IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2022/06/11
zzz now chasing 'bad dest conn ID' in data phase, I think only coming from java i2p? a few times an hour
zzz tweaking logging to get more info
orignal not sure maybe my bug
zzz haven't seen from i2pd yet
zzz definitely from java only
zzz all about 100 bytes, all IPv4
zzz I think maybe an SSU 1 peer test going to SSU 2? lets see how big those are
orignal good point
orignal I'm not sure if I verify source conn id
zzz or SSU 1 relay maybe
zzz PeerState2: bad Dest Conn id Short header destID -6090485163256556602 pkt num 2555129402 type 254 flags 7447676 size 106 on 67.219.137.173:16034 oBZUnh IB2
orignal how do you know it's peer test?
zzz just guessing
zzz min size 96 max 111
zzz actually I think it's a SSU 1 relay request
orignal probabky
zzz those are 96 bytes if no padding
zzz I haven't enabled SSU2 relay yet, so the code is sending SSU 1 relay :(
orignal relay or peertest?
orignal it might be my issue
orignal need to check if I pick right introducers for SSU1
orignal if SSU address contains both
zzz relay request
zzz hmm
zzz Cross-version relaying should also be supported if possible. This will facilitate a gradual transition from SSU 1 to SSU 2. The allowed version combinations are (TODO):
zzz Alice/Bob Bob/Charlie Alice/Charlie Supported
zzz 1 1 2 no, use 1/1/1
zzz 1 2 1 yes?
zzz 1 2 2 no, use 1/2/1
zzz 2 1 2 yes?
zzz 2 2 1 no, use 2/2/2
zzz 2 2 2 yes
zzz and 2/1/1 missing from chart
orignal what?
orignal should I check version in relay request?
zzz right now I'm only allowing 2
zzz but the "yes?" lines we haven't decided yet
orignal so you mean that I might receive relay request with ver 1 and have to fiind relay tag amount SSU1 sessions?
zzz we haven't talked about it
zzz still trying to get the basics working
orignal but good to know anyway
orignal but ofc if I try to connect to ipv6 and have ipv4 libk with introducer I use ipv4 libk
zzz peer test we decided not to do mixed 1/2
zzz relay we haven't decided yet
orignal not a problem for me
zzz but for now, definitely not
orignal anyway it's worth to check ver field and send error
zzz sure
zzz current bug is I'm sending SSU 1 relay request encrypted with SSU 1 intro key
zzz glad I figured it out without having to chase it on the testnet
orignal how many ranges do you put to ack block?
orignal I mean max
orignal I use 8 but not sure if it's right
zzz private static final int ABSOLUTE_MAX_ACK_RANGES = 512;
zzz Corrupt Session Request after Retry from: IES2 95.216.225.15:11752 lifetime: 6s Rcv ID: 3986676436216167778 Send ID: -9187433928219503475 RelayTag: 0 IB_STATE_RETRY_SENT
zzz java.security.GeneralSecurityException: Token mismatch: 1: -645063226230711162 2: -7820926138376890896
zzz don't even know what thats about
orignal will 512 fit a single message?
orignal remmber you send it in every single datamessage
zzz I will only send what fits
zzz int maxRanges = Math.min((availableForAcks - (SSU2Payload.BLOCK_HEADER_SIZE + 5)) / 2, ABSOLUTE_MAX_ACK_RANGES);
orignal I see
zzz Block block = peer.getReceivedMessages().toAckBlock(maxRanges);
zzz so I say 'here's the max number of ranges that will fit, give me an ack block for that'
zzz ok I figured out the token mismatch
zzz - I got a session request with an invalid token (I had recently restarted)
zzz - I sent a retry
zzz - retry probably got lost
zzz - I got a retranmitted session request with the same invalid token
zzz the spec says we never retransmit retry
orignal еthen we should
zzz maybe? the issue is spoofing
zzz that's why the spec says no
orignal not sure
zzz I'll look at QUIC again
orignal fixed ranges issue
orignal will restrt 2RRY
zzz ok. Also seen several times from nYlJ in last 24 hours
zzz that's the only other one
orignal fixed 5 minutes ago
orignal but as I said 2RRY is very special due bad network
zzz will keep an eye on it
zzz i have better logging now if it happens again
zzz example:
zzz 06-11 03:15:13.520 WARN [ handler 1/1] outer.transport.udp.PeerState2: Bad ACK block
zzz ACK 38-30 ACK 29 ACK 28 ACK 27 ACK 26 ACK 25 ACK 24 ACK 23 ACK 22--215
zzz Ack through 38 acks 8
zzz 00000000 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 ee |................|
zzz from [2a01:cb08:8a71:f802:4ecf:7216:4c3a:9516]:30018 nYlJtl
orignal I've retsrated just now
orignal strange ipv6 address bte
zzz why?
orignal all octets are presented
orignal that's rare
zzz no, that's normal for temporary addresses handed out by firewalls
zzz you're used to ipv6 on VPS
zzz or corporate
orignal but even HE
zzz java i2p prefers a temporary address if available
orignal please examplin
orignal what do you do for it?
zzz we collect all our addresses on all our interfaces
zzz then pick the "best" ipv4 and ipv6 addresses to publish
orignal and bind to it?
zzz yes
zzz and open them on upnp. we support ipv6 upnp now. that was a lot of work
orignal we do it explicitly thorugh config
zzz on linux we use /proc/net/if_inet6 to classify the v6 addresses
zzz elsewhere we use some heuristics
orignal but you know nothing about routing
orignal e.g. an address might be in global scope but not work
zzz typically the temporary addresses get deprecated once a day and vanish after a week
zzz we keep the previous address open for a day in upnp, so we have two open v6 addresses
zzz sure, we have a UI and config also to pick one. In the UI we don't let them pick a temporary address
orignal fine, will check what can be done
zzz if you have a i2p.jar around, try: 'java -jar i2p.jar addresses' to see what we detect
orignal but I don't have Java on that boxes ))
zzz warning, ipv6 upnp is a lot of work and most boxes don't support it anyway
orignal we don't support it yet
zzz I had to buy a new router just so I could develop and test it
orignal any openwrt supports it
zzz yeah but my last router didn't have it compiled-in :(
zzz of course, ipv6 temporary addresses is still an issue, even without ipv6 upnp support
orignal zzz, your router doesn't have ipv6 address anymore. why?
zzz orignal, I have IPv6 force-firewalled to test my relay code
zzz been that way for a few days
eyedeekay It looks like I'll be getting my pre-flight test Monday afternoon, may not make the meeting depending on how long it takes
zzz good news is they're dropping the return requirement so you won't get stuck there
zzz that was one of my main fears
eyedeekay Yeah I saw that, really good news for me, until yesterday I was planning to have to get tested twice
orignal yes, but I tried the test with you today and noticed it