[Scion] Unable to run SCION after update
Juan A. García-Pardo
juagargi at gmail.com
Fri Sep 27 11:33:46 CEST 2019
Hi Siddharth,
The scion apps should be available in packaged form next week. In the
meantime, you can build them with a Go compiler >= 1.11 by cloning the
scion-apps repo, running `./depsh.sh` and then `make`
I am testing your 17-ffaa:1:cd2 user AS and it works fine. This are my
steps:
- Get the configuration from the Coordinator, uncompress it in a directory.
Chdir to it
- Run `vagrant up`. No errors are shown. Only a few red lines but with no
real problems. Last line reads "SCIONLab VM ready"
- Run `vagrant ssh` to log into the VM.
- Run `ifconfig`. It shows the tun0 interface, with IP "10.0.0.44"
- Ping the server using tun0 `ping -I tun0 10.0.8.1`. The server echoes
back.
- List SCION services with `systemctl list-dependencies scionlab.target` .
All services are okay (they are shown duplicated, but it's a know systemd
bug, no problems there).
- Ping a core AS using SCION `scmp echo -local 17-ffaa:1:cd2,[127.0.0.1]
-remote 17-ffaa:0:1101,[127.0.0.1]` . It works okay (for me with times
~6ms; that could change for you).
Let's focus on this user AS of yours and find out what is not working. I
will run this same configuration again this evening from a completely
different network, just to check our firewall has not gone crazy again. I
will send an email before I check again, but in the mean time, you could
send us your Vagrant version and platform (e.g. vagrant for windows), and
the complete /var/log/syslog file of your VM after `vagrant up` and
`vagrant ssh`. The problem you seem to have is between the VPN client and
server (that is the reason that SCION will not work). You can send the
files to the mailing list or directly to me.
Best regards,
Juan A.
On Fri, Sep 27, 2019 at 10:58 AM Siddharth Mehrotra <the4daspect at gmail.com>
wrote:
> Hi Juan,
>
> The problem still persists. I tried with another AS id's as well
> 18-ffaa:1:cd3 & 17-ffaa:1:cd2, however result is same (the border router
> service does not start & no tun0 found).
>
> Also, do you have any update on SCION-Apps? If not all, can webapp be
> restored as per SCION update ?
>
> Best regards,
> Siddharth
>
> On Thu, Sep 26, 2019 at 12:35 PM Juan A. García-Pardo <juagargi at gmail.com>
> wrote:
>
> > Hi Siddharth,
> > I have answered you also to your email directly, but I'm copying the
> answer
> > here so it gets indexed.
> > There were two problems:
> > - We had experienced some problems with our firewall and the VPN in the
> > attachment point Switzerland. Sometimes it would drop packets.
> > - Your user AS ffaa:1:c32 is marked as deactivated. You have to go to
> your
> > AS list in the Coordinator (https://www.scionlab.org/user/) and click on
> > "Activate this AS". Wait 1-2 minutes and run `vagrant up` for that user
> AS.
> > Now your ASes should be able to start the VPN tunnel without problems
> (type
> > ifconfig in the VM and you should see an interface called tun0), and the
> > active ones will have a working border router.
> > Best regards,
> >
> > Juan A.
> >
> >
> > On Thu, Sep 19, 2019 at 2:28 PM Siddharth Mehrotra <
> the4daspect at gmail.com>
> > wrote:
> >
> > > Hi Juan,
> > >
> > > Thanks for the update, it is really helpful.
> > >
> > > 1) After checking status of my connection to SCION, I see
> > > ● ├─scion-border-router at 17-ffaa_1_c32-1.service
> > > ● ├─scion-border-router at 17-ffaa_1_c32-1.service
> > >
> > > as marked RED in color. I could not understand why this happened on
> first
> > > place, just after running vagrant ssh and systemctl list-dependencies
> > > scionlab.target
> > >
> > > This appears even after restarting SCION services.
> > >
> > > 2) Still I can't find tun0 while running command ip a. The only tunnel
> > > interfaces appearing are: lo & enp0s3.
> > >
> > > 3) Is Scion web-app available?
> > > I get this error: -bash: cd: /src/github.com/netsec-ethz: No such file
> > or
> > > directory while navigating to web-apps.
