[Opensim-users] Any way to display the values of "IP" and "MyIP"
Rick Anderson
rianders at docs.rutgers.edu
Wed Apr 11 18:37:59 UTC 2012
Diva,
I'll go back to using the rugrid.rutgers.edu in the robust
configuration and see what happens.
Robust.ini result,
----
18:17:50 - [HOME AGENT HANDLER]: Unauthorized machine 184.162.51.100
tried to set client ip to 165.230.192.41
18:17:50 - [USER AGENT SERVICE]: Request to login user Rk.Jinn
@rugrid.rutgers.edu (@stored IP) to grid http://174.129.197.43:8002/
18:17:50 - [USER AGENT SERVICE]: this grid:
http://rugrid.rutgers.edu:8002/, desired grid:
http://174.129.197.43:8002/
18:17:50 - [GATEKEEPER SERVICE]: Login request for Rk.Jinn
@rugrid.rutgers.edu @ http://rugrid.rutgers.edu:8002/
(80861b47-0d09-49e0-a711-8e59851006f9) at JumpNexus0 using viewer
Imprudence 1.4.0.1, channel Imprudence, IP 165.230.192.41, Mac
3bb974300b81b292f953727e3cf33574, Id0 6468c4a3c3a6f5fa9e55986a1017e0f0
Teleport Flags 0
18:17:50 - [GATEKEEPER SERVICE]: Verifying http://174.129.197.43:8002
against http://rugrid.rutgers.edu:8002
18:17:50 - [GATEKEEPER SERVICE]: Unable to verify identity of agent
Rk.Jinn @rugrid.rutgers.edu. Refusing service.
18:17:50 - [USER AGENT SERVICE]: Unable to login user Rk.Jinn
@rugrid.rutgers.edu to grid http://174.129.197.43:8002/, reason:
Unable to verify identity
----
In this case rugrid.rutgers.edu = 174.129.197.43.
I'll try this next:
> Second, use the hosts files to adjust the mappings between domain names and
> IP addresses inside the network if needed.
Also, this is running in the Amazon AWS cloud. So each machine has
public/private addresses.
-_Rick
On Wed, Apr 11, 2012 at 1:13 PM, Diva Canto <diva at metaverseink.com> wrote:
> The higher-order bit of what I'm about to say is that OpenSim networking is
> a complicated matter. Hypergrid networking adds even more complexity to it.
> Having said that, let me explain a bit.
>
> The main source of problems arise when you have the following situation:
> (1) the servers are on a given network
> (2) some clients are also on that network
> (3) some clients are on external networks
> This is usually the case with universities, for example, depending on how
> the university network is set up. Hence you need to be extra careful.
>
> The Hypergrid performs several checks for ensuring identity security. These
> checks are based on the domain names that the grids use, on the IP addresses
> of the robust servers and on the IP addresses of the clients.
>
> The IP address from where the client logged in is the vital piece of info
> that needs to be asserted throughout HG teleports. The user's home grid
> knows that address; the simulators that the user visit also know that
> address. In order for those simulators to make sure that the agent that
> they're getting is the real thing, and not a fake pretending to be a certain
> user, they call back to the user's home grid for IP verification. That's
> when that debug message gets printed out.
>
> Two things can happen: either the IP address of the client that the
> destination simulator gets is exactly the same as the IP address that the
> home grid saw at client login (normal case, when servers and clients are on
> separate networks) or the IP address of the client that the destination
> simulator gets is different than the one seen at login in the home grid, but
> is the same as the robust server -- which means that the client logged in in
> the same machine where the robust server runs. This happens in standalones
> ran at people's homes, for example, where there's just on box running both
> OpenSim and the viewer.
>
> So, what does this mean for people with a mix of clients inside the
> server-side network and clients outside?
>
> First of all, stick to using domain names, not IP addresses. That is just
> bound to cause problems, because many times the IP addresses seen from the
> outside are different from the IP addresses seen from the inside of a
> network. If you fix it for one case, you screw it up for the other. So, rule
> #1: USE DOMAIN NAMES in the Robust configuration.
>
> Second, use the hosts files to adjust the mappings between domain names and
> IP addresses inside the network if needed.
>
> I am sure that this process of IP verification can be improved to account
> for these hybrid setups, but for the time being only the simplest of cases
> is accounted for (client logged in in the same machine as the home grid).
>
>
> On 4/11/2012 8:35 AM, Rick Anderson wrote:
>>
>> It turns out that MyIP displays the IP address when it can be found.
>> I changed my Robust configuration from rugrid.rutgers.edu to the IP
>> address and it now returns the correct client info:
>>
>> 15:32:39 - [USER AGENT SERVICE]: Verifying Client session
>> 7a0ffc9a-c6ea-4a8c-899d-88f9fe0da2bf with reported IP 165.230.192.41.
>> 15:32:39 - [USER AGENT SERVICE]: Comparing 165.230.192.41 with login
>> IP 165.230.192.41 and MyIP 165.230.192.41; result is True
>>
>> When I return my region is light blue. So I've made one step forward.
>>
>> -_Rick
>>
>> On Wed, Apr 11, 2012 at 11:24 AM, Rick Anderson
>> <rianders at docs.rutgers.edu> wrote:
>>>
>>> I'm trying to trace down an error with the unauthorized machine
>>> message from "HOME AGENT HANDLER" There is a value comparing login IP
>>> with MyIP with a result of false:
>>> 15:19:28 - [USER AGENT SERVICE]: Verifying Client session
>>> b5495ff5-827a-4bd2-98ee-2eb3e5dfe036 with reported IP 165.230.192.41.
>>> 15:19:28 - [USER AGENT SERVICE]: Comparing 165.230.192.41 with login
>>> IP and MyIP ; result is False
>>>
>>> Can the values of "IP" and MyIP" be shown in the console?
>>>
>>> -_Rick
>>> --
>>> Rick Anderson
>>> Director of Virtual Worlds
>>> Division of Continuing Studies (DoCS)
>>> Rutgers University
>>> (732) 586-3265
>>
>>
>>
>
> _______________________________________________
> Opensim-users mailing list
> Opensim-users at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-users
--
Rick Anderson
Director of Virtual Worlds
Division of Continuing Studies (DoCS)
Rutgers University
(732) 586-3265
More information about the Opensim-users
mailing list