AWG Blogs

  • Getting ADB Working for SPH-M840 - Had a SPH-M840 Galaxy Ring Virgin Mobile 3G Android version 4.1.2, attempting to install apps from Android Studio failed to detect device. Installed SAMSUN...
    7 months ago
  • How to check if I have write permissions to an Oracle table - SELECT CASE WHEN COUNT(*) > 0 THEN 'YES' ELSE 'NO' END AS PERMISSIONS FROM ( SELECT privilege FROM ( select * from dba_tab_privs where (grantee = 'MY_USE...
    7 months ago
  • JSF vs Struts 2 - JSF was designed in part by the authors of Struts to create a "Struts" that did a more accurate implementation of MVC (Struts is technically "Model 2") a...
    8 months ago
  • XML Beans vs JAXB - Seems XML Beans is superior: JAXB provides support for the XML schema specification, but handles only a subset of it; XMLBeans supports all of it. Also, by...
    1 year ago
  • Algorithms and OOP - In addition to DCI, "generic programming" as well as the move to functional programming appears to add nuance to the OOP notion of joining behavior with da...
    1 year ago
  • Flyweight vs Singleton - Implementations seems to be virtually identical, differing only in style, where the flyweight object is created and held by associated objects (containers:...
    1 year ago
  • init-param vs context-param - see http://javahash.com/difference-between-servlet-init-and-context-parameter/ for background. Gist: context-param variables are global and accessible thro...
    1 year ago
  • rbenv vs RVM - RVM is responsible not only for changing Ruby versions, but for installing rubies and managing gemsets, as well. ...Along with rbenv [to manage ruby versi...
    2 years ago

Wednesday, June 17, 2009

vtun Experimentation

So I get fresh stable (ubuntu LTS 8.04) Ubuntu, get all updates.
then apt-get install bridge-utils (per http://blog.kovyrin.net/2006/04/05/connecting-two-remote-local-networks-with-transparent-bridging/)
then:
apt-get install uml-utilities
tunctl -u root -t tap0
ifconfig tap0 0.0.0.0 promisc up

then apt-get install vtun

on both client and server:
modprobe tun

then put at end of /etc/network/interfaces (note: create bridge dynamically through vtun program commands instead?):
auto br0
iface br0 inet static
address 192.168.1.200 (199 for server)
netmask 255.255.255.0
bridge_ports eth0

then ifup br0

on client /etc/vtund.conf

options {
port 5000;
timeout 60;

# Path to various programs
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
}

IP-Tunnel {
passwd abcd1234; # Password
type ether; # Ethernet tunnel
device tun0;
up {
# Connection is Up
ifconfig "%% up";
program "brctl addif br0 %%";
};
down {
# Connection is Down
ifconfig "%% down";
};
}




On server /etc/vtund.conf:
options {
# type stand;
# stand(default), inet (used only at server)
port 5000;
# Server will listen on this port for incoming requests.
syslog daemon;
# Syslog facility

# Path to various programs
ppp /usr/sbin/pppd; #Path to the pppd. Use "which pppd" to find this.
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
ip /sbin/ip;
}
# Default session options
default {
type ether;
#tun, ether, tty(default), pipe (Used only at Server)
proto udp;
#udp, tcp(default) (Used only at server)
# device tun0;
compress no;
# no, yes, zlib:(1-9), lzo:(1-9); e.g. zlib:1 (default) (Used only at server)
encrypt no;
#yes, no (used only at server)
stat yes;
#yes, no: check /var/log/vtund/SessionName_X
speed 0;
#By default maximum speed, NO shaping (Used only at server)
keepalive yes;
#Used to keep alive the connection. (Used only at server)
}
# TUN example. Session 'cobra'.
IP-Tunnel {
passwd abcd1234; # Password
type ether; # IP tunnel
proto udp; # UDP protocol
device tap0;
compress no; # lzo:9; # LZO compression level 9
encrypt no; # Encryption
keepalive yes; # Keep connection alive
stat yes; #yes, no

up {
# Connection is Up
# 10.3.0.1 - local, 10.3.0.2 - remote
# ifconfig "%% 192.168.254.201 pointopoint 192.168.254.200 mtu 1450";
# route "add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.254.200";
ifconfig "%% up";
program "brctl addif br0 %%";
};
down {
# Connection is down
# 10.3.0.1 - local, 10.3.0.2 - remote
ifconfig "%% down";
# route "del -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.254.200";
};

}

then on server, vtund -s (change port to 5000?)

then on client: vtund IP-Tunnel 172.16.2.16 (real of IP of server).

other references:
recompile kernel http://www.howtogeek.com/howto/ubuntu/how-to-customize-your-ubuntu-kernel/

check Universal Tun/tap device driver support under Device Drivers > Network device support

try tunctl to create tap, e.g. http://www.mail-archive.com/vtun-users@lists.sourceforge.net/msg00001.html

try steps here: http://adamolson.com/articles/UnixReview.com%20%20Secure%20Tunneling%20between%20Intranets%20with%20VTun%202000.htm
or here: http://www.opennet.ru/soft/vpn_table/vtund1.html

read http://vtun.sourceforge.net/setup.html

tips for manual setup: http://www.blindhog.net/linux-bridging-for-gns3-lan-communications/

and http://www.linux.com/archive/articles/54894 vtun tutorial

bridging in Linux: http://www.linuxfoundation.org/en/Net:Bridge

http://dkprojects.wordpress.com/transparent-ethernet-bridge/ - transparent bridge (hub)

2 comments:

  1. I'm disappointed you have to MAKEDEV the tun device when you install the package. It should ship with a proper package or automated routine to condition the machine for use -- eg, create the tun device if necessary. I hate it when users "just need to know" to do something.

    The actual task of connecting two networks is easier than it sounds from reading all those old references. bridge the nic and tap0 on both sides, bridge the two taps in the middle, and that's it.

    If you were on a different linux, I could help you much more.

    ReplyDelete
  2. hello mate!
    I'm experimenting with vtund to connect two network transparently and I have the following problems that you've might encountered.
    1) I have to assign an IP addr using eg. "ip addr add 10.0.0.1" on the client-side of vtund in order for the packet to arrive correctly
    2) Although the packets arrive from the server-side to the client-side correctly the responses do not arrive to the server-side br0 interface. :/

    Have you encountered a similar problem and if so how did you solved it ?
    Thanks!

    ReplyDelete