Penguin

How do I get on the MetaNet?

Please ensure you've read the MetaNet page and understand what exactly you're doing before you follow these instructions.

Currently, we are up to WanDaemon version REL2 (release two) -- you might want to check with someone to see if we've released a more recent version. If you want cutting edge, the head of the CVS tree might suit your needs - see WanDaemonHeadHowto for information on how to set "HEAD" up. At the moment, HEAD is the same as REL2, but the WanDaemon contributors are soon likely to make major changes.

Before You Touch The Software

Subscribe to the mailing list

To get on the MetaNet, you first should subscribe to meta-admin@lists.meta.net.nz. This is a MailMan? MailingList. The best way to subscribe is to go here: https://lists.meta.net.nz/cgi-bin/mailman/listinfo/meta-admin.

Renumber your network

Then you'll need renumber to an internal IP address range that is unique, so you contact someone on the list (MetaNetAssignments) to allocate you some space. They can allocate you address space by going to http://www.tla/maint/. (This is a !MetaNet address, and isn't actually a Catch-22 situation.)

Compile a kernel

This guide assumes you're running Linux. If you aren't, all hope is not lost. See 1?.

You need a 2.4 series (or later - 2.6 works fine) kernel

 $ uname -a

If you don't have one, go get one now. You'll thank yourself later. You might have to upgrade your firewalling from ipchains to iptables; check FirewallNotes for information.

Your kernel has to support TUN/TAP. If you're configuring with make menuconfig select "Network device support" and then "Universal TUN/TAP device driver support". For information on Ethertap, see 2?.

Note: The module for TUN/TAP is 'tun', not 'tuntap.' Many an hour of head banging has occured due to trying to modprobe the wrong module!

Install iproute

You will also need /sbin/ip (see iproute(8)?). This usually comes in a package called iproute (eg Debian) or iproute2 depending on your distribution.

Create your device files

TUN/TAP needs a device file created. 3?

 mkdir /dev/net
 mknod /dev/net/tun c 10 200

Install the wandclients software

DebianLinux Users:

Add to your /etc/apt/sources.list:

 deb http://sheridan.meta.net.nz/debian metanet contrib
 deb-src http://sheridan.meta.net.nz/debian metanet contrib

then issue

 apt-get update
 apt-get install wandclients

Answer the questions, and you're done for the install.

RedHat users:

There is no RPM for wand yet, however you should really go and make one.

From Source - CVS

Check out wand, the WanDaemon software:

 cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/wand login

When prompted for a password press enter

 cvs -z3 -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/wand co -r REL2 wand

Tarballs

You can download tarballs from

 http://sheridan.meta.net.nz/wand-REL2.tar.bz2
 http://sheridan.meta.net.nz/wand-REL2.tar.gz

Then you need to compile and install it

 cd wand
 make
 make install

If you get an ld error on make (e.g. /usr/bin/ld cannot find -lconfig) check you are running make from the top level directory and you have bison & flex installed.

If you are running GCC 3.3, you'll get a screenful of errors. To work around these, you can comment out the usage lines and add in a #include "assert.h" to the .cc files that complain about an assert error.

After that, you will need to configure it:

Quick Overview

Ok, the basics work like this (for the technical bods that like to understand what's happening).

  • Your lan needs to be within a 10.0.0.0/16 range - That which is allocated to you by someone already on the MetaNet.
  • Each MetaNet router has an IP address on it's wan0/tap0 interface in the 192.168.0.0/16 range. This is also allocated to you.
  • The MetaNet routers communicate over wan0/tap0, via Etud/wand.
  • The 192.168.0.0/16 range is used for the routers to talk to each other, mainly BGP.
  • The routers will also talk with their wan0/tap0 IP to any remote parts of the MetaNet.
  • Accessible remote networks in the 10.0.0.0/8 range are routed over/through the 192.168.0.0/16 network.
  • Routes to access these networks are found via BGP
  • Running the BGP daemon zebra(8)?, fills the routing table to give access to networks in the 10.0.0.0/8 range

An example of the path a routed packet will take, is:

   +-------------+          +---------------+            +--------------+       +-------------+
   |     eth1    |   LAN    |   eth0        |            |   eth0       |  LAN  |    eth0     |
   | 10.113.1.15 |---->-----| 10.113.1.254  |            | 10.21.1.2    |--->---| 10.21.1.101 |
   +-------------+          |          |    |    WAN     |         ^    |       +-------------+
                            |   wan0   v    |    over    |   wan0  |    |
                            | 192.168.113.1 |--->---->---| 192.168.21.1 |
                            +---------------+  Internet  +--------------+

 (MikeBeattie's laptop)   (MikeBeattie's router)     (JohnMcPherson's router)  (JohnMcPherson's desktop)

The route that BGP found for me for this is:

  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  ...
  10.21.1.0       192.168.21.1    255.255.255.0   UG    0      0        0 wan0

(or, 'ip route' incantation:

  10.21.1.0/24 via 192.168.21.1 dev wan0  proto zebra

)

Configure the software

If you installed from the Sheridan Debian archive, you should check the files in /etc/wandclients/, but this step will be mostly done for you.