> > >
> > > PS: Running SCION in a virtual machine – VPN approach
> > >
> > > Thanks,
> > > Siddharth
> > >
> > > On Thu, Sep 19, 2019 at 1:01 PM Juan A. García-Pardo <
> juagargi at gmail.com
> > >
> > > wrote:
> > >
> > > > Hi Siddharth,
> > > > We have not yet upgraded the tutorials for everything, only the
> > "updating
> > > > SCION" one:
> > > >
> > >
> >
> https://netsec-ethz.github.io/scion-tutorials/scion_tricks/updating_scion/
> > > > That said, almost all that you are seeing is normal: the
> configuration
> > > TGZ
> > > > you get from the Coordinator is very small, because your VM will get
> > the
> > > > full configuration from the Coordinator for you. Once you have run
> > > `vagrant
> > > > up`, you will see the directory /etc/scion contains a `gen` directory
> > > > inside. That one will have the full configuration.
> > > > Also, the services and tools are now packaged. There is no $SC
> > directory
> > > > anymore. Things you can run to check:
> > > > - dpkg -l |grep scion # will list scion packages, hopefully
> installed
> > in
> > > > your system
> > > > - systemctl list-dependencies scionlab.target # list status. In
> Ubuntu
> > > > 16.04 there is a systemd bug and the services will be listed twice
> > > > - sudo systemctl restart scionlab.target # restart all SCION
> services
> > > > - ls -l /var/log/scion # list scion log files
> > > > - ls -l /var/lib/scion # list trust databases, etc
> > > > - ls -l /etc/scion # list scion configuration. The gen folder has
> the
> > > > same morphology as before, but the supervisord files are not used
> > > >
> > > > On the other hand, if you want to not use the packages and go back to
> > the
> > > > developer way of doing things, you can briefly read about that also
> in
> > > the
> > > > how to update SCION page from SCION tutorials, but basically refers
> to
> > > > stopping systemd for scionlab.target and cloning/building SCION
> > yourself.
> > > >
> > > > The problem with the VPN is not clear at all though. I would like to
> > > > investigate a bit more about that. Can you try again? If you still
> see
> > > the
> > > > problem the second time you try, we'll investigate further.
> > > > Thanks and best regards,
> > > >
> > > > Juan A.
> > > >
> > > >
> > > > On Wed, Sep 18, 2019 at 10:52 AM Siddharth Mehrotra <
> > > the4daspect at gmail.com>
> > > > wrote:
> > > >
> > > >> Hi all,
> > > >>
> > > >> I tried to run SCION after update from attachment point with ETHZ-AP
> > as
> > > >> downloading new configuration. I'm currently installing inside a VM
> > with
> > > >> use of OPENVPN to connect to SCION Lab.
> > > >>
> > > >> I observed following scenarios:
> > > >>
> > > >> 1) After extracting configuration file from SCION coordination
> > service,
> > > >> the
> > > >> contents are reduced to:
> > > >> Mode LastWriteTime Length Name
> > > >> ---- ------------- ------ ----
> > > >> d----- 18-09-2019 10:25 .vagrant
> > > >> d----- 18-09-2019 10:23 gen
> > > >> -a---- 13-06-2019 09:25 3618 README.md
> > > >> -a---- 13-06-2019 09:25 3068 run.sh
> > > >> -a---- 18-09-2019 10:22 3813
> > > >> scion_lab_17-ffaa_1_c32.tar.gz
> > > >> -a---- 18-09-2019 10:34 0
> > > >> ubuntu-xenial-16.04-cloudimg-console.log
> > > >> -a---- 18-09-2019 10:24 2484 Vagrantfile
> > > >>
> > > >> Many SCION services are missing.
> > > >>
> > > >> 2) Although I was able to run the VM successfully and SSH to SCION.
> > > >> However, it seems the connection to SCION was not successful. The
> > below
> > > >> command is after running Vagrant up:
> > > >>
> > > >> default: WARNING:WARNING!: VPN could be unready. SCION may fail to
> > > start.
> > > >> default: Created symlink from
> > > >>
> > > >>
> > >
> >
> /etc/systemd/system/scionlab.target.wants/scion-border-router at 17-ffaa_1_c32-1.service
> > > >> to /lib/systemd/system/scion-border-router at .service.
