Problem with virtual DNS
4 views
Skip to first unread message
chip53
Jun 25, 2009, 3:47:42 PM6/25/09
to acis.p2p.users
Hello all!
I have severe problems with the virtual DNS. It simply does not work.
On my machine there is dnsmasq running, a nameserver and DHCP server.
And I think there is the problem, but things even don't work with
dnsmasq not binding to the tapipop device.
What is the nameserver for virtual DNS? Is it the socialvpn
executable? Or is there a server supposed to be running on the net
somewhere else?
My resolvconf packages gets a proper file installed:
cat /etc/resolvconf/run/interface/tapipop
domain ipop
nameserver 172.31.0.1
I don't know where the 172.31.0.1 comes from, my machine gets a
different ip:
10: tapipop: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1200 qdisc
pfifo_fast state UNKNOWN qlen 500
link/ether 32:0f:fb:6b:0c:18 brd ff:ff:ff:ff:ff:ff
inet 172.31.0.2/16 brd 172.31.255.255 scope global tapipop
I heard socialvpn runs a nameserver as ip *.*.0.1, but I don't know
how that would work without a proper device with that ip. I mean, the
machine will try to send packets to this address out to tapipop
device. Will socialvpn capture them then? At least I can't even ping
172.31.0.1, but perhaps it just responds to name queries.
For the nameserver routing with dnsmasq, I add this in /etc/
dnsmasq.conf:
# SocialVPN nameserver (test)
server=/ipop/172.31.0.1
server=/31.172.in-addr.arpa/172.31.0.1
Of course this doesn't work. The 172.31.0.1 configured by socialvpn
isn't reachable. But this config exists in parallel to my nameserver
configuration.
In my friend list in socialvpn I have offline hosts
pubuntu.ptony82.ufl.edu.svpn and pdebian.ptony82.ufl.edu.svpn, I think
they come from http://socialvpntest.appspot.com/api/ getfriends test
call. Can't resolv these names neither.
Any ideas how to diagnose this problem further?
I have severe problems with the virtual DNS. It simply does not work.
On my machine there is dnsmasq running, a nameserver and DHCP server.
And I think there is the problem, but things even don't work with
dnsmasq not binding to the tapipop device.
What is the nameserver for virtual DNS? Is it the socialvpn
executable? Or is there a server supposed to be running on the net
somewhere else?
My resolvconf packages gets a proper file installed:
cat /etc/resolvconf/run/interface/tapipop
domain ipop
nameserver 172.31.0.1
I don't know where the 172.31.0.1 comes from, my machine gets a
different ip:
10: tapipop: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1200 qdisc
pfifo_fast state UNKNOWN qlen 500
link/ether 32:0f:fb:6b:0c:18 brd ff:ff:ff:ff:ff:ff
inet 172.31.0.2/16 brd 172.31.255.255 scope global tapipop
I heard socialvpn runs a nameserver as ip *.*.0.1, but I don't know
how that would work without a proper device with that ip. I mean, the
machine will try to send packets to this address out to tapipop
device. Will socialvpn capture them then? At least I can't even ping
172.31.0.1, but perhaps it just responds to name queries.
For the nameserver routing with dnsmasq, I add this in /etc/
dnsmasq.conf:
# SocialVPN nameserver (test)
server=/ipop/172.31.0.1
server=/31.172.in-addr.arpa/172.31.0.1
Of course this doesn't work. The 172.31.0.1 configured by socialvpn
isn't reachable. But this config exists in parallel to my nameserver
configuration.
In my friend list in socialvpn I have offline hosts
pubuntu.ptony82.ufl.edu.svpn and pdebian.ptony82.ufl.edu.svpn, I think
they come from http://socialvpntest.appspot.com/api/ getfriends test
call. Can't resolv these names neither.
Any ideas how to diagnose this problem further?
