Subject: RARE user and assistance email list
List archive
- From: mc36 <>
- To: Edgard da Cunha Pontes <>
- Cc: "" <>
- Subject: Re: [RARE-users] [rare-dev] SD-WAN experiment
- Date: Thu, 28 Jul 2022 12:06:57 +0200
could you please point me to the repo to the latest configs?
also could you please share the show vpdn xxx from all the clients,
and the show sdwan xxx from the central box?
for a quick reference, here is mine below....
-all the addresses in the sho vpdn should be public, bidir reachable
addresses...
-in case of hub-spoke, the thing to spot here is that all the clients should
have the same output, whereas the hub should list all the clients...
-in case of full-mesh (default configuration), everyone should list everyone
else except himself....
thanks,
cs
parents#show vpdn vpn4
user peer port num iface addr4 addr6
mchome 91.82.168.57 4696 12929 access1200506110 10.18.127.117
2001:db8:187f::1137
p4deb 193.224.22.173 6359 1100 access1076908568 10.18.127.122
2001:db8:187f::1152
parents#
meso#show vpdn vpn4
user peer port num iface addr4 addr6
mchome 91.82.168.57 4696 12929 access1838629502 10.18.127.117
2001:db8:187f::1137
p4deb 193.224.22.173 6359 1100 access2099786268 10.18.127.122
2001:db8:187f::1152
meso#
www#show vpdn vpn4
user peer port num iface addr4 addr6
mchome 91.82.168.57 4696 12929 access1710875635 10.18.127.117
2001:db8:187f::1137
p4deb 193.224.22.173 6359 1100 access564537561 10.18.127.122
2001:db8:187f::1152
www#
On 7/28/22 11:45, Edgard da Cunha Pontes wrote:
Hi Csaba! After a few weeks... Thank you very much for all the good tips.
But... Unfortunately, some problems have remained.
#1 I gave up using loopback. For a while.
#2 I gave up using VMs for testing on OpenStack, as they don't have Public
IP for each.
#3 I'm using a VM on OCI to simulate another client on SD-WAN (GCloud).
#4 I have a router purchased on Aliexpress, at my house, which I already
configured the RARE/freeRtr and pointed to the SD-WAN (GCloud).
#5 I'm using a one-line install on all VMs and on the physical router.
#6 The access* interfaces are still down.
Is there some setting I'm missing?
PS: I'll put the configuration I'm using in the GitHub repository to make
the problem easier to understand. Hiding public IPs, always! : )
Em qua., 13 de jul. de 2022 s 02:42, mc36 < <>>
escreveu:
ahhh yeahhh, and a bit about security... as you're exposing a
publicip:port thing on your gcloud,
all these servers needs to be secured... please look around access-?
things and apply as much as you can.... :)
br,
cs
On 7/13/22 07:30, mc36 wrote:
> hi
> so being behind the same neting device usually does not work,
> because then the nating have to send back the packet on the same
> interface where it came from... for example ovs cannot do that...
> but nevermind, on the server side have a knob to distribute
> the client learned addresses instead of the server learnt ones,
> i thought about mpls l3 vpns, but it also applies to your case...
> (but be warned, this way your gcloud loopback will not be reachable!)
>
> gcloud#serv sdw xxx
> no natted
> end
>
> after this, you may need to re-trigger cloning at your clients
> clntX#cle vpdn xxx
>
> after these, your access interfaces should go up soon...
> once your accesses are up and you could ping in between the clients,
> you could configure your routing stuff to your dialers on the clients..
> one you're done, you should re-trigger again on them...
>
>
> On 7/13/22 05:04, Edgard da Cunha Pontes wrote:
>> Hi Csaba,
>>
>> Only now I was able to continue the tests with the SD-WAN.
>>
>> After doing some testing, I got the following progress:
>>
>> *On SD-WAN server (GCloud VM)*
>> freertr#show sdwan gcloud
>> addr port user hub
id prt addr port
prm inner4 inner6 for since
>> [my-public-ip] 35206 u true 28694 4
192.168.25.43 2554 2.2.2.10 :: 00:55:00
2022-07-13 03:51:04
>> [my-public-ip] 35520 u true 31270 4
192.168.25.45 2554 2.2.2.12 :: 00:08:32
2022-07-13 04:37:33
>>
>> *On client VMs:*
>> freertr#show vpdn gcloud
>> user peer port num
iface addr4
addr6
>> u [my-public-ip] 2554 28694
access334989981 2.2.2.10 ::
>>
>> freertr#show vpdn gcloud
>> user peer port num
iface addr4
addr6
>> u [my-public-ip] 2554 31270 access782128584
2.2.2.12 ::
>>
>> I still don't have connectivity (ping) between the VMs over the IPs (2.2.2.10
and 2.2.2.12). The dialer and "access..." interfaces are down.
>>
>> *i) Is it normal for the dialer and "access..." interfaces to be down?
>> *
>> *ii) Is it now that I need to configure a dynamic routing protocol
between these nodes?*
>>
>> Thanks again.
>>
>> Em seg., 11 de jul. de 2022 s 12:58, mc36 < <>
< <>>> escreveu:
>>
>> hi,
>> so these vpdns should point to the eth1's ip of the gcloud
node, assuming that ip is public or at least reachable to the clients...
>> if you want to make that private addressed loopback on the
gcloud node reachable to the clients then you'll have to add the
>> client config knobs to the gcloud node itselt too... btw
please note that this sdwan server just creates a bunch of l2tp
>> back and forth between the clients (marked as hub).. to
move further, you'll need to run a routing protocol above these...
>> feel free to use the following as an example:
http://sources.freertr.org/cfg/serv-sdwan01.tst
<http://sources.freertr.org/cfg/serv-sdwan01.tst>
<http://sources.freertr.org/cfg/serv-sdwan01.tst
<http://sources.freertr.org/cfg/serv-sdwan01.tst>>
>> to run it locally on your computer, you can do the
following:
>> wget freertr.org/rtr.zip <http://freertr.org/rtr.zip>
<http://freertr.org/rtr.zip <http://freertr.org/rtr.zip>>
>> unzip rtr.zip
>> cd src
>> ./c.sh
>> ./tw.sh serv-sdwan01
>> afterward all the above, you can reach the router
described in the test case by
>> telnet localhost 20001
>> telnet localhost 20002
>> telnet localhost 20003
>> telnet localhost 20004
>> br,
>> cs
>>
>>
>> On 7/11/22 16:56, Edgard da Cunha Pontes wrote:
>> > Hi everyone!
>> >
>> > While I was testing RARE/freeRtr's SD-WAN
functionality, the following (noob) question came up:
>> >
>> > On client VMs, how to point to a loopback interface,
on VM/GCloud (SD-WAN server) that is behind an associated public IP? I was in doubt
which target I should
put in the
>> vpdn settings.
>> >
>> > I made a basic description of the settings I am using:
>> >
>> >
https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>>
>> <https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01
<https://github.com/edgardcunha/freeRouter/tree/main/sdwan/01>>>
>> >
>> > I hope this basic description can help you to
understand this doubt.
>>
- Re: [RARE-users] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Message not available
- Re: [RARE-users] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Message not available
- Message not available
- Message not available
- Re: [RARE-users] [freertr] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Re: [RARE-users] [freertr] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Re: [RARE-users] [freertr] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Re: [RARE-users] [freertr] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Re: [RARE-users] [freertr] [rare-dev] SD-WAN experiment, mc36, 07/28/2022
- Message not available
Archive powered by MHonArc 2.6.19.