There are two config files: etud.conf and wand.conf.

etud.conf

 cp /usr/local/etc/etud.conf{.sample,}
 $EDITOR /usr/local/etc/etud.conf

If you're an Ethertap user (see footnotes 2? and 3?), change 'tuntap.so' to read 'ethertap.so'. Set the MTU to 1280. Set macaddr to the MAC address of one of the NIC's in your machine. eth0 is the normal one to use (It doesn't really matter what you use, but it must be unique). If you don't know your MAC address, ifconfig(8) will tell you: try

 /sbin/ifconfig eth0 | grep HWaddr | cut -c 39-

wand.conf

 cp /usr/local/etc/wand.conf{.sample,}
 $EDITOR /usr/local/etc/wand.conf

(N.B. make install may create /usr/local/etc/wand.$HOSTNAME.conf.original: in this case use: cp /usr/local/etc/wand.$HOSTNAME.conf{.original,} )

You will need to talk to the person who allocated your address space, or #wlug on UnderNet, to get the IP address of a server to go in this config.

wan0 interface

You also need to provide the tun driver with network settings for the interface, otherwise you get an error message like:

 /usr/local/etc# Etud
  tuntap_setup () entered...
  Failed to initialise interface.
  Aborting...
 /usr/local/etc#

In debian, you can simply add a stanza like the following to /etc/network/interfaces (replacing x and y for your network id):

 noauto wan0
 iface wan0 inet static
      address 192.168.x.y
      netmask 255.255.0.0
      network 192.168.0.0
      broadcast 192.168.255.255
      mtu 1280

RedHat users can create the file /etc/sysconfig/network-scripts/ifcfg-wan0 and add:

 DEVICE=wan0
 BROADCAST=192.168.255.255
 IPADDR=192.168.x.y
 NETMASK=255.255.0.0
 NETWORK=192.168.0.0
 MTU=1280
 USERCRL=yes
 ONBOOT=no
 GATEWAY=10.x.y.z

The GATEWAY value is your normal gateway (Same as in ifcfg-eth0). This is needed because RedHat likes overwriting your default route each time you bring up an interface. If you leave out the GATEWAY line however, RedHat will NOT overwrite your default route.

Starting the MetaNet daemons

There are init scripts that work fine under Debian. They are /etc/init.d/Etud and /etc/init.d/wand. Etud needs to be started before wand does (or wand will crash). If you installed from the Debian packages, they are at startup levels 19 and 20 in your /etc/rc?.d/ directories.

RedHat users don't have init scripts (yet?). For now, they can add to /etc/rc.local something like:

 killall Etud wand
 /usr/local/sbin/Etud -l 22222 -p /var/run/Etud.pid
 ifup wan0
 /usr/local/sbin/wand -i servername -l 44444
 /usr/local/sbin/zebra -d
 /usr/local/sbin/bgpd -d

Take a look at RedHatMetaNetScripts for some Redhat scripts

Make sure that your FireWall allows UDP traffic on ports 22222 and 44444 UDP. Also make sure that traffic to/from wan0/tap is not blocked (wan0 for TUN/TAP, tap0 for ethertap 2?).

Now, you should be able to ping 192.168.66.10 after a few seconds. This is the MetaIX address of Hydrogen, the current !MetaNet server.

You should be able to see several remote hosts that exist in the 192.168.0.0/16 range, on their real world IP's, in the output of 'Etudctl -l'

Cleanups

You may wish to add a

 killall -USR1 wand

to your ip-up scripts if your internet connection terminates on your linux machine and you have a dynamic IP.

Reasons this might not work:

  • If you have a Nokia M11/M1122 or similar router doing your NAT, then you will need to setup a pinhole for ports 22222 and 44444.
  • You might be missing the device files as mentioned above.

Onwards and upwards.

Congratulations, at this point you should have WanDaemon running on your machine.

Next you have to configure and start zebra(8)? (See ZebraConfig).

The next step is to enable all the useful stuff: proceed on to MetaNetConfiguration.


[1] Not Running Linux?

MicrosoftWindows
You might still be able to get onto the !MetaNet if you can find some kind soul who will allow you to make a PPTP/IPSec connection onto their gateway. See the PPTPServerHowto for more information on this.
FreeBSD
Theres a port to FreeBSD thats being trialed, talk to PerryLorier about it if you're interested.
Other *nix
Maybe you could try porting it ;)

GRE Tunnels are supported now, although you have to talk nicely to be allowed on via one. In the general case, point-to-point tunnels like ipsec/gre/pptp aren't preferred, as they require all your !MetaNet traffic to go through one host. Talk to DanielLawson if you want a GRE or PPTP tunnel onto the MetaNet. Look at GRETunnel for more information on GRE Tunnels.

[2] Ethertap support has been deprecated as it has been deprecated in the kernel. Note that if your kernel is already configured for ethertap, you can keep using it - just change etud.conf to point at ethertap.so for its driver, not tuntap.so. However, look at compiling TUN/TAP in next time you change your kernel.

[3] If you're using Ethertap, you will have to create tap0 as follows:

  mknod /dev/tap0 c 36 16