan.pl (192.168.3.1) 2 ms 4 ms 2 ms 2 gw-orinat.iweb.pl (212.122.215.1) 14 ms 13 ms 15 ms 3 z-gw-bydman.pionier.10Gb.man.bydgoszcz.pl (212.122.200.49) 15 ms 13 ms 21 ms 4 z-bydgoszczy-loc.poznan.pionier.net.pl (150.254.232.30) 23 ms 19 ms 21 ms 5 chives.man.poznan.pl (150.254.166.147) 20 ms 22 ms 53 ms Routing table: 10.0.0.1 dev tun0 scope link 192.168.7.0/24 via 192.168.3.1 dev eth1 192.168.3.0/24 dev eth1 proto kernel scope link src 192.168.3.130 192.168.0.0/24 dev br0 proto kernel scope link src 192.168.0.1 172.16.0.0/12 via 10.0.0.1 dev tun0 10.0.0.0/8 via 10.0.0.1 dev tun0 unreachable 10.0.0.0/8 metric 20 default via 192.168.3.1 dev eth1 src 212.122.215.145 Few days after tunnel was created I've checked in whois other heartbeat tunnels and didn't found any working, but it may be meaningless. Thanks for quick reply. Are there any other information I can provide?
Heartbeat tunnel not working
[ch] Jeroen Massar SixXS Staff on Sunday, 11 October 2009 22:35:31
I guess they're heartbeats, right?
Yes, but....
No NATs are involved.
Are you sure? Your default gateways is at 192.168.3.1. Then again you have a 'src' address in your IPv4 routing table which looks like it might be public. But how exactly is that truly working? It looks like a big hack to me. Nevertheless, also check the other information requested in the big orange box.
Heartbeat tunnel not working
[pl] Carmen Sandiego on Sunday, 11 October 2009 23:10:48
No NATs are involved.
Are you sure? Your default gateways is at 192.168.3.1. Then again you have a 'src' address in your IPv4 routing table which looks like it might be public. But how exactly is that truly working? It looks like a big hack to me.
Yes, I've checked it with only one IP, just couldn't reconfigure it again to that setup now, when collected the routing table. But the sniffer output was from next router, after any NATs. The box have two IPs, 212.122.215.145 and 192.168.3.130. 192.168.3.1 NATs 192.168.3.0/24 to 212.122.215.94 and passes packets from 212.122.215.145 without modifications. Also packets from LAN behind it are NATted to 192.168.3.130 (but not from aiccu, as it will be seen on 192.168.3.1). 'src' ensures that packets originates from 212.122.215.145, Linux would otherwise choose address used for communication with 192.168.3.1, so 192.168.3.130. This setup may look a bit hacky, but it worked for years. I've also made tests in simplified situation (only 212.122.215.145, without any nats).
Nevertheless, also check the other information requested in the big orange box.
You mean directing it to the contact address instead of tickets tracker? When reporting this issue, I thought it's some problem with plpoz01. If not, can You be little less enigmatic?
Heartbeat tunnel not working
[pl] Carmen Sandiego on Sunday, 11 October 2009 23:45:39
No NATs are involved.
Are you sure? Your default gateways is at 192.168.3.1. Then again you have a 'src' address in your IPv4 routing table which looks like it might be public. But how exactly is that truly working? It looks like a big hack to me.
Yes, I've checked it with only one IP, just couldn't reconfigure it again to that setup now, when collected the routing table. But the sniffer output was from next router, after any NATs.
I've just checked with the heartbeat tunnel to plwaw01 and everything worked fine, so the problem is specific to plpoz01.

Please note Posting is only allowed when you are logged in.

Static Sunset Edition of SixXS
©2001-2017 SixXS - IPv6 Deployment & Tunnel Broker