How do I get on the MetaNet?

Please ensure you've read the MetaNet page and understand what exactly you're doing before you follow these instructions.

Currently, we are up to WanDaemon version REL2 (release two) -- you might want to check with someone to see if we've released a more recent version. If you want cutting edge, the head of the CVS tree might suit your needs - see WanDaemonHeadHowto for information on how to set "HEAD" up. At the moment, HEAD is the same as REL2, but the WanDaemon contributors are soon likely to make major changes.

Before You Touch The Software

Subscribe to the mailing list

To get on the MetaNet, you first should subscribe to This is a MailMan? MailingList. The best way to subscribe is to go here:

Renumber your network

Then you'll need renumber to an internal IP address range that is unique, so you contact someone on the list (MetaNetAssignments) to allocate you some space. They can allocate you address space by going to http://www.tla/maint/. (This is a !MetaNet address, and isn't actually a Catch-22 situation.)

Compile a kernel

This guide assumes you're running Linux. If you aren't, all hope is not lost. See 1?.

You need a 2.4 series (or later - 2.6 works fine) kernel

 $ uname -a

If you don't have one, go get one now. You'll thank yourself later. You might have to upgrade your firewalling from ipchains to iptables; check FirewallNotes for information.

Your kernel has to support TUN/TAP. If you're configuring with make menuconfig select "Network device support" and then "Universal TUN/TAP device driver support". For information on Ethertap, see 2?.

Note: The module for TUN/TAP is 'tun', not 'tuntap.' Many an hour of head banging has occured due to trying to modprobe the wrong module!

Install iproute

You will also need /sbin/ip (see iproute(8)?). This usually comes in a package called iproute (eg Debian) or iproute2 depending on your distribution.

Create your device files

TUN/TAP needs a device file created. 3?

 mkdir /dev/net
 mknod /dev/net/tun c 10 200

Install the wandclients software

DebianLinux Users:

Add to your /etc/apt/sources.list:

 deb metanet contrib
 deb-src metanet contrib

then issue

 apt-get update
 apt-get install wandclients

Answer the questions, and you're done for the install.

RedHat users:

There is no RPM for wand yet, however you should really go and make one.

From Source - CVS

Check out wand, the WanDaemon software:

 cvs login

When prompted for a password press enter

 cvs -z3 co -r REL2 wand


You can download tarballs from

Then you need to compile and install it

 cd wand
 make install

If you get an ld error on make (e.g. /usr/bin/ld cannot find -lconfig) check you are running make from the top level directory and you have bison & flex installed.

If you are running GCC 3.3, you'll get a screenful of errors. To work around these, you can comment out the usage lines and add in a #include "assert.h" to the .cc files that complain about an assert error.

After that, you will need to configure it:

Quick Overview

Ok, the basics work like this (for the technical bods that like to understand what's happening).

  • Your lan needs to be within a range - That which is allocated to you by someone already on the MetaNet.
  • Each MetaNet router has an IP address on it's wan0/tap0 interface in the range. This is also allocated to you.
  • The MetaNet routers communicate over wan0/tap0, via Etud/wand.
  • The range is used for the routers to talk to each other, mainly BGP.
  • The routers will also talk with their wan0/tap0 IP to any remote parts of the MetaNet.
  • Accessible remote networks in the range are routed over/through the network.
  • Routes to access these networks are found via BGP
  • Running the BGP daemon zebra(8)?, fills the routing table to give access to networks in the range

An example of the path a routed packet will take, is:

   +-------------+          +---------------+            +--------------+       +-------------+
   |     eth1    |   LAN    |   eth0        |            |   eth0       |  LAN  |    eth0     |
   | |---->-----|  |            |    |--->---| |
   +-------------+          |          |    |    WAN     |         ^    |       +-------------+
                            |   wan0   v    |    over    |   wan0  |    |
                            | |--->---->---| |
                            +---------------+  Internet  +--------------+

 (MikeBeattie's laptop)   (MikeBeattie's router)     (JohnMcPherson's router)  (JohnMcPherson's desktop)

The route that BGP found for me for this is:

  Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
  ...   UG    0      0        0 wan0

(or, 'ip route' incantation: via dev wan0  proto zebra


Configure the software

If you installed from the Sheridan Debian archive, you should check the files in /etc/wandclients/, but this step will be mostly done for you.

