[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnunet] nsswitch not resolving VPN records
From: |
Christian Grothoff |
Subject: |
Re: [Help-gnunet] nsswitch not resolving VPN records |
Date: |
Thu, 23 Feb 2017 23:08:44 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Icedove/45.6.0 |
Dear Ivan,
First of all, 0.10.1-4 is like 3+ years old, so I'm likely to have
forgotten about some of the 350+ issues we've fixed since. Generally,
we right now recommend people (especially devs) to use the code from
Git, even though that's naturally somewhat unstable. That said, I just
had reason to test the VPN resolution logic, and for me it works right
now (in Git master).
Anyway, about your specific problem: When the gnunet-service-gns gets a
'VPN' record and is expected to produce an 'A' (or 'AAAA') record, it
must talk to gnunet-service-vpn to obtain the IPv4/IPv6 address. You
can do the same kind of operation using the 'gnunet-vpn' command-line
tool (specify info from VPN record, it should return the IP). If
gnunet-service-vpn is
* not running (even though it should be started automatically),
* not working (i.e. interface not up, SUID gnunet-helper-vpn not
properly installed)
* or somehow not accessible (access control policy on UNIX domain
socket, iptables blocking TCP port, etc)
it will block/retry until VPN becomes available (which of course usually
means "never" in the 3 cases above).
To diagnose, you might try running 'gnunet-vpn' with the matching
information from the VPN record as the same user that executes
gnunet-service-gns. If that works, eh, well, then I don't know and
would have to start debugging (but I don't debug 0.10.1 anymore).
Happy hacking!
Christian
On 02/22/2017 12:15 PM, Ivan Vilata-i-Balaguer wrote:
> Hi list,
>
> While testing GNUnet, I've followed the user handbook to check the
> GNUnet VPN: <https://gnunet.org/first-steps-using-gnunet-vpn>. I've
> found that, after configuring the Name Service Switch, configuring the
> exit and creating the GNS VPN record, the example ``www.gnu`` entry
> cannot be resolved (e.g. ``wget http://www.gnu/`` hangs indefinitely
> resolving).
>
> I checked that ``getent ahosts gnunet.org`` works, but with ``www.gnu``
> it also hangs. Then running ``gnunet-gns -u www.gnu`` also hangs.
> However, running ``gnunet-gns -u www.gnu -t VPN`` returns the result
> immediately. If I create an A record instead, all the calls above
> succeed.
>
> My ``hosts`` entry in ``/etc/nsswitch.conf`` is:
>
> hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns
> mdns4
>
> I'm using Debian unstable's GNUnet package (version 0.10.1-4).
>
> Do you have an idea of what may be going on? Maybe there's some
> configuration in my system which causes problems with VPN records?
>
> Thanks for your help!
>
signature.asc
Description: OpenPGP digital signature