[OOR-Users] OOR configuration issues
Holger Zuleger
Holger.Zuleger at hznet.de
Tue Jul 31 14:49:35 CEST 2018
Hi Rene,
I'm not very familiar with the OOR DEBUG messages, but what makes me
wonder is the link local address as source of the MAP-Register message.
> [2018/7/25 14:33:35] DEBUG: Map-Register -> flags:pirM record-count: 1
> nonce dd1e2ba25f7b9eff, EID: 153.16.51.208/28, MS:
> 2001:40b0:7500:205::9353:8320
> [2018/7/25 14:33:35] DEBUG: Sent control message IP:
> fe80::50c2:7cff:fe66:e5b2 -> 2001:40b0:7500:205::9353:8320 UDP: 4342->
> 4342
Could you please trace the outgoing packets to double check this?
...
> setup:
>
> Internet (dynamic IPv6 prefix) -> AVM Fritz!Box 7490 -> Turris Onmia ->
> LXC container -> Ubuntu 18.04 -> OOR
LSIP doesn't work well behind NAT. But this is of couse an non-issue if
you use IPv6 as RLOC addresses
> oor.conf:
> -------------------------------------------------------------------------------------------------
> # Encapsulated Map-Requests are sent to this Map-Resolver
> # You can define several Map-Resolvers, seprated by comma. Encapsulated
> # Map-Request messages will be sent to only one.
> # address: IPv4 or IPv6 address of the map-resolver
>
> map-resolver = {
> 2001:6C8:130:600::1:1,
> 2001:40B0:7500:205::9353:8320,
> 2001:240:bb80:4001::8000:9:0,
> }
> # Map-Registers are sent to this Map-Server
> # You can define several Map-Servers. Map-Register messages will be sent
> to all
> # of them.
> # address: IPv4 or IPv6 address of the map-server
> # key-type: Only 1 supported (HMAC-SHA-1-96)
> # key: password to authenticate with the map-server
> # proxy-reply [on/off]: Configure map-server to Map-Reply on behalf of
> the xTR
>
> map-server {
> address = 2001:6C8:130:600::1:1
> key-type = 1
> key = XXX
> proxy-reply = off
> }
>
> map-server {
> address = 2001:40B0:7500:205::9353:8320
> key-type = 1
> key = XXX
> proxy-reply = off
> }
>
> map-server {
> address = 2001:240:bb80:4001::8000:9:0
> key-type = 1
> key = XXX
> proxy-reply = off
> }
I would recommend to start with just one map-server. I had some problems
with using two or more.
> proxy-etr-ipv6 {
> address = 2001:6c8:130:600::1
> priority = 0
> weight = 0
> }
>
> proxy-etr-ipv6 {
> address = 2001:700:0:52E::4
> priority = 1
> weight = 0
> }
>
> proxy-etr-ipv6 {
> address = 2001:590::451f:1f62
> priority = 2
> weight = 0
> }
>
> proxy-etr-ipv6 {
> address = 2001:200:e000:17::172
> priority = 3
> weight = 0
> }
> database-mapping {
> eid-prefix = 153.16.51.208/28
> eid-prefix = 2610:D0:2183::/48
> iid = 0
> rloc-iface{
> interface = eth0
> ip_version = 6
> priority = 0
> weight = 0
> }
> }
> proxy-itrs = {
> 2001:6c8:130:600::1,
> 2001:700:0:52E::4,
> 2001:590::451f:1f62,
> 2001:200:e000:17::172,
> }
> Does anyone have an idea what's wrong with my configuration?
Not really. Beside my comments it looks quite well.
BR
Holger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4160 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.openoverlayrouter.org/pipermail/users/attachments/20180731/65673e55/attachment.bin>
More information about the Users
mailing list