IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2023/01/12
lbt Uh, it seems my router that automatically updated the Debian packages became unreachable by router console :(
lbt ERROR [ Establisher] ter.transport.udp.PacketPusher: No endpoint to send 81 byte pkt with 1.2.3.4:1234 priority=550 msgType=72
lbt Seems I have several/sec of those in the log file
lbt Only on one of them though, the other is silent in the log (but also doesn't respond at router console). Both are running (process) and are listening on the port though, but just timeout in the browser it seems
lbt Ok, so concole was just a problem with hanging ssh tunnels
RN that is what wire clothes hangers get you
RN glad you sorted it
lbt Damnit, ya, happens to me every few years. Something is "odd" and then it takes me an hour to find out it's just the ssh hanging around in some strange state or so. Should probably try autossh or so :o
RN Σ:Đ
dr|z3d sometimes ctrl+c'ing ssh and retrying works.
lbt Ya, that did it for the console access indeed
dr|z3d if your ssh port is open on demand, sometimes a couple of ctrl+c's can get there.
dr|z3d 0 hops on server and client for an ssh tunnel also helps, if you own the endpoint.
lbt All good with access. Seeing MBs of those error logs just put me on the wrong path thinking it might not be me ;)
lbt So I'm seeing about 10k / per hour of these "ter.transport.udp.PacketPusher: No endpoint" on this one router. Any hints how to find out what's wrong there?
lbt They are all ipv4/udp and priority 550. Several thousand different IPs, varying packet size. 2/3 are msgType=72 if that helps
lbt Console "looks fine to me" as in "Network: OK", has traffic and participating tunnels ...
zzz restart
lbt Scrolling like before after restart
zzz your box's IPv4 is broken or you've done something strange to your IPv4/IPv6 configuration
lbt Restarting the machine now (the above was only router)
zzz look for some relevant error before the no endpoint errors start happening
zzz esp. with UDPEndpoint dying
lbt wrapper.log shows an error about not being able to reach ntp servers
lbt I do seem have ipv4 connectivity just fine though (ssh works, ping works too)
lbt Found this warning in the logs then too: nsport.ntcp.OutboundNTCP2State: NTP failure, NTCP adjusted clock by 97s source router: xxxxxxx
lbt I now grepped for anything BUT "ter.transport.udp.PacketPusher" and there is only that ntp WARN aside of those
lbt I installed ntp now and running "ntpq -p" shows me a good number of connected ipv4 hosts then, so that too seems to work "on the box in general"
zzz you on a real box or in some VM or hosted situation?
lbt It's a VM, yes
zzz you can look on the new /peers status tab to isolate the problem
zzz to e.g. ssu2 only, ssu1 only, all IPv4, etc
lbt SSU1/2 both have 0 on Ipv4, outgoing has "** 0"
zzz ntcp2 working? incoming working?
lbt Ya, ntcp2 shows numbers for both ipv4/6 in and out
zzz did you do any custom config on /confignet ?
lbt IPs (4/6) are specified there, and the port I chose manually
lbt UPnP disabled
zzz so you specified explicit IPs?
lbt Yes
zzz that's almost certainly the problem
zzz you specified an IPv4 address you don't have and you can't bind to
zzz go back to auto-detect and if it doesn't restart by itself, then restart
zzz there should have been a log error right at startup about it, don't know why it wouldn't be there
lbt "Use auto-detected IP address (currently 1.2.3.4)" does show me the same, though. Also pretty sure it worked on this box before "whatever I did there" and also works fine on the other box
zzz that's my theory atm, if I'm wrong, I'll think harder
lbt I set it to "Use all auto-detect methods" at the top now and it's performing a soft restart
lbt Looks like no more scrolling now indeed
lbt Interesting. It has to use the exact same addresses, or it wouldn't work. So how does specifying those break it?
zzz because you can't bind to the external addr from inside the vm
zzz if you ignore all the warnings and do a custom config, be prepared for it to break, and mention that up front if you need help :)
lbt Apologies, wasn't aware. I could add that I had it on "ipv6 only" in the beginning and only added ipv4 later on as it was seeing rather little traffic there. Now it's on "Enable ipv6" and not any of the prefer options ...
lbt However, I'm running another router just fine with settings as I had them here before I switched them now
zzz but is that on a vm too?
lbt Yes, it is a very similar setup
zzz hmph.
zzz if you can't find a relevant error at startup, it's tough to investigate further
lbt Hm, the ipv6 on the other machine might not be routed but NATted/forwarded instead actually. Mixing routed ipv6 with NATted ipv4 in the virtualisation could be "fishy" or so
lbt Anyways, thx 4 your time and help. I guess the router's in the clear again and I know what to try first if I see it again
lbt This might be interesting: Checking /peers on that other server I see the "** 0" again, but here they are on ssu1/2 for ipv6 now. No errors reported here, though. I'll see if that changes if I switch that to auto-detect too
lbt Ended disabling ipv6 on the other now, so two half-broken routers kinda fixed I guess. Hate the idea at least one of them has been like this for quite a while ...