Pierre St Juste
Jun 25, 2009, 4:16:51 PM6/25/09
to acisp2...@googlegroups.com
Comments inline
I'm not sure if dnsmasq is necessary for SocialVPN.
Both DHCP and DNS servers are part of software stack that runs locally, we captured DHCP
and DNS ip packets and serve them accordingly, these services always use the
lowest ip address of the network range *.0.1. Pinging the lowest address will fail because
that machine does not exist, we just use that IP address as an identifier for DHCP and DNS
requests.
That IP is given in the DHCP response. Once again, it does not represent a
real machine.
I'm not too familiar with dnsmasq, but I know that DNS works without it.
Sorry about offline hosts, currently SocialVPN automatically befriends everyone
who uses it, we are still working on packaging a release version. These machines
are offline so they are not reachable.
The best way to test things is by running two machines and have them ping each other. I apologize for
the inconvenience, we are currently working on getting a release version out soon.
--
Pierre St Juste
On Thu, Jun 25, 2009 at 3:47 PM, chip53 <chi...@gmx.net> wrote:
Hello all!
I have severe problems with the virtual DNS. It simply does not work.
On my machine there is dnsmasq running, a nameserver and DHCP server.
And I think there is the problem, but things even don't work with
dnsmasq not binding to the tapipop device.
I'm not sure if dnsmasq is necessary for SocialVPN.
What is the nameserver for virtual DNS? Is it the socialvpn
executable? Or is there a server supposed to be running on the net
somewhere else?
Both DHCP and DNS servers are part of software stack that runs locally, we captured DHCP
and DNS ip packets and serve them accordingly, these services always use the
lowest ip address of the network range *.0.1. Pinging the lowest address will fail because
that machine does not exist, we just use that IP address as an identifier for DHCP and DNS
requests.
My resolvconf packages gets a proper file installed:
cat /etc/resolvconf/run/interface/tapipop
domain ipop
nameserver 172.31.0.1
I don't know where the 172.31.0.1 comes from, my machine gets a
different ip:
That IP is given in the DHCP response. Once again, it does not represent a
real machine.
10: tapipop: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1200 qdisc
pfifo_fast state UNKNOWN qlen 500
link/ether 32:0f:fb:6b:0c:18 brd ff:ff:ff:ff:ff:ff
inet 172.31.0.2/16 brd 172.31.255.255 scope global tapipop
I heard socialvpn runs a nameserver as ip *.*.0.1, but I don't know
how that would work without a proper device with that ip. I mean, the
machine will try to send packets to this address out to tapipop
device. Will socialvpn capture them then? At least I can't even ping
172.31.0.1, but perhaps it just responds to name queries.
For the nameserver routing with dnsmasq, I add this in /etc/
dnsmasq.conf:
# SocialVPN nameserver (test)
server=/ipop/172.31.0.1
server=/31.172.in-addr.arpa/172.31.0.1
Of course this doesn't work. The 172.31.0.1 configured by socialvpn
isn't reachable. But this config exists in parallel to my nameserver
configuration.
I'm not too familiar with dnsmasq, but I know that DNS works without it.
In my friend list in socialvpn I have offline hosts
pubuntu.ptony82.ufl.edu.svpn and pdebian.ptony82.ufl.edu.svpn, I think
they come from http://socialvpntest.appspot.com/api/ getfriends test
call. Can't resolv these names neither.
Sorry about offline hosts, currently SocialVPN automatically befriends everyone
who uses it, we are still working on packaging a release version. These machines
are offline so they are not reachable.
Any ideas how to diagnose this problem further?
The best way to test things is by running two machines and have them ping each other. I apologize for
the inconvenience, we are currently working on getting a release version out soon.
--
Pierre St Juste
chip53
Jun 25, 2009, 4:42:18 PM6/25/09
to acis.p2p.users
Hi again!
