<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: ping fails sometimes
From: "Berghmans, Peter" <Peter.Berghmans,AT,khm,DOT,be>
Date: Wed, 5 Jun 2002 13:43:54 +0200

Wolfgang, all

Here is a more detailled description of my problem: ping works now and

First my setup:

Cipe 1.4.6 (disabled dyndev) runs on a floppy (both ends, based on
floppyfw), based on 2.2.20. Module is ok, cipcb0 comes up (thanks you


key aaaaaaa
cttl 64
maxerr -1

key aaaaaaa
cttl 64
maxerr -1

some routing-information:
Destination      GW    iface          *    cipcb0     *    eth1               *    eth0

Destination      GW    iface     *    cipcb0            *    eth1               *    eth0

results of ping (PC2) same as (PC1)
ping works 4 or 5 times, then lots of packets get lost. After a while
ping restarts for 4 or 5 times, and so on.

Now and then I log this:
cipcb0: cipe_recvmesg
cipcb0: cipe_sendmsg
cipcb0: setkey

There is no firewall and no masquerading (eventhough I first tried with
my masquerading rules active, same result)

Whats the solution to this (strange) behaviour?


-----Original Message-----
From:   Wolfgang Ailec
Sent:   Wed 6/5/2002 9:37
To:     Berghmans, Peter; cipe-l,AT,inka,DOT,de
Subject:        RE: cipe on a floppy

Hallo Peter,
this error may come from the bind system call which returned
EINVAL in 2 cases:
1. The socket is already bound to an address, which means, that
    another process is using this socket (another ciped-cb?)
2. The addrlen is wrong, or the socket was not in the AF_UNIX family.

I experienced a third case, if I use an IP Address, which is not bound
to any local interface, I will get the same error message (Kernel
not on kernel 2.4.x)

Maybe it will help using the line


instead the original one in the options file and/or change the port
numbers to be really sure, that the ports you are using are not in use
by another process. I hope that something of this will help.
Good Luck!


At 11:37 PM 6/4/02 +0200, Berghmans, Peter wrote:
>Thank you for your help. I checked things out .
>Now, I've got a different error:
>opendev: bind: invalid argument...
>-----Original Message-----
>From:   Wolfgang Ailec
>Sent:   Tue 6/4/2002 22:41
>To:     Berghmans, Peter; cipe-l,AT,inka,DOT,de
>Subject:        Re: cipe on a floppy
>I think you forgot to set the right permissions on the options file.
>As I remember it is necessary to set the permissions to 0600 and the
>file must be owned by root (so that nobody else could read the key :-)
>At 10:29 PM 6/4/02 +0200, Berghmans, Peter wrote:
> >Hi
> >
> >Like I stated earlier on this mailinglist, I was trying to put cipe
> >floppy-based firewall/vpn solution. I use floppyfw
> >for this. Cipe has version 1.4.6.
> >
> >The result of my work is that cipe exits with the message 'cipecb:
> >argument: peer'. Below the steps I have done.
> >
> >1. Compiled kernel 2.2.20 (with versioned symbols and ipforwarding).
> >2. Compiled cipe against the source of 2.2.20 (once with the option
> >--disable-dyndev and once without. No difference as result).
> >3. Copied the new kernel, together with
> >       ciped.o
> >       ciped-cb
> >       ip-up
> >       ip-down
> >       options
> >      to the floppy and booted with this
> >4. load the module with 'insmod ciped.o'
> >5. check the module with lsmod (ok)
> >6. start the config with 'ciped-cb -o /etc/cipe/options
> >(...where things go wrong)
> >
> >here is the contents of 'options':
> >
> >ptpaddr
> >ipaddr
> >me x.x.x.x.14:7016
> >peer y.y.y.y:7017
> >key aaaaaaaa
> >cttl 64
> >maxerr -1
> >
> >As you can see, peer is there, but I don't think this is the problem.
> >Note: my floppyfw has only insmod as tool to handle modules. modprobe
> >isn't provided. this is why I setted the --disable-dyndev option at
> >config-time.
> >
> >Is there anyone who can help me out with this?
> >
> >Note: my previous question was about a segmentation fault while
> >ciped-cb. This was because of wrong libs. This problem has been
> >So the libs are ok!
>Ing. Wolfgang Ailec, ACP IT Solutions GmbH
>(vormals INTAKT Telekommunikation GmbH)
>Faerberberg 69             A-8330 Feldbach
>email: W.Ailec,AT,awe,DOT,at, Ailec,AT,intakt,DOT,at
>Tel.No.: +43 3152 30300
>Fax.No.: +43 2235 4362211
>WWW : <http://www.intakt.at/>
>    <http://www.awe.at/> <http://www.acp.at>

Ing. Wolfgang Ailec, ACP IT Solutions GmbH
(vormals INTAKT Telekommunikation GmbH)
Faerberberg 69             A-8330 Feldbach
email: W.Ailec,AT,awe,DOT,at, Ailec,AT,intakt,DOT,at
Tel.No.: +43 3152 30300
Fax.No.: +43 2235 4362211
WWW : <http://www.intakt.at/>
   <http://www.awe.at/> <http://www.acp.at>

Attachment: bin00001.bin
Description: "winmail.dat"

<< | Thread Index | >> ]    [ << | Date Index | >> ]