lbt So in conclusion: It's not enough to check for "Network: OK" but the real check is to look at /peers and make sure there are connections on all "lanes" basically?
zzz not saying there aren't bugs with the specify-address stuff, but without any startup log errors to go off of, it would be way way down on my todo list
lbt emphasis on "/peers is good" :) That was probably a rather special setup with NAT on ipv6 (which felt wrong when I did it)
eche|off wahh, NAT on IPv6 is evil as nothing else (tm)
lbt Ya, I opposed it - but it isn't "my" machine ...
zzz nice that the new /peers tab was helpful here
lbt I noticed "Built By:Undefined" on /logs here (Debian package install). Is that supposed to show undefined? I tried to have a look myself. LogsHelper is looking for an attribute "Built-By" from i2p.jar and debian/rules is setting "build.built-by=debian". The difference in upper-/lower-case looks suspicious btw ;) But that's about how far I got.
dr|z3d lbt: if you built the update, you probably want a build properties override.
dr|z3d see build.properties for instructions.
lbt I didn't, it's packages from deb.i2p2.de
dr|z3d you'll want build.built-by=lbt in the override, otherwise someone else does :)
dr|z3d_ it's probably being built by ubuntu's build bot.
dr|z3d_ zzz, the router.config warning could be better.
zzz shoot
dr|z3d_ why not inform the user to add "router.rebuildKeys=true" to the config instead if copied to another router?
zzz simple 'dont do that' seems best
zzz anything else I'd have to test
dr|z3d tested that config aplenty, works without issue. new id, new port.
dr|z3d if someone wants to deploy the same config to 1/2 dozen routers, the last thing you want is to discourage them :)
dr|z3d that's a neat trick, anyways, inserting comments into the file.
dr|z3d I'll probably add something about enabling inline editing in the console with routerconsole.advanced=true
zzz there's all sorts of other configs that could be problematic, like last IP, last firewalled, etc
zzz experts gonna expert, the warnings are for everybody else
dr|z3d NPE in packet handler..
dr|z3d ERROR[...Handler 4/4] ...dp.PacketHandler: Internal error handling a UDP packet:
dr|z3d * Address: [2602:fc05:0:0:0:0:0:8]:7777
dr|z3d * Size: 97 bytes; Priority: 100; sinceEnqueued: 0; sinceReceived: 0
dr|z3d java.lang.NullPointerException
dr|z3d at net.i2p.router.transport.udp.PeerTestManager.receiveTestReply(PeerTestManager.java:597)
dr|z3d at net.i2p.router.transport.udp.PeerTestManager.receiveTest(PeerTestManager.java:894)
dr|z3d at net.i2p.router.transport.udp.PacketHandler$Handler.handlePacket(PacketHandler.java:774)
dr|z3d at net.i2p.router.transport.udp.PacketHandler$Handler.receivePacket(PacketHandler.java:491)
dr|z3d at net.i2p.router.transport.udp.PacketHandler$Handler.handlePacket(PacketHandler.java:277)
dr|z3d at net.i2p.router.transport.udp.PacketHandler$Handler.run(PacketHandler.java:220)
dr|z3d at java.base/java.lang.Thread.run(Thread.java:829)
dr|z3d at net.i2p.util.I2PThread.run(I2PThread.java:103)
dr|z3d wrapper log has them all over on the router in question.
zzz dr|z3d, that's identical to your report on saturday that I fixed before the release
dr|z3d let me double check the timestamps.
dr|z3d yeah, sorry, zzz, my bad, those appear to be remnants of the pre-fix sessions.
zzz phew
dr|z3d zzz: re (non-)migration of router.config, an alternative proposal is to offer an export config button on /configadvanced that automagically strips all the offending lines from the config and then spits out a santized version for deployment elsewhere.
zzz yeah, but that's hard to test for reasons given above
zzz don't want to make a list of all problematic configs
dr|z3d ok, just a thought.
dr|z3d_ > ok, just a thought.
lbt After hours of running seemingly fine the other router started giving me "IPv6: Firewalled" - although ipv6 is routed there. Nothing to see in the logs.
lbt After what we had earlier, I decided to switch ipv6 off on that one as well for now. I don't know how to diagnose fix this, so better stable and ipv4 only then I guess
zlatinb Hey guys. Just stopping by. I said what I had to say in #i2p but that channel isn't logged on major.i2p.
zlatinb I know developer are busy people and I hate to be offtopic, believe me.
zlatinb So I'll say it real quick - I posted on LinkedIn that "islam was created by Satan". If you would to verify that, my real name is Zlatin Balevsky.
zlatinb Now I will shut up :)
zlatinb One last thing before I fuck off and stop wasting everyone's precious time. I've been trying to invite a guy known as Mahdi for a coffee. Oh, did I say Mahdi? Must haveen a Freudian slip. I meant to say dr|z3d. See ya!