On Jun 25, 10:16 pm, Pierre St Juste <pton...@gmail.com> wrote:
> On Thu, Jun 25, 2009 at 3:47 PM, chip53 <chi...@gmx.net> wrote:
> I'm not sure if dnsmasq is necessary for SocialVPN.
Got it so far. Anyway I'd like to make SocialVPN able to coexist with
dnsmasq.
> Both DHCP and DNS servers are part of software stack that runs locally, we
> captured DHCP
> and DNS ip packets and serve them accordingly, these services always use the
> lowest ip address of the network range *.0.1. Pinging the lowest address
> will fail because
> that machine does not exist, we just use that IP address as an identifier
> for DHCP and DNS
> requests.
Ok then. I guess my problem is that both nameservers, dnsmasq and
SocialVPN, run on one and the same machine and on the same port
presumably.
I will have to read about running two nameservers on one machine at
the same time.
> > My resolvconf packages gets a proper file installed:
>
> > cat /etc/resolvconf/run/interface/tapipop
> > domain ipop
> > nameserver 172.31.0.1
Anyway, where does the ipop domain come from? Is the virtual ip .svpn
or .ipop?
I thought the ip was pcid + uid + .svpn, got that from SocialNode.cs.
> > Any ideas how to diagnose this problem further?
>
> The best way to test things is by running two machines and have them ping
> each other. I apologize for
> the inconvenience, we are currently working on getting a release version out
> soon.
Let me ask one last question: does DNS even work with having SocialVPN
installed on only one machine? I mean should I be able to resolve
virtual DNS of my own machine even then when running as single machine
without any friends?
Greetings...
On Jun 25, 10:16 pm, Pierre St Juste <pton...@gmail.com> wrote:
> On Thu, Jun 25, 2009 at 3:47 PM, chip53 <chi...@gmx.net> wrote:
> I'm not sure if dnsmasq is necessary for SocialVPN.
dnsmasq.
> Both DHCP and DNS servers are part of software stack that runs locally, we
> captured DHCP
> and DNS ip packets and serve them accordingly, these services always use the
> lowest ip address of the network range *.0.1. Pinging the lowest address
> will fail because
> that machine does not exist, we just use that IP address as an identifier
> for DHCP and DNS
> requests.
SocialVPN, run on one and the same machine and on the same port
presumably.
I will have to read about running two nameservers on one machine at
the same time.
> > My resolvconf packages gets a proper file installed:
>
> > cat /etc/resolvconf/run/interface/tapipop
> > domain ipop
> > nameserver 172.31.0.1
or .ipop?
I thought the ip was pcid + uid + .svpn, got that from SocialNode.cs.
> > Any ideas how to diagnose this problem further?
>
> The best way to test things is by running two machines and have them ping
> each other. I apologize for
> the inconvenience, we are currently working on getting a release version out
> soon.
installed on only one machine? I mean should I be able to resolve
virtual DNS of my own machine even then when running as single machine
without any friends?
Greetings...
Pierre St Juste
Jun 25, 2009, 4:47:43 PM6/25/09
to acisp2...@googlegroups.com
On Thu, Jun 25, 2009 at 4:42 PM, chip53 <chi...@gmx.net> wrote:
Hi again!
On Jun 25, 10:16 pm, Pierre St Juste <pton...@gmail.com> wrote:
> On Thu, Jun 25, 2009 at 3:47 PM, chip53 <chi...@gmx.net> wrote:Got it so far. Anyway I'd like to make SocialVPN able to coexist with
> I'm not sure if dnsmasq is necessary for SocialVPN.
dnsmasq.
They should be able to coexist, because SocialVPN DNS does not listen on
DNS port, so there is no port conflict, it's just a matter of making sure
dnsmasq can actually connect to SocialVPN DNS server.
Ok then. I guess my problem is that both nameservers, dnsmasq and
> Both DHCP and DNS servers are part of software stack that runs locally, we
> captured DHCP
> and DNS ip packets and serve them accordingly, these services always use the
> lowest ip address of the network range *.0.1. Pinging the lowest address
> will fail because
> that machine does not exist, we just use that IP address as an identifier
> for DHCP and DNS
> requests.
SocialVPN, run on one and the same machine and on the same port
presumably.
I will have to read about running two nameservers on one machine at
the same time.
Anyway, where does the ipop domain come from? Is the virtual ip .svpn
> > My resolvconf packages gets a proper file installed:
>
> > cat /etc/resolvconf/run/interface/tapipop
> > domain ipop
> > nameserver 172.31.0.1
or .ipop?
I thought the ip was pcid + uid + .svpn, got that from SocialNode.cs.
I need to change that back to .ipop, but in reality it does not make a difference.
Let me ask one last question: does DNS even work with having SocialVPN
> > Any ideas how to diagnose this problem further?
>
> The best way to test things is by running two machines and have them ping
> each other. I apologize for
> the inconvenience, we are currently working on getting a release version out
> soon.
installed on only one machine? I mean should I be able to resolve
virtual DNS of my own machine even then when running as single machine
without any friends?
Unfortunately, a lacking feature is self-mapping (or self resolution), that needs to be implemented.
Greetings...
--
Pierre St Juste
Renato Figueiredo
Jun 25, 2009, 5:04:56 PM6/25/09
to acisp2...@googlegroups.com
On Thu, Jun 25, 2009 at 4:42 PM, chip53 <chi...@gmx.net> wrote:
Hi again!
On Jun 25, 10:16 pm, Pierre St Juste <pton...@gmail.com> wrote:
> On Thu, Jun 25, 2009 at 3:47 PM, chip53 <chi...@gmx.net> wrote:Got it so far. Anyway I'd like to make SocialVPN able to coexist with
> I'm not sure if dnsmasq is necessary for SocialVPN.
dnsmasq.
Ok then. I guess my problem is that both nameservers, dnsmasq and
> Both DHCP and DNS servers are part of software stack that runs locally, we
> captured DHCP
> and DNS ip packets and serve them accordingly, these services always use the
> lowest ip address of the network range *.0.1. Pinging the lowest address
> will fail because
> that machine does not exist, we just use that IP address as an identifier
> for DHCP and DNS
> requests.
SocialVPN, run on one and the same machine and on the same port
presumably.
I will have to read about running two nameservers on one machine at
the same time.
Maybe this helps clarify what is going on - the SocialVPN executable picks packets from the tap device and resolves DNS if it sees a packet destined to the DNS port of *.0.1; it doesn't respond to pings because we only use this address for virtual DNS.
I'm not sure how to configure dnsmasq, and looks like it may not integrate well with resolvconf, but if you can configure it such that .svpn names are resolved by a lookup to *.0.1 that go to the tap device, hopefully it works.
Also, if I recall correctly, in resolv.conf the order in which you query the DNS servers is important, and ours needs to be the first.
--rf
Anyway, where does the ipop domain come from? Is the virtual ip .svpn
> > My resolvconf packages gets a proper file installed:
>
> > cat /etc/resolvconf/run/interface/tapipop
> > domain ipop
> > nameserver 172.31.0.1
or .ipop?
I thought the ip was pcid + uid + .svpn, got that from SocialNode.cs.
Let me ask one last question: does DNS even work with having SocialVPN
> > Any ideas how to diagnose this problem further?
>
> The best way to test things is by running two machines and have them ping
> each other. I apologize for
> the inconvenience, we are currently working on getting a release version out
> soon.
installed on only one machine? I mean should I be able to resolve
virtual DNS of my own machine even then when running as single machine
without any friends?
Greetings...
--
Dr. Renato J. Figueiredo
Associate Professor
ACIS Lab / Electrical and Computer Engineering
University of Florida
http://byron.acis.ufl.edu
ph: 352-392-6430
Reply all
Reply to author
Forward
0 new messages