#ls2 (irc2p) | #ls2 proposal review channel : Reviews Tuesdays 7 PM UTC: none scheduled

zzz now chasing 'bad dest conn ID' in data phase, I think only coming from java i2p? a few times an hour

zzz tweaking logging to get more info

orignal not sure maybe my bug

zzz haven't seen from i2pd yet

zzz definitely from java only

zzz all about 100 bytes, all IPv4

zzz I think maybe an SSU 1 peer test going to SSU 2? lets see how big those are

orignal good point

orignal I'm not sure if I verify source conn id

zzz or SSU 1 relay maybe

zzz PeerState2: bad Dest Conn id Short header destID -6090485163256556602 pkt num 2555129402 type 254 flags 7447676 size 106 on 67.219.137.173:16034 oBZUnh IB2

orignal how do you know it's peer test?

zzz just guessing

zzz min size 96 max 111

zzz actually I think it's a SSU 1 relay request

orignal probabky

zzz those are 96 bytes if no padding

zzz I haven't enabled SSU2 relay yet, so the code is sending SSU 1 relay :(

orignal relay or peertest?

orignal it might be my issue

orignal need to check if I pick right introducers for SSU1

orignal if SSU address contains both

zzz relay request

zzz hmm

zzz Cross-version relaying should also be supported if possible. This will facilitate a gradual transition from SSU 1 to SSU 2. The allowed version combinations are (TODO):

zzz Alice/Bob Bob/Charlie Alice/Charlie Supported

zzz 1 1 2 no, use 1/1/1

zzz 1 2 1 yes?

zzz 1 2 2 no, use 1/2/1

zzz 2 1 2 yes?

zzz 2 2 1 no, use 2/2/2

zzz 2 2 2 yes

zzz and 2/1/1 missing from chart

orignal what?

orignal should I check version in relay request?

zzz right now I'm only allowing 2

zzz but the "yes?" lines we haven't decided yet

orignal so you mean that I might receive relay request with ver 1 and have to fiind relay tag amount SSU1 sessions?

zzz we haven't talked about it

zzz still trying to get the basics working

orignal but good to know anyway

orignal but ofc if I try to connect to ipv6 and have ipv4 libk with introducer I use ipv4 libk

zzz peer test we decided not to do mixed 1/2

orignal no

zzz relay we haven't decided yet

orignal not a problem for me

zzz but for now, definitely not

orignal anyway it's worth to check ver field and send error

zzz sure

zzz current bug is I'm sending SSU 1 relay request encrypted with SSU 1 intro key

zzz glad I figured it out without having to chase it on the testnet

orignal how many ranges do you put to ack block?

orignal I mean max

orignal I use 8 but not sure if it's right

zzz private static final int ABSOLUTE_MAX_ACK_RANGES = 512;

zzz Corrupt Session Request after Retry from: IES2 95.216.225.15:11752 lifetime: 6s Rcv ID: 3986676436216167778 Send ID: -9187433928219503475 RelayTag: 0 IB_STATE_RETRY_SENT

zzz java.security.GeneralSecurityException: Token mismatch: 1: -645063226230711162 2: -7820926138376890896

zzz don't even know what thats about

orignal will 512 fit a single message?

orignal remmber you send it in every single datamessage

zzz I will only send what fits

zzz int maxRanges = Math.min((availableForAcks - (SSU2Payload.BLOCK_HEADER_SIZE + 5)) / 2, ABSOLUTE_MAX_ACK_RANGES);

orignal I see

zzz Block block = peer.getReceivedMessages().toAckBlock(maxRanges);

zzz so I say 'here's the max number of ranges that will fit, give me an ack block for that'

zzz ok I figured out the token mismatch

zzz - I got a session request with an invalid token (I had recently restarted)

zzz - I sent a retry

zzz - retry probably got lost

zzz - I got a retranmitted session request with the same invalid token

zzz the spec says we never retransmit retry

orignal еthen we should

zzz maybe? the issue is spoofing

zzz that's why the spec says no

orignal yes

orignal typo

orignal not sure

zzz I'll look at QUIC again

orignal fixed ranges issue

orignal will restrt 2RRY

zzz ok. Also seen several times from nYlJ in last 24 hours

zzz that's the only other one

orignal fixed 5 minutes ago

orignal but as I said 2RRY is very special due bad network

zzz will keep an eye on it

zzz i have better logging now if it happens again

zzz example:

zzz 06-11 03:15:13.520 WARN [ handler 1/1] outer.transport.udp.PeerState2: Bad ACK block

zzz ACK 38-30 ACK 29 ACK 28 ACK 27 ACK 26 ACK 25 ACK 24 ACK 23 ACK 22--215

zzz Ack through 38 acks 8

zzz 00000000 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 ee |................|

zzz from [2a01:cb08:8a71:f802:4ecf:7216:4c3a:9516]:30018 nYlJtl

orignal I've retsrated just now

orignal strange ipv6 address bte

zzz why?

orignal all octets are presented

orignal that's rare

zzz no, that's normal for temporary addresses handed out by firewalls

zzz you're used to ipv6 on VPS

zzz or corporate

orignal yes

orignal but even HE

zzz java i2p prefers a temporary address if available

orignal please examplin

orignal what do you do for it?

zzz we collect all our addresses on all our interfaces

zzz then pick the "best" ipv4 and ipv6 addresses to publish

orignal and bind to it?

zzz yes

zzz and open them on upnp. we support ipv6 upnp now. that was a lot of work

orignal we do it explicitly thorugh config

zzz on linux we use /proc/net/if_inet6 to classify the v6 addresses

zzz elsewhere we use some heuristics

orignal but you know nothing about routing

orignal e.g. an address might be in global scope but not work

zzz typically the temporary addresses get deprecated once a day and vanish after a week

zzz we keep the previous address open for a day in upnp, so we have two open v6 addresses

zzz sure, we have a UI and config also to pick one. In the UI we don't let them pick a temporary address

orignal fine, will check what can be done

zzz if you have a i2p.jar around, try: 'java -jar i2p.jar addresses' to see what we detect

orignal but I don't have Java on that boxes ))

zzz warning, ipv6 upnp is a lot of work and most boxes don't support it anyway

orignal we don't support it yet

zzz I had to buy a new router just so I could develop and test it

orignal any openwrt supports it

zzz yeah but my last router didn't have it compiled-in :(

zzz of course, ipv6 temporary addresses is still an issue, even without ipv6 upnp support

orignal zzz, your router doesn't have ipv6 address anymore. why?

zzz orignal, I have IPv6 force-firewalled to test my relay code

zzz been that way for a few days

eyedeekay It looks like I'll be getting my pre-flight test Monday afternoon, may not make the meeting depending on how long it takes

zzz good news is they're dropping the return requirement so you won't get stuck there

zzz that was one of my main fears

eyedeekay Yeah I saw that, really good news for me, until yesterday I was planning to have to get tested twice

orignal yes, but I tried the test with you today and noticed it