[OOR-Users] Fwd: OOR configuration issues

Rene 'Renne' Bartsch, B.Sc. Informatics ml at bartschnet.de
Tue Aug 7 01:57:12 CEST 2018 

Hi Holger,

the link local address in the map message is weird. Could it be a problem with the Fritz!Box announcing it as default route?

----------------------------------------------------------------------------------------------------
root at router:~# ip -6 route show
2003:ce:7f31:5200::/64 dev eth0 proto ra metric 1024 pref medium
2003:ce:7f31:5200::/56 via fe80::3681:c4ff:fe2a:17ed dev eth0 proto ra metric 1024 pref medium
2610:d0:2183::/48 dev eth0 proto kernel metric 256 pref medium
fd00:0:0:1::/64 dev eth0 proto ra metric 1024 pref medium
fd00:0:0:1::/64 via fe80::3681:c4ff:fe2a:17ed dev eth0 proto ra metric 1024 pref medium
fd31:8e4b:773c::/64 dev eth0 proto ra metric 1024 pref medium
fd31:8e4b:773c::/48 via fe80::da58:d7ff:fe00:7a25 dev eth0 proto ra metric 1024 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::3681:c4ff:fe2a:17ed dev eth0 proto ra metric 1024 mtu 1492 pref medium
----------------------------------------------------------------------------------------------------


Traceroute looks fine:
-----------------------------------------------------------------------------------------------------------------
root at router:~# traceroute6 2001:6c8:130:600::1
traceroute to 2001:6c8:130:600::1 (2001:6c8:130:600::1), 30 hops max, 80 byte packets
  1  2003:ce:7f31:5200:3681:c4ff:fe2a:17ed (2003:ce:7f31:5200:3681:c4ff:fe2a:17ed)  0.864 ms  1.059 ms  2.442 ms
  2  2003:ce:7fff:315d::1 (2003:ce:7fff:315d::1)  10.820 ms  10.790 ms  11.559 ms
  3  2003:0:130b:4000::1 (2003:0:130b:4000::1)  10.905 ms  11.228 ms  11.455 ms
  4  2003:0:130b:4002::2 (2003:0:130b:4002::2)  11.714 ms  12.046 ms  13.317 ms
  5  ar4tdm2nxf1.dk.ip.tdc.net (2001:6c8:40::10b)  30.317 ms  30.585 ms  30.793 ms
  6  2001:6c8:41:100:0:2:1:c (2001:6c8:41:100:0:2:1:c)  32.100 ms  31.156 ms  31.134 ms
-----------------------------------------------------------------------------------------------------------------

Best regards,

Renne


-------- Weitergeleitete Nachricht --------
Betreff: [OOR-Users] OOR configuration issues
Datum: Thu, 2 Aug 2018 14:22:58 +0200
Von: Holger Zuleger <Holger.Zuleger at hznet.de>
Organisation: HZNET
An: Rene 'Renne' Bartsch, B.Sc. Informatics <ml at bartschnet.de>

Hi Rene,

I'm not very familiar with the OOR DEBUG messages, but what makes me
wonder is the link local address as source of the MAP-Register message.

> [2018/7/25 14:33:35] DEBUG: Map-Register -> flags:pirM record-count: 1
> nonce dd1e2ba25f7b9eff, EID: 153.16.51.208/28, MS:
> 2001:40b0:7500:205::9353:8320
> [2018/7/25 14:33:35] DEBUG: Sent control message IP:
> fe80::50c2:7cff:fe66:e5b2 -> 2001:40b0:7500:205::9353:8320 UDP: 4342->
> 4342

Could you please trace the outgoing packets to double check this?

  ...

> setup:
> 
> Internet (dynamic IPv6 prefix) -> AVM Fritz!Box 7490 -> Turris Onmia ->
> LXC container -> Ubuntu 18.04 -> OOR

LSIP doesn't work well behind NAT. But this is of couse an non-issue if
you use IPv6 as RLOC addresses

> oor.conf:
> -------------------------------------------------------------------------------------------------


> # Encapsulated Map-Requests are sent to this Map-Resolver
> # You can define several Map-Resolvers, seprated by comma. Encapsulated
> # Map-Request messages will be sent to only one.
> #   address: IPv4 or IPv6 address of the map-resolver
> 
> map-resolver        = {
>     2001:6C8:130:600::1:1,
>     2001:40B0:7500:205::9353:8320,
>     2001:240:bb80:4001::8000:9:0,
> }


> # Map-Registers are sent to this Map-Server
> # You can define several Map-Servers. Map-Register messages will be sent
> to all
> # of them.
> #   address: IPv4 or IPv6 address of the map-server
> #   key-type: Only 1 supported (HMAC-SHA-1-96)
> #   key: password to authenticate with the map-server
> #   proxy-reply [on/off]: Configure map-server to Map-Reply on behalf of
> the xTR
> 
> map-server {
>         address        = 2001:6C8:130:600::1:1
>         key-type       = 1
>         key            = XXX
>         proxy-reply    = off
> }
> 
> map-server {
>         address        = 2001:40B0:7500:205::9353:8320
>         key-type       = 1
>         key            = XXX
>         proxy-reply    = off
> }
> 
> map-server {
>         address        = 2001:240:bb80:4001::8000:9:0
>         key-type       = 1
>         key            = XXX
>         proxy-reply    = off
> }

I would recommend to start with just one map-server. I had some problems
with using two or more.

> proxy-etr-ipv6 {
>         address     = 2001:6c8:130:600::1
>         priority    = 0
>         weight      = 0
> }
> 
> proxy-etr-ipv6 {
>         address     = 2001:700:0:52E::4
>         priority    = 1
>         weight      = 0
> }
> 
> proxy-etr-ipv6 {
>         address     = 2001:590::451f:1f62
>         priority    = 2
>         weight      = 0
> }
> 
> proxy-etr-ipv6 {
>         address     = 2001:200:e000:17::172
>         priority    = 3
>         weight      = 0
> }

> database-mapping {
>     eid-prefix          = 153.16.51.208/28
>     eid-prefix          = 2610:D0:2183::/48
>     iid                 = 0
>     rloc-iface{
>         interface       = eth0
>         ip_version      = 6
>         priority        = 0
>         weight          = 0
>     }
> }
> proxy-itrs = {
>     2001:6c8:130:600::1,
>     2001:700:0:52E::4,
>     2001:590::451f:1f62,
>     2001:200:e000:17::172,
> }


> Does anyone have an idea what's wrong with my configuration?
Not really. Beside my comments it looks quite well.

BR
  Holger

More information about the Users mailing list