dissertation-2-code/README.md

133 lines
3.5 KiB
Markdown
Raw Normal View History

2020-10-22 20:33:22 +01:00
# A Multi-Path Bidirectional Layer 3 Proxy
2020-11-03 08:30:34 +00:00
## Setup Notes
### Linux
#### Policy Based Routing
ip route flush 10
2020-11-08 20:52:09 +00:00
ip route add table 10 to 1.1.1.0/24 dev eth1
ip rule add from 1.1.1.4 table 10 priority 10
ip route flush 11
ip route add table 11 to 1.1.1.0/24 dev eth2
ip rule add from 1.1.1.5 table 11 priority 11
2020-11-03 09:22:27 +00:00
#### ARP Flux
sysctl -w net.ipv4.conf.all.arp_announce=1
2020-11-08 20:52:09 +00:00
sysctl -w net.ipv4.conf.all.arp_ignore=1
See http://kb.linuxvirtualserver.org/wiki/Using_arp_announce/arp_ignore_to_disable_ARP
### Setup Scripts
2021-01-20 11:10:49 +00:00
These are functional setup scripts that make the application run as intended on Linux.
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
### Remote Portal
#### Pre-Start
2020-11-08 20:52:09 +00:00
#!/bin/bash
set -e
2021-01-20 11:10:49 +00:00
## Set up variables
REMOTE_PORTAL_ADDRESS=A.B.C.D
## IPv4 Forwarding
2020-11-08 20:52:09 +00:00
sysctl -w net.ipv4.ip_forward=1
2020-11-25 14:38:22 +00:00
sysctl -w net.ipv4.conf.eth0.proxy_arp=1
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
## Transfer the local routing table to a much lower priority
2021-01-20 13:14:31 +00:00
(ip rule show | grep '20:') > /dev/null || ip rule add from all table local priority 20
ip rule del 0 2> /dev/null || true
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
## Ports to route locally
2021-01-20 13:14:31 +00:00
### MPBL3P
ip rule del 1 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add to "$REMOTE_PORTAL_ADDRESS" dport 1234 table local priority 1
2021-01-20 13:14:31 +00:00
### SSH
ip rule del 2 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add to "$REMOTE_PORTAL_ADDRESS" dport 22 table local priority 2
#### Post-Start
#!/bin/bash
set -e
## Set up variables
REMOTE_PORTAL_ADDRESS=A.B.C.D
2021-01-20 13:14:31 +00:00
## Tunnel addr/up
ip addr add 172.19.152.2/31 dev nc0
ip link set up nc0
2020-11-08 20:52:09 +00:00
# Route packets to the interface but not for nc via the tunnel
2021-01-20 11:10:49 +00:00
ip route flush 19
ip route add table 19 to "$REMOTE_PORTAL_ADDRESS" via 172.19.152.3 dev nc0
2021-01-20 13:14:31 +00:00
ip rule del 19 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add to "$REMOTE_PORTAL_ADDRESS" table 19 priority 19
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
### Local Portal
#### Pre-Start
2020-11-08 20:52:09 +00:00
#!/bin/bash
set -e
2021-01-20 11:10:49 +00:00
## Set up variables
GATEWAY_INTERFACE=eth0
GATEWAY_ADDRESS=10.36.12.1
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
## Fix ARP
2020-11-08 20:52:09 +00:00
sysctl -w net.ipv4.conf.all.arp_announce=1
sysctl -w net.ipv4.conf.all.arp_ignore=1
2021-01-20 11:10:49 +00:00
## IPv4 Forwarding
2020-11-08 20:52:09 +00:00
sysctl -w net.ipv4.ip_forward=1
2021-01-20 11:10:49 +00:00
## Gateway Interface Setup
ip addr add "$GATEWAY_ADDRESS"/32 dev "$GATEWAY_INTERFACE"
ip link set up "$GATEWAY_INTERFACE"
## Per-Interface Routing Tables
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
### 10.10.0.0/24
2020-11-08 20:52:09 +00:00
ip route flush 10
2021-01-20 11:10:49 +00:00
ip route add table 10 default via 10.10.0.1
2021-01-20 13:14:31 +00:00
ip rule del 10 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add from 10.10.0.0/24 table 10 priority 10
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
### 192.168.0.0/24
2020-11-08 20:52:09 +00:00
ip route flush 11
2021-01-20 11:10:49 +00:00
ip route add table 11 default via 192.168.0.1
2021-01-20 13:14:31 +00:00
ip rule del 11 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add from 192.168.0.0/24 table 11 priority 11
#### Post-Start
#!/bin/bash
set -e
## Set up variables
REMOTE_PORTAL_ADDRESS=A.B.C.D
GATEWAY_INTERFACE=eth0
## Tunnel Address and Enable
ip addr add 172.19.152.3/31 dev nc0
ip link set up nc0
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
## Route Outbound Packets Correctly
ip route flush 20
ip route add table 20 default via 172.19.152.2 dev nc0
2021-01-20 13:14:31 +00:00
ip rule del 20 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add from "$REMOTE_PORTAL_ADDRESS" iif "$GATEWAY_INTERFACE" table 20 priority 20
2020-11-08 20:52:09 +00:00
2021-01-20 11:10:49 +00:00
## Route Inbound Packets Correctly
ip route flush 21
ip route add table 21 to "$REMOTE_PORTAL_ADDRESS" dev "$GATEWAY_INTERFACE"
2021-01-20 13:14:31 +00:00
ip rule del 21 2> /dev/null || true
2021-01-20 11:10:49 +00:00
ip rule add to "$REMOTE_PORTAL_ADDRESS" table 21 priority 21
2020-11-08 20:52:09 +00:00
#### Client
2021-01-20 11:10:49 +00:00
Connect to `GATEWAY_INTERFACE` and set the IP to `REMOTE_PORTAL_ADDRESS`/32 with a gateway of `GATEWAY_ADDRESS`.