= Current Demo Setup for SES and MF = == Networks == * Satelite link * Each machine connected directly to a sat modem has a /30 public ip, with the modem as gateway. Some L2 packets appear to pass, but not reliably? To compensate, L2TP tunnels are used. * SES_SAT is the tunnel interface, between each site and landing1.orbit-lab.org. * This tunnel is bridged to vlan 31, outdoor data, on landing1. * Terrestrial link * This link operates over the public internet. In order to pass L2 traffic, an L2TP tunnel to landing1.orbit-lab.org is used. * This tunnel is bridged to vlan 3701, GENI MF, on landing1. == Topology == SES1 in princeton has one satelite and one ground link. There is an l2 tunnel over each of these to landing1, at winlab. Node4-3 and mf1 at winlab, each have one interface on each bridged vlan. Traffic for satellite will thus travel over the public internet to the ground station, then over the sat link to SES1. == KEYS == SSH key based authentication is set up for SES1 and SES2 machines. The keys are in /home/native/.ssh on machine mf1, and in /root/SES_KEYS on remote-l. == Machines == * node4-3.outdoor.orbit-lab.org * Eth0: Outdoor data, 10.41.4.3/16 * Eth0.3701: MF vlan, bridged to geni sites, 10.100.200.53/16 * Eth1: Outdoor Control, 10.40.4.3/16 * Eth2: Direct connection to satelite modem port 1, 216.226.242.246/30 * mf1.outdoor.orbit-lab.org * em1: was direct connection to sat modem, currently disconnected. * em2: outdoor control, 10.40.0.53/16 * p2p1: Geni MF vlan, 3701. Terrestrial tunnel Link, 10.100.200.54/16 * p2p2: Outdoor data, vlan 31, sat tunnel link, 10.41.200.54/16 * ses1: Princeton remote machine * em1: sat link * ip: 216.226.242.242/30 * em2: public internet link * ip: 23.24.73.161 * ses_ground: tunnel for ground link, over em2 * ip: 10.100.200.55/16 * ses_sat: tunnel for sat link, over em1 * 10.41.200.55/16 * Scripts: * Routing tables have been changed to allow two tunnels. There is an additonal table, sat. This table has one rule, that for traffic from 216.226.242.242 to landing1, it should go via the sat modem. It is added to the ip rules just before the main table. * To view routes, type {{{ip r show}}} * {{{ native@ses1:~$ ip r show default via 23.24.73.166 dev em2 10.41.0.0/16 dev ses_sat proto kernel scope link src 10.41.200.55 10.100.0.0/16 dev ses_ground proto kernel scope link src 10.100.200.55 23.24.73.160/29 dev em2 proto kernel scope link src 23.24.73.161 128.6.192.147 via 23.24.73.166 dev em2 src 23.24.73.161 192.168.14.0/24 dev veth1 proto kernel scope link src 192.168.14.4 192.168.14.0/24 dev veth2 proto kernel scope link src 192.168.14.101 216.226.242.240/30 dev em1 proto kernel scope link src 216.226.242.242 }}} * To view extra table, type {{{ip r show table sat}}} * {{{ native@ses1:~$ ip r show table sat 128.6.192.147 via 216.226.242.241 dev em1 }}} * To show rules, type {{{ip rule show}}} * {{{ native@ses1:~$ ip rule show 0: from all lookup local 32765: from 216.226.242.242 lookup sat 32766: from all lookup main 32767: from all lookup default }}} * Tunnel setup * In native's home directory, there is a file {{{tunnel.sh}}} * This runs on boot, and sets up both L2TP tunnels to landing1, as well as routes. * This script is symlinked to from {{{/etc/init.d}}} and was set to run on boot with {{{update-rc.d tunnel defaults}}} * Contents of script: {{{ #!/bin/bash #sets up tunnel via terrestrial link #remote ip for landing 1 is 128.6.192.147 #local IP for ses1 is ???.???.???.??? #ip address for tunnel to MF at Winlab is #mf1.outdoor.orbit-lab.org 10.41.0.54 #ses1 10.41.0.55 #ses2 10.41.0.56 modprobe l2tp_eth #ground ip l2tp del tunnel tunnel_id 1 ip l2tp add tunnel remote 128.6.192.147 local 23.24.73.161 \ tunnel_id 1 peer_tunnel_id 5 udp_sport 3004 udp_dport 3004 encap udp ip l2tp add session name ses_ground \ tunnel_id 1 session_id 1 peer_session_id 1 ip link set ses_ground up mtu 1500 ip r add 128.6.192.147 via 23.24.73.166 ip addr add 10.100.200.55/16 dev ses_ground ping 10.100.200.53 -c 10 #satelite ip l2tp del tunnel tunnel_id 2 ip l2tp add tunnel remote 128.6.192.147 local 216.226.242.242 \ tunnel_id 2 peer_tunnel_id 6 udp_sport 3005 udp_dport 3005 encap udp ip l2tp add session name ses_sat \ tunnel_id 2 session_id 1 peer_session_id 1 ip link set ses_sat up mtu 1500 ip route add 128.6.192.147 via 216.226.242.241 table sat ip rule add from 216.226.242.242/32 table sat #ip r add 128.6.192.147 via 216.226.242.241 #ip addr add 10.100.200.55/16 dev ses_ground #ping 10.100.200.54 -c 10 }}} = Desired Final Configuration = == Sites == There will be 4 sites. || Location || Sat IP || Ground IP || Description || || Woodbine || 10.10.0.9/29 || 216.226.210.34/30 || Uplink and core router || || Princeton || 216.226.242.241/30 || 23.24.73.161/29 || Remote 1 || || WINLAB || 216.226.242.245/30 || Private IP on tunnel. || Remote 2 || || iDirect Herndon || 216.226.242.249/30 || ?? || Remote 3 || All sites will have a l2tp tunnel over public internet to WINLAB, to be connected to GENI MF vlan. Ideally, all 3 sites will pass L2 broadcast/multicast traffic to each other. While that is in progress, all sites will terminate a L2TP tunnel at Woodbine, over their satellite links.