zzz
now chasing 'bad dest conn ID' in data phase, I think only coming from java i2p? a few times an hour
zzz
tweaking logging to get more info
orignal
not sure maybe my bug
zzz
haven't seen from i2pd yet
zzz
definitely from java only
zzz
all about 100 bytes, all IPv4
zzz
I think maybe an SSU 1 peer test going to SSU 2? lets see how big those are
orignal
good point
orignal
I'm not sure if I verify source conn id
zzz
or SSU 1 relay maybe
zzz
PeerState2: bad Dest Conn id Short header destID -6090485163256556602 pkt num 2555129402 type 254 flags 7447676 size 106 on 67.219.137.173:16034 oBZUnh IB2
orignal
how do you know it's peer test?
zzz
just guessing
zzz
min size 96 max 111
zzz
actually I think it's a SSU 1 relay request
orignal
probabky
zzz
those are 96 bytes if no padding
zzz
I haven't enabled SSU2 relay yet, so the code is sending SSU 1 relay :(
orignal
relay or peertest?
orignal
it might be my issue
orignal
need to check if I pick right introducers for SSU1
orignal
if SSU address contains both
zzz
relay request
zzz
hmm
zzz
Cross-version relaying should also be supported if possible. This will facilitate a gradual transition from SSU 1 to SSU 2. The allowed version combinations are (TODO):
zzz
Alice/Bob Bob/Charlie Alice/Charlie Supported
zzz
1 1 2 no, use 1/1/1
zzz
1 2 1 yes?
zzz
1 2 2 no, use 1/2/1
zzz
2 1 2 yes?
zzz
2 2 1 no, use 2/2/2
zzz
2 2 2 yes
zzz
and 2/1/1 missing from chart
orignal
what?
orignal
should I check version in relay request?
zzz
right now I'm only allowing 2
zzz
but the "yes?" lines we haven't decided yet
orignal
so you mean that I might receive relay request with ver 1 and have to fiind relay tag amount SSU1 sessions?
zzz
we haven't talked about it
zzz
still trying to get the basics working
orignal
but good to know anyway
orignal
but ofc if I try to connect to ipv6 and have ipv4 libk with introducer I use ipv4 libk
zzz
peer test we decided not to do mixed 1/2
orignal
no
zzz
relay we haven't decided yet
orignal
not a problem for me
zzz
but for now, definitely not
orignal
anyway it's worth to check ver field and send error
zzz
sure
zzz
current bug is I'm sending SSU 1 relay request encrypted with SSU 1 intro key
zzz
glad I figured it out without having to chase it on the testnet
orignal
how many ranges do you put to ack block?
orignal
I mean max
orignal
I use 8 but not sure if it's right
zzz
private static final int ABSOLUTE_MAX_ACK_RANGES = 512;
zzz
Corrupt Session Request after Retry from: IES2 95.216.225.15:11752 lifetime: 6s Rcv ID: 3986676436216167778 Send ID: -9187433928219503475 RelayTag: 0 IB_STATE_RETRY_SENT
zzz
java.security.GeneralSecurityException: Token mismatch: 1: -645063226230711162 2: -7820926138376890896
zzz
don't even know what thats about
orignal
will 512 fit a single message?
orignal
remmber you send it in every single datamessage
zzz
I will only send what fits
zzz
int maxRanges = Math.min((availableForAcks - (SSU2Payload.BLOCK_HEADER_SIZE + 5)) / 2, ABSOLUTE_MAX_ACK_RANGES);
orignal
I see
zzz
Block block = peer.getReceivedMessages().toAckBlock(maxRanges);
zzz
so I say 'here's the max number of ranges that will fit, give me an ack block for that'
zzz
ok I figured out the token mismatch
zzz
- I got a session request with an invalid token (I had recently restarted)
zzz
- I sent a retry
zzz
- retry probably got lost
zzz
- I got a retranmitted session request with the same invalid token
zzz
the spec says we never retransmit retry
orignal
еthen we should
zzz
maybe? the issue is spoofing
zzz
that's why the spec says no
orignal
yes
orignal
typo
orignal
not sure
zzz
I'll look at QUIC again
orignal
fixed ranges issue
orignal
will restrt 2RRY
zzz
ok. Also seen several times from nYlJ in last 24 hours
zzz
that's the only other one
orignal
fixed 5 minutes ago
orignal
but as I said 2RRY is very special due bad network
zzz
will keep an eye on it
zzz
i have better logging now if it happens again
zzz
example:
zzz
06-11 03:15:13.520 WARN [ handler 1/1] outer.transport.udp.PeerState2: Bad ACK block
zzz
ACK 38-30 ACK 29 ACK 28 ACK 27 ACK 26 ACK 25 ACK 24 ACK 23 ACK 22--215
zzz
Ack through 38 acks 8
zzz
00000000 00 01 00 01 00 01 00 01 00 01 00 01 00 01 00 ee |................|
zzz
from [2a01:cb08:8a71:f802:4ecf:7216:4c3a:9516]:30018 nYlJtl
orignal
I've retsrated just now
orignal
strange ipv6 address bte
zzz
why?
orignal
all octets are presented
orignal
that's rare
zzz
no, that's normal for temporary addresses handed out by firewalls
zzz
you're used to ipv6 on VPS
zzz
or corporate
orignal
yes
orignal
but even HE
zzz
java i2p prefers a temporary address if available
orignal
please examplin
orignal
what do you do for it?
zzz
we collect all our addresses on all our interfaces
zzz
then pick the "best" ipv4 and ipv6 addresses to publish
orignal
and bind to it?
zzz
yes
zzz
and open them on upnp. we support ipv6 upnp now. that was a lot of work
orignal
we do it explicitly thorugh config
zzz
on linux we use /proc/net/if_inet6 to classify the v6 addresses
zzz
elsewhere we use some heuristics
orignal
but you know nothing about routing
orignal
e.g. an address might be in global scope but not work
zzz
typically the temporary addresses get deprecated once a day and vanish after a week
zzz
we keep the previous address open for a day in upnp, so we have two open v6 addresses
zzz
sure, we have a UI and config also to pick one. In the UI we don't let them pick a temporary address
orignal
fine, will check what can be done
zzz
if you have a i2p.jar around, try: 'java -jar i2p.jar addresses' to see what we detect
orignal
but I don't have Java on that boxes ))
zzz
warning, ipv6 upnp is a lot of work and most boxes don't support it anyway
orignal
we don't support it yet
zzz
I had to buy a new router just so I could develop and test it
orignal
any openwrt supports it
zzz
yeah but my last router didn't have it compiled-in :(
zzz
of course, ipv6 temporary addresses is still an issue, even without ipv6 upnp support
orignal
zzz, your router doesn't have ipv6 address anymore. why?
zzz
orignal, I have IPv6 force-firewalled to test my relay code
zzz
been that way for a few days
eyedeekay
It looks like I'll be getting my pre-flight test Monday afternoon, may not make the meeting depending on how long it takes
zzz
good news is they're dropping the return requirement so you won't get stuck there
zzz
that was one of my main fears
eyedeekay
Yeah I saw that, really good news for me, until yesterday I was planning to have to get tested twice
orignal
yes, but I tried the test with you today and noticed it