Cjdns Troubleshooting

From meshwiki
(Redirected from CJDNS Troubleshooting)
Jump to: navigation, search
The very incomplete Troubleshooter ™

Is Cjdns running

pgrep cjd if it outputs two numbers, it is running.

How many daemons do you have running

You can run multiple daemons of Cjdns but you probably don't want that. Run top -c -p $(pgrep -d',' -f cjd) this should output the processes that match the command of cjd. For a default Cjdns installation this should output two results. The angel and the core process.
Note Note: Other scripts or binaries matching cjd will also show.
Make sure you have only one Cjdns instance running. If you have to much instances running kill them with kill <pid> before you continue.

Ping your self

Can you ping your self? ping6 -c 4 $(ip addr | egrep 'fc[a-f0-9:]{20,}' -o).

Nothing?, Your tunnel is probably down. So bring it up.

  sudo ifconfig tunX up
Note Note: Where X in tunX is you tunnel number.

Ping your upstream node

First find the Cjdns ip of your upstream node. (Ask him/her if you can't find out) This is the node you got connection credentials from. Ping his/her ip address ping6 -c 4 <ip-address-of-upstream-node>

Nothing?, Make sure you have correct connection credentials. Use this javascript tool to fix your config file.

Look for UDP traffic

Cjdns uses UDP traffic when tunneling. Look at a tcpdump for udp packets. (Change eth0 to your physical interface)

sudo tcpdump -i eth0 udp

A healty dump looks like this.

03:44:15.658897 IP host.a.10001 > host.b.61530: UDP, length 219
03:44:15.742712 IP host.b.61530 > host.a.10001: UDP, length 212
03:44:15.767017 IP host.a.10001 > host.b.61530: UDP, length 212
03:44:15.768038 IP host.b.61530 > host.a.10001: UDP, length 127
03:44:15.880861 IP host.a.10001 > host.b.61530: UDP, length 212
03:44:16.483440 IP host.a.10001 > host.b.61530: UDP, length 243
03:44:16.749017 IP host.b.61530 > host.a.10001: UDP, length 212
03:44:18.193056 IP host.b.61530 > host.a.10001: UDP, length 243
03:44:18.354065 IP host.a.10001 > host.b.61530: UDP, length 212

Notice how the node host.a with port 10001 send a packet to host.b on port 61530 and host.b replies shortly after. If you only see connections going in one direction there is probably a firewall issue. Take a look at the log of the firewall. Common problems are the amount of concurrent connections or a very strict firewall. When you found out that you use to many concurrent connections; stop application that generate a lot connections or limit them. Torrenting is often a culprit.

Get on IRC

Everything above checks out? You've made sure it isn't a common known problems? Get on the IRC and tell what you see. Make sure to catch the logs using python.

   

Common known problems

Old version of ip binaries

Do you get the following error Object "tuntap" is unknown, try "ip help".? You have an old version of the ip binaries. Old versions of the IP utility do not work for creating tunnel devices. The fix, download the newer ip binary. Extract to /usr/local/bin

Note Note: Replacing the system binaries is not likely a good idea.

Can ping nodes but can't visit website

The MTU of the tunnel is to large. Cjdns does not negotiate a different MTU yet. Set the MTU to 1300 on your tunnel interface

  sudo ifconfig tun0 mtu 1300

If you use Cjdns as a router which serves IPv4 internet via Cjdns to IPv4 clients, use this iptables rule:

  iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Can ping some nodes but not all

Make sure the nodes you try to ping are up. Most of the Known Hyperboria sites are online 24/7. Also make sure you've waited long enough for the routing table to propagate. ~30 minutes should do it.

   ping6 -c 4 fccb:c308:4b13:fc55:cd:1dba:963e:d3b5

Make sure you use brackets when you want to visit the website

Before ipv6 : (colon) was used for the port number and : didn't exist in the ip. Since ipv6 they are part of the address and the browser tries to parse the second hextet as the port number. For that reason when using ipv6 in browsers, one needs to use

  [<ipv6-address>] or [<ipv6-address>]:port-number 

when one tries to visit a website.

Did you compile with Log_LEVEL=DEBUG

No?, You should have, it's alpha software afterall! Also, try and follow the instructions next time!

Are you up to date

Make sure you run the latest build. If you've very recently build Cjdns and haven't made it on the Hyperboria yet use The very incomplete Troubleshooter ™

In your Cjdns directory run git pull origin master. You are up to date if the last line says "Already up-to-date." If not then you just need to downloaded the latest source. All for you to do now is update Cjdns