There are two config files: etud.conf and wand.conf.


 cp /usr/local/etc/etud.conf{.sample,}
 $EDITOR /usr/local/etc/etud.conf

If you're an Ethertap user (see footnotes 2? and 3?), change '' to read ''. Set the MTU to 1280. Set macaddr to the MAC address of one of the NIC's in your machine. eth0 is the normal one to use (It doesn't really matter what you use, but it must be unique). If you don't know your MAC address, ifconfig(8) will tell you: try

 /sbin/ifconfig eth0 | grep HWaddr | cut -c 39-


 cp /usr/local/etc/wand.conf{.sample,}
 $EDITOR /usr/local/etc/wand.conf

(N.B. make install may create /usr/local/etc/wand.$HOSTNAME.conf.original: in this case use: cp /usr/local/etc/wand.$HOSTNAME.conf{.original,} )

You will need to talk to the person who allocated your address space, or #wlug on UnderNet, to get the IP address of a server to go in this config.

wan0 interface

You also need to provide the tun driver with network settings for the interface, otherwise you get an error message like:

 /usr/local/etc# Etud
  tuntap_setup () entered...
  Failed to initialise interface.

In debian, you can simply add a stanza like the following to /etc/network/interfaces (replacing x and y for your network id):

 noauto wan0
 iface wan0 inet static
      address 192.168.x.y
      mtu 1280

RedHat users can create the file /etc/sysconfig/network-scripts/ifcfg-wan0 and add:


The GATEWAY value is your normal gateway (Same as in ifcfg-eth0). This is needed because RedHat likes overwriting your default route each time you bring up an interface. If you leave out the GATEWAY line however, RedHat will NOT overwrite your default route.

Starting the MetaNet daemons

There are init scripts that work fine under Debian. They are /etc/init.d/Etud and /etc/init.d/wand. Etud needs to be started before wand does (or wand will crash). If you installed from the Debian packages, they are at startup levels 19 and 20 in your /etc/rc?.d/ directories.

RedHat users don't have init scripts (yet?). For now, they can add to /etc/rc.local something like:

 killall Etud wand
 /usr/local/sbin/Etud -l 22222 -p /var/run/
 ifup wan0
 /usr/local/sbin/wand -i servername -l 44444
 /usr/local/sbin/zebra -d
 /usr/local/sbin/bgpd -d

Take a look at RedHatMetaNetScripts for some Redhat scripts

Make sure that your FireWall allows UDP traffic on ports 22222 and 44444 UDP. Also make sure that traffic to/from wan0/tap is not blocked (wan0 for TUN/TAP, tap0 for ethertap 2?).

Now, you should be able to ping after a few seconds. This is the MetaIX address of Hydrogen, the current !MetaNet server.

You should be able to see several remote hosts that exist in the range, on their real world IP's, in the output of 'Etudctl -l'


You may wish to add a

 killall -USR1 wand

to your ip-up scripts if your internet connection terminates on your linux machine and you have a dynamic IP.

Reasons this might not work:

  • If you have a Nokia M11/M1122 or similar router doing your NAT, then you will need to setup a pinhole for ports 22222 and 44444.
  • You might be missing the device files as mentioned above.

Onwards and upwards.

Congratulations, at this point you should have WanDaemon running on your machine.

Next you have to configure and start zebra(8)? (See ZebraConfig).

The next step is to enable all the useful stuff: proceed on to MetaNetConfiguration.

[1] Not Running Linux?

You might still be able to get onto the !MetaNet if you can find some kind soul who will allow you to make a PPTP/IPSec connection onto their gateway. See the PPTPServerHowto for more information on this.
Theres a port to FreeBSD thats being trialed, talk to PerryLorier about it if you're interested.
Other *nix
Maybe you could try porting it ;)

GRE Tunnels are supported now, although you have to talk nicely to be allowed on via one. In the general case, point-to-point tunnels like ipsec/gre/pptp aren't preferred, as they require all your !MetaNet traffic to go through one host. Talk to DanielLawson if you want a GRE or PPTP tunnel onto the MetaNet. Look at GRETunnel for more information on GRE Tunnels.

[2] Ethertap support has been deprecated as it has been deprecated in the kernel. Note that if your kernel is already configured for ethertap, you can keep using it - just change etud.conf to point at for its driver, not However, look at compiling TUN/TAP in next time you change your kernel.

[3] If you're using Ethertap, you will have to create tap0 as follows:

  mknod /dev/tap0 c 36 16