> > > >> default: Created symlink from
> > > >>
> > > >>
> > >
> >
> /etc/systemd/system/scionlab.target.wants/scion-certificate-server at 17-ffaa_1_c32-1.service
> > > >> to /lib/systemd/system/scion-certificate-server at .service.
> > > >> default: Created symlink from
> > > >>
> > > >>
> > >
> >
> /etc/systemd/system/scionlab.target.wants/scion-path-server at 17-ffaa_1_c32-1.service
> > > >> to /lib/systemd/system/scion-path-server at .service.
> > > >> default: Created symlink from
> > > >>
> > > >>
> > >
> >
> /etc/systemd/system/scionlab.target.wants/scion-beacon-server at 17-ffaa_1_c32-1.service
> > > >> to /lib/systemd/system/scion-beacon-server at .service.
> > > >> default: Created symlink from
> > > >>
> > > >>
> > >
> >
> /etc/systemd/system/scionlab.target.wants/scion-daemon at 17-ffaa_1_c32.service
> > > >> to /lib/systemd/system/scion-daemon at .service.
> > > >> default: Created symlink from
> > > >> /etc/systemd/system/scionlab.target.wants/scion-dispatcher.service
> to
> > > >> /lib/systemd/system/scion-dispatcher.service.
> > > >> default: configure time sync
> > > >> default: ntp.service is not a native service, redirecting to
> > > >> systemd-sysv-install
> > > >> default: Executing /lib/systemd/systemd-sysv-install enable ntp
> > > >> default: configure unattended upgrades (automatic security
> > upgrades)
> > > >> default: SCIONLab VM ready
> > > >>
> > > >> 3) When I am inside the VM and I tried to check the connection I was
> > > >> surprised to see this:
> > > >>
> > > >> vagrant at scionlab-ffaa-1-c32:~$ checkbeacons
> > > >> checkbeacons: command not found
> > > >>
> > > >> Also fo this:
> > > >> vagrant at scionlab-ffaa-1-c32:~$ tail -f $SC/logs/bs*.DEBUG
> > > >> tail: cannot open '/logs/bs*.DEBUG' for reading: No such file or
> > > directory
> > > >> tail: no files remaining
> > > >>
> > > >> 4)Memory Test:
> > > >> vagrant at scionlab-ffaa-1-c32:~$ df -h
> > > >> Filesystem Size Used Avail Use% Mounted on
> > > >> udev 992M 0 992M 0% /dev
> > > >> tmpfs 200M 3.1M 197M 2% /run
> > > >> /dev/sda1 9.7G 1.4G 8.3G 14% /
> > > >> tmpfs 1000M 0 1000M 0% /dev/shm
> > > >> tmpfs 5.0M 0 5.0M 0% /run/lock
> > > >> tmpfs 1000M 0 1000M 0% /sys/fs/cgroup
> > > >> vagrant 136G 73G 64G 54% /vagrant
> > > >> tmpfs 200M 0 200M 0% /run/user/1000
> > > >>
> > > >> 5) tun0 not found after performing ip a command.
> > > >>
> > > >> PS: I am using Oracle Virtual Box 6.0 , Is it the compatibility
> issue
> > ?
> > > >> PS: I was able to run SCION successfully before the update with same
> > > >> Virtual Box version and vagrant also.
> > > >>
> > > >> Please look into this issue.
> > > >>
> > > >> Thanks,
> > > >> Sid
> > > >> _______________________________________________
> > > >> Scion mailing list
> > > >> Scion at lists.inf.ethz.ch
> > > >> https://lists.inf.ethz.ch/mailman/listinfo/scion
> > > >>
> > > >
> > > _______________________________________________
> > > Scion mailing list
> > > Scion at lists.inf.ethz.ch
> > > https://lists.inf.ethz.ch/mailman/listinfo/scion
> > >
> > _______________________________________________
> > Scion mailing list
> > Scion at lists.inf.ethz.ch
> > https://lists.inf.ethz.ch/mailman/listinfo/scion
> >
> _______________________________________________
> Scion mailing list
> Scion at lists.inf.ethz.ch
> https://lists.inf.ethz.ch/mailman/listinfo/scion
>
More information about the Scion
mailing list