HP-UX Mobile IPv4 A.03.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Networking Software

121

122

123

124

125

126

127

128

129

130

8GTKH[KPICPF6TQWDNGUJQQVKPI

%QOOQP2TQDNGOU

Chapter 8

103

AAA Registration Fails because IP Name or Address Resolution Fails

(gethostbyname() failed, gethostbyaddr() failed)

For AAA Mobile Node registration, the Home Agent and Foreign Agent use a Home

Agent - Foreign Agent security key. The agents store and retrieve this key using the peer

agent’s hostname, and use gethostbyaddr() to resolve the source IP address from

incoming packets to a hostname. In addition, the Home Agent checks that it can resolve

the Foreign Agent’s AAA Fully-Qualified Domain Name (FQDN) to an IP address when

it stores the key.

On the Home Agent, log entries similar to the one below indicate problems storing the

Home Agent - Foreign Agent key because of gethostbyname() problems:

Dec 30 15:12:54 ERROR: Cannot add host key for

hpindhqq.foreign.com; gethostbyname() failed

If the Home Agent cannot store the key, it will not send an authentication extension in

Diameter AA-Mobile Node Answer (AMA) to the Foreign Agent, and the Foreign Agent

will log entries similar to the one below:

Feb 10 12:20:04 hpindhqq mipd[24158]: WARN: FA: Non-Success return

code (4005: Result-Code: MIP reply failure) in AMA for MN

(linux2@home.com)

Feb 10 12:20:04 hpindhqq mipd[24158]: ERROR: Cannot add host key for

11.11.11.2; gethostbyaddr() failed

Feb 10 12:20:04 hpindhqq mipd[24158]: ERROR: Cannot find host key to

11.11.11.2; gethostbyaddr() failed

Feb 10 12:20:04 hpindhqq mipd[24158]: WARN: FA: registration of MN

linux2@home.com failed (code 133 HME_IDENT_MISMATCH)

Feb 10 12:20:05 hpindhqq mipd[24158]: ERROR: FA: No AAA distributed

FA-HA security association is recorded for HA (11.11.11.2) for MN

(linux2@home.com)

Feb 10 12:20:05 hpindhqq mipd[24158]: WARN: Replying with Error

‘FOR_HME_AUTH_FAIL’

Feb 10 12:20:05 hpindhqq mipd[24158]: WARN: FA: rejected request

from MN (linux2@home.com) to HA(11.11.11.2) 50 sec -

FOR_HME_AUTH_FAIL

Feb 10 12:20:17 hpindhqq mipd[24158]: ERROR: Cannot find host key to

11.11.11.2; gethostbyaddr() failed

If the Home Agent successfully stores the key and sends an authentication extension in

the AMA but the Foreign Agent cannot resolve the Home Agent’s IP address to a

hostname, you will see log entries similar to those below:

Dec 30 14:48:23 WARN: FA: registration of MN linux2@home.com

failed (code 133 HME_IDENT_MISMATCH)

Dec 30 14:48:24 ERROR: FA: No AAA distributed FA-HA security

association is recorded for HA (11.11.11.2) for MN (linux2@home.com)

Dec 30 14:48:24 WARN: Replying with Error ‘FOR_HME_AUTH_FAIL’

Dec 30 14:48:24 WARN: FA: rejected request from MN

(linux2@home.com) to HA(11.11.11.2) 50 sec - FOR_HME_AUTH_FAIL

Solution To successfully store and use the key, your configuration must meet the

following requirements: