Using Reflection X IPIDd to Detect a VPN- or NAT-Assigned IP Address

Using Reflection X IPIDd to Detect a VPN- or NAT-Assigned IP Address
Technical Note 1632
Last Reviewed 31-Aug-2007
Applies To
Reflection X version 13.0 through 14.x
Reflection Suite for X version 13.0 through 14.x
Summary

This technical note explains how to use the Reflection X IP Identification daemon (IPIDd) to automate detection of a VPN- or NAT-assigned IP address when connecting to a UNIX or Linux host using Reflection X.

Reflection X IP Identification (IPID)

Reflection X IP Identification (IPID) consists of a daemon and a client. The daemon, as source code, is compiled on the UNIX mainframe on which it will reside, either running manually or included in a startup script. The client, included in the installation of Reflection X, queries for the IP address via a registry hive. The resolution of the IP address is performed by communications between Reflection X (a port) and the daemon via a UDP datagram.

The IPID daemon is not required to make a Virtual Private Network (VPN) or Network Address Translation (NAT) connection using Reflection X, but is provided as a configuration option. Depending on your user's requirements, it may be more expedient for users to manually configure Reflection X.

VPN: For information about configuring Reflection X to connect through a VPN, see Technical Notes 1580.

NAT: For information about configuring Reflection X to work in a network environment utilizing NAT, see Technical Note 1513. Please note, IPID is not an alternative to creating NAT routing tables. When using IPID and NAT, NAT routing tables are still required.

Host Requirements

Starting the IPID daemon (IPIDd) does not require root privileges; however, you will need adequate permissions on the host to run the ipid daemon.
You must have a C compiler configured and available on your UNIX host.

Details

The IPID daemon can be run on any host within your organization's firewall. It does not need to run on the host that you will be connecting to using Reflection X.
IPIDd is a standalone daemon, it is not an INETD daemon.
The IPID daemon uses the syslog facility to report all status messages.
This utility runs only on UNIX or Linux.

Notice: This daemon is provided for your convenience, "as is" and without warranty of any kind. It has been tested on a variety of UNIX and Linux platforms; however, it has not been tested, and may not work, on all platforms or in all network environments.

Obtaining and Installing Reflection X IPID Daemon

Follow these steps to obtain and install the Reflection X IPID daemon onto a host inside your firewall.

Configuring the UNIX host to run the IPID Daemon

Download the file ipid_daemon.tgz from the Download Library to your UNIX host.
Enter the following command at the host prompt to unpack the file:

tar -xzf ipid_daemon.tgz

Note: This file is compressed as a tarball. Some UNIX systems do not support tarballs and will not recognize "tar -xzf" as a valid argument. If you encounter errors when unpacking the tarball, use the two commands below to unpack it:

gunzip ipid_daemon.tgz
tar -xf ipid_daemon.tar

When unpacked, Ipid_daemon.tgz creates a new directory called /ipidd. This directory contains the following four files:

ipidd/README.txt
ipidd/Makefile
ipidd/ipidd.c
ipidd/ipidd.h

Note: Alternatively, some Windows unzip utilities can also be used to decompress a UNIX tarball.

Navigate to the /ipidd directory.
To compile the ipidd host daemon, type the following command:

make

If the command is completed successfully, there will be a new binary file called ipidd in the /ipidd directory.

Note: For the make command to work, you must have a C compiler configured and available on this host.

To make ipidd executable, type the following command:

chmod 750 ./ipidd

To initialize ipidd, type the following command, making sure to include the parenthesis in the command:

(./ipidd &)

When the daemon is initialized, a message similar to the following is written to the host system log (syslog):

Jan 01 05:31:28 hostname ipidd: IPIDd started
Jan 01 05:31:28 hostname ipidd: Listening for messages on port 31337

The IPIDd daemon is now running in the background as a process.

Stopping the IPID Daemon

If you need to stop the IPID daemon, follow the steps below.

Enter one of the following commands to obtain the IPID daemon process identification number (PID). (Which command works will depend upon the type of UNIX host):

ps -auwx | grep ipid

ps -ef | grep ipid

After issuing the command, you will see a response similar to the following:

admin 11886 0.0 0.4 40 488 ?? I 2:57AM 0:00.0 ./ipid

The PID is the number in the second column.

Enter the following command to stop the IPID daemon:

kill -TERM <PID #>

Where <PID #> is the IPID daemon process identification.

To verify that the daemon has been stopped, look in the hosts system log file for an entry that looks similar to the following:

hostname ipidd: IPIDd received signal <#>.exiting.

Configuring Reflection X to Use IPIDd

Follow the steps below to configure Reflection X to communicate with IPIDd.

In the Reflection X Manager, click Settings > Network.
Select the Use IPID host check box, enter the IP address of the host where IPID is running, and then click Apply.
Click OK.
Click Settings > Network to verify that your changes were validated.

Note: Reflection X performs primary validation checks on the IP address when you click Apply, and further checks when you click OK. After you click OK, if the IP address you entered is invalid, or if there is no active IPID daemon on the indicated host, the feature is automatically disabled, with no error message.

If this happens, repeat steps 2 through 4 with valid IP address information, or if you do not have valid information at this time, re-select "Autodetect network interface".

1513	Reflection X and Network Address Translation (NAT)
1580	Connecting through a VPN (Virtual Private Network) with Reflection X

Need further help? For technical support, please contact Support.

Technical Notes