Tunneldigger/Exitnode Labs Notes #5
Comments
aetilley
changed the title
|
I am not able to ping the exitnode unless I assign it a static ip: This means that as I continue with the lab below, I am still able to ping 100.64.0.42 even after step 5 and 6. Testing Routing with Babeld Through Tunnel Digger Step 4. ping the mesh routing ip Now, execute ping 100.64.0.42 and you should see something like: Step 5. now, stop the babeld process using ctrl-c Step 6. repeat steps 3/4 and confirm that the routes are gone and the ping no longer succeeds. |
Beginning with Tunneldigger Lab
Local workstation: Linux (jessie) virtual machine.
Prerequisites:
All successful except last which gives:
E: Unable to locate package linux-image-extra-3.16.0-4-amd64
E: Couldn't find any package by regex 'linux-image-extra-3.16.0-4-amd64'
Moving on...
Install:
All three kernel modules loaded successfully:
vagrant@jessie:~$ sudo lsmod | grep l2tp
l2tp_eth 12851 0
l2tp_netlink 17323 1 l2tp_eth
l2tp_core 25973 2 l2tp_eth,l2tp_netlink
(Also added these three to /etc/modules.)
Clone:
Successfully cloned repo. Successfully cmade and made the client code.
Digging a tunnel:
Checking prior state:
vagrant@jessie:~/tunneldigger/client$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:ba:0e:69 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feba:e69/64 scope link
valid_lft forever preferred_lft forever
vagrant@jessie:~/tunneldigger/client$ netstat -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
cat /var/log/syslog | grep td-client return some things from (I believe) a previous attempt (which strangely have timestamps in the future). When called at about Mar 4 10:30 am it returns:
...
...
Mar 4 18:27:32 jessie td-client: Performing broker selection...
Mar 4 18:27:43 jessie td-client: No suitable brokers found. Retrying in 5 seconds
Mar 4 18:27:48 jessie td-client: Performing broker selection...
Mar 4 18:27:59 jessie td-client: No suitable brokers found. Retrying in 5 seconds
Mar 4 18:28:04 jessie td-client: Performing broker selection...
Mar 4 18:28:10 jessie td-client: Got termination signal, shutting down tunnel...
Moving on...
Digging a tunnel:
vagrant@jessie:~/tunneldigger/client$ sudo ./tunneldigger -b exit.sudomesh.org:8942 -u 07105c7f-681f-4476-b5aa-5146c6e579de -i l2tp0 -s ./tunnel_hook_ex.sh
Hello Tunnel!
I wasn't sure what the point of the tunnel hook script was at this point, so I just make tunnel_hook_ex.sh echo "Hello Tunnel!"
Also it wasn't clear whether I should use the provided uuid or chose my own. I picked the one provided. Would like to know more about what role this uuid plays.
Checking posterior state:
Sorry, what is this file? The command
find / "tunnel_hook_ex.sh.log"
Did not find anything.
vagrant@jessie:/$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:ba:0e:69 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feba:e69/64 scope link
valid_lft forever preferred_lft forever
6: l2tp0: <BROADCAST,MULTICAST> mtu 1446 qdisc noop state DOWN group default qlen 1000
link/ether ba:c1:7a:d1:64:6b brd ff:ff:ff:ff:ff:ff
vagrant@jessie:/$ netstat -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 10.0.2.15:34812 unassigned.psychz.:8942 ESTABLISHED
vagrant@jessie:/$ sudo cat /var/log/syslog | grep td-client
...
...
Mar 4 18:58:04 jessie td-client: Performing broker selection...
Mar 4 18:58:05 jessie td-client: Broker usage of exit.sudomesh.org:8942: 1535
Mar 4 18:58:05 jessie td-client: Selected exit.sudomesh.org:8942 as the best broker.
Mar 4 18:58:06 jessie td-client: Tunnel successfully established.
Mar 4 18:58:23 jessie td-client: Setting MTU to 1446
Mar 4 18:58:26 jessie td-client: Setting MTU to 1446
Mar 4 18:59:08 jessie td-client: Got termination signal, shutting down tunnel...
Mar 4 19:12:42 jessie td-client: Performing broker selection...
Mar 4 19:12:43 jessie td-client: Broker usage of exit.sudomesh.org:8942: 1535
Mar 4 19:12:43 jessie td-client: Selected exit.sudomesh.org:8942 as the best broker.
Mar 4 19:12:44 jessie td-client: Tunnel successfully established.
Mar 4 19:13:03 jessie td-client: Setting MTU to 1446
Mar 4 19:13:04 jessie td-client: Setting MTU to 1446
Setting up a broker
(On a new D.O. droplet)
ssh [email protected]
All of the following was successful
sudo apt update
sudo apt install iproute bridge-utils libnetfilter-conntrack-dev libnfnetlink-dev libffi-dev python-dev libevent-dev ebtables python-virtualenv
mkdir /srv/tunneldigger
cd /srv/tunneldigger
virtualenv env_tunneldigger
git clone https://github.com/wlanslovenija/tunneldigger.git
source env_tunneldigger/bin/activate
cd tunneldigger/broker
python setup.py install
cp l2tp_broker.cfg.example l2tp_broker.cfg
Also changed l2tp_broker.cfg to begin with
[broker]
; IP address the broker will listen and accept tunnels on
address=159.89.227.146
; Ports where the broker will listen on
port=53,123,8942
; Interface with that IP address
interface=eth0
Now to starting the broker:
(env_tunneldigger) root@mesh-droplet-1:/# cd /
(env_tunneldigger) root@mesh-droplet-1:/# sudo /srv/tunneldigger/env_tunneldigger/bin/python -m tunneldigger_broker.main /srv/tunneldigger/tunneldigger/broker/l2tp_broker.cfg
[INFO/tunneldigger.broker] Initializing the tunneldigger broker.
Traceback (most recent call last):
File "/usr/lib/python2.7/runpy.py", line 174, in _run_module_as_main
"main", fname, loader, pkg_name)
File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
exec code in run_globals
File "/srv/tunneldigger/env_tunneldigger/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/main.py", line 84, in
tunnel_manager.initialize()
File "/srv/tunneldigger/env_tunneldigger/local/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/broker.py", line 192, in initialize
self.netlink = l2tp.NetlinkInterface()
File "/srv/tunneldigger/env_tunneldigger/local/lib/python2.7/site-packages/tunneldigger_broker-0.3.0-py2.7-linux-x86_64.egg/tunneldigger_broker/l2tp.py", line 78, in init
raise L2TPSupportUnavailable
tunneldigger_broker.l2tp.L2TPSupportUnavailable
Tried deactivating the python env and running again, but I get the same error.
**
NOTE: Realizing that the order of operations in the two labs is not sequential, but one might have to jump back and forth between them. Continuing to experiment with this.
**
Exit node repo: Install
Cloned and ran script
ssh [email protected] 'bash -s' < create_exitnode.sh 159.89.227.146
apparently successfully.
Exit node repo: Testing Tunnel Digger
step 1. create tunnel using tunneldigger client (see https://github.com/sudomesh/tunneldigger-lab)
vagrant@jessie:~/tunneldigger/client$ sudo ./tunneldigger -b 159.89.227.146:8942 -u 07105c7f-681f-4476-b5aa-5146c6e579de -i l2tp0 -s ./tunnel_hook_ex.sh
Again, using the same uuid since I'm not sure of the role of this.
step 2. assign some ip to tunneldigger client interface
(After accidentally running ip addr while not in my linux virtual machine)
vagrant@jessie:~$ ip addr
...
7: l2tp0: <BROADCAST,MULTICAST> mtu 1446 qdisc noop state DOWN group default qlen 1000
link/ether ee:17:25:5e:66:0d brd ff:ff:ff:ff:ff:ff
vagrant@jessie:~$ sudo ip addr add 100.65.26.1 dev l2tp0
vagrant@jessie:~$ ip addr
...
7: l2tp0: <BROADCAST,MULTICAST> mtu 1446 qdisc noop state DOWN group default qlen 1000
link/ether ee:17:25:5e:66:0d brd ff:ff:ff:ff:ff:ff
inet 100.65.26.1/32 scope global l2tp0
valid_lft forever preferred_lft forever
step 3. establish static route from client to tunneldigger broker
vagrant@jessie:~$ sudo ip r add 100.64.0.42 dev l2tp0
RTNETLINK answers: Network is down
step 4. establish static route from tunneldigger broker to client
root@mesh-droplet-1:~# sudo ip r add 100.65.26.1 dev l2tp2431
(appears successful)
make sure to up the interface
vagrant@jessie:~$ sudo ip link set l2tp0 up
vagrant@jessie:~$ ping -I l2tp0 100.64.0.42
PING 100.64.0.42 (100.64.0.42) from 100.65.26.1 l2tp0: 56(84) bytes of data.
64 bytes from 100.64.0.42: icmp_seq=1 ttl=64 time=171 ms
64 bytes from 100.64.0.42: icmp_seq=2 ttl=64 time=104 ms
64 bytes from 100.64.0.42: icmp_seq=3 ttl=64 time=87.8 ms
64 bytes from 100.64.0.42: icmp_seq=4 ttl=64 time=82.7 ms
The text was updated successfully, but these errors were encountered: