AWG Blogs

Wednesday, June 17, 2009

vtun Experimentation

So I get fresh stable (ubuntu LTS 8.04) Ubuntu, get all updates.
then apt-get install bridge-utils (per http://blog.kovyrin.net/2006/04/05/connecting-two-remote-local-networks-with-transparent-bridging/)
then:
apt-get install uml-utilities
tunctl -u root -t tap0
ifconfig tap0 0.0.0.0 promisc up

then apt-get install vtun

on both client and server:
modprobe tun

then put at end of /etc/network/interfaces (note: create bridge dynamically through vtun program commands instead?):
auto br0
iface br0 inet static
address 192.168.1.200 (199 for server)
netmask 255.255.255.0
bridge_ports eth0

then ifup br0

on client /etc/vtund.conf

options {
port 5000;
timeout 60;

# Path to various programs
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
}

IP-Tunnel {
passwd abcd1234; # Password
type ether; # Ethernet tunnel
device tun0;
up {
# Connection is Up
ifconfig "%% up";
program "brctl addif br0 %%";
};
down {
# Connection is Down
ifconfig "%% down";
};
}




On server /etc/vtund.conf:
options {
# type stand;
# stand(default), inet (used only at server)
port 5000;
# Server will listen on this port for incoming requests.
syslog daemon;
# Syslog facility

# Path to various programs
ppp /usr/sbin/pppd; #Path to the pppd. Use "which pppd" to find this.
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/iptables;
ip /sbin/ip;
}
# Default session options
default {
type ether;
#tun, ether, tty(default), pipe (Used only at Server)
proto udp;
#udp, tcp(default) (Used only at server)
# device tun0;
compress no;
# no, yes, zlib:(1-9), lzo:(1-9); e.g. zlib:1 (default) (Used only at server)
encrypt no;
#yes, no (used only at server)
stat yes;
#yes, no: check /var/log/vtund/SessionName_X
speed 0;
#By default maximum speed, NO shaping (Used only at server)
keepalive yes;
#Used to keep alive the connection. (Used only at server)
}
# TUN example. Session 'cobra'.
IP-Tunnel {
passwd abcd1234; # Password
type ether; # IP tunnel
proto udp; # UDP protocol
device tap0;
compress no; # lzo:9; # LZO compression level 9
encrypt no; # Encryption
keepalive yes; # Keep connection alive
stat yes; #yes, no

up {
# Connection is Up
# 10.3.0.1 - local, 10.3.0.2 - remote
# ifconfig "%% 192.168.254.201 pointopoint 192.168.254.200 mtu 1450";
# route "add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.254.200";
ifconfig "%% up";
program "brctl addif br0 %%";
};
down {
# Connection is down
# 10.3.0.1 - local, 10.3.0.2 - remote
ifconfig "%% down";
# route "del -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.254.200";
};

}

then on server, vtund -s (change port to 5000?)

then on client: vtund IP-Tunnel 172.16.2.16 (real of IP of server).

other references:
recompile kernel http://www.howtogeek.com/howto/ubuntu/how-to-customize-your-ubuntu-kernel/

check Universal Tun/tap device driver support under Device Drivers > Network device support

try tunctl to create tap, e.g. http://www.mail-archive.com/vtun-users@lists.sourceforge.net/msg00001.html

try steps here: http://adamolson.com/articles/UnixReview.com%20%20Secure%20Tunneling%20between%20Intranets%20with%20VTun%202000.htm
or here: http://www.opennet.ru/soft/vpn_table/vtund1.html

read http://vtun.sourceforge.net/setup.html

tips for manual setup: http://www.blindhog.net/linux-bridging-for-gns3-lan-communications/

and http://www.linux.com/archive/articles/54894 vtun tutorial

bridging in Linux: http://www.linuxfoundation.org/en/Net:Bridge

http://dkprojects.wordpress.com/transparent-ethernet-bridge/ - transparent bridge (hub)