On 12/17/2014 11:00 AM, Andrea Florio wrote: > Hello Lori, > > thanks for your answer. Here is my topology > > INTERNET----ROUTER----FEDORA > > > the routers WAN ip address is 90.177.68.57. Fedora IP address is > 10.0.0.139. Fedora is behind DMZ, therefore all traffic destined to
It's probably best to disable the DMZ for the Fedora host, it is not required for NAT traversal. I don't know if it can have any negative effects, but until your problem is solved it's best to turn it off. > 90.177.68.57 is forwarded to the fedora machine if no other nat rule exist. No special configuration on the router is necessary for NAT traversal to work. > > still , i can't make it work properly. How do you test? > > attached you can find my configuration file, Please remove the IPv6 PITRs from the list, since you don't seem to have IPv6 connectivity and there are some error messages because of that cluttering the logs, which will make it more difficult for you to spot real problems. the output with debug level 3. I don't see anything problematic in the log, other than the above errors because of the lack of IPv6. Maybe other developers can look through it and see if they see anything. > > i don't receive those errors anymore, but something is surely not > working properly. after a little while, when i check on my cisco router, > with "lig 153.16.53.163" i see that my /32 was registered with an rloc > i have no idea who that is ... in particular i obtain: > > Mapping information for EID 153.16.53.163 from 217.8.98.46 with RTT 28 msecs > 153.16.53.163/32 <http://153.16.53.163/32>, uptime: 00:03:00, expires: > 00:04:59, via map-reply, self, complete > Locator Uptime State Pri/Wgt > 158.38.1.92 00:03:00 up 1/100 > > > in particular, 158.38.1.92 came out to be "uninett-pxtr.rloc.lisp4.net > <http://uninett-pxtr.rloc.lisp4.net>". This ip is visible in the debug > as well. > > I'd expect that the RLOC would be 90.177.68.57 instead. > > Am i doing something wrong here? There is nothing wrong here, the above behavior is expected. The IP address that you see as your RLOC is the RLOC of the RTR that is being used for NAT traversal. See more details in the draft that Alberto referenced. -Lori > > Thanks > Andrea > > > 2014-12-15 13:27 GMT+01:00 Lori Jakab <[email protected] > <mailto:[email protected]>>: > > On 12/15/2014 01:33 PM, Alberto Rodriguez-Natal wrote: > > Hi Andrea, > > > > First of all thank you for your interest in LISPmob! Now, getting into > > your problem, it seems that the MapServer that you are using does not > > support NAT traversal. > > > > When you run a LISPmob xTR with NAT enabled, it sends a special control > > message to the MS in order to get the list of RTRs it can use [1]. > > However it seems that it is getting no reply from the MS with the RTRs, > > thus the errors you are observing. > > > > Currently only some of the MSs in the beta-network support NAT traversal > > operation. Maybe Lori (in CC) can check if those that you are using have > > NAT-trav enabled and, if not, allocate you in ones that support NAT. > > Please only use 217.8.98.42 or 217.8.98.46 if you need NAT-Traversal > functionality. > > -Lori > > > > > Come back to us if you any further problem. > > > > Best, > > Alberto > > > > [1] http://tools.ietf.org/html/draft-ermagan-lisp-nat-traversal-06 > > > > > > > > On Thu, Dec 11, 2014 at 1:56 PM, <[email protected] > <mailto:[email protected]> > > <mailto:[email protected] <mailto:[email protected]>>> wrote: > > > > Andrea sent a message using the contact form at > > http://lispmob.org/contact. > > > > Hello, > > > > i'm running lispmob on a fedora server. If i try to run lisp without > > nat support, everything is ok, but of course it doesn't work since > > my server registers with a private ip address 10.0.0.139. > > > > if i try to configure with nat enabled, i have problems, it seems i > > can't make it work. > > > > i obtain those errors: > > > > Couldn't send encapsulated map register. No RTR found > > > > or > > > > The interface with IP address 10.0.0.139 don't have any RTR > > compatible with local AFI > > > > those are the map-resolvers and map-servers i can use: > > > > 193.162.145.50 > > 195.50.116.18 > > 217.8.98.42 > > 217.8.98.46 > > > > thanks for you help, > > > > Andrea > > > > _________________________________________________ > > Contactus-linux mailing list > > [email protected].__org > > <mailto:[email protected] > <mailto:[email protected]>> > > https://mail.lispmob.org/__mailman/listinfo/contactus-__linux > > <https://mail.lispmob.org/mailman/listinfo/contactus-linux> > > > > > > -- > ------------------------------------------ > Andrea Florio > AT&T Brno - Senior Network Architect > CISCO CCNA Wireless and Security, CCNP Certified > openSUSE Official Member (anubisg1) > Email: [email protected] <mailto:[email protected]> > Email: [email protected] <mailto:[email protected]> > Cell: +39-328-7365667 > Cell: +420-778-033288 > Website: http://journey4ccie.com/ > ------------------------------------------
