Differences between version 10 and revision by previous author of MetaNetInstallation.
Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History
| Newer page: | version 10 | Last edited on Sunday, August 31, 2003 8:52:36 am | by PerryLorier | Revert |
| Older page: | version 1 | Last edited on Monday, May 5, 2003 9:05:40 pm | by CraigBox | Revert |
@@ -1,147 +1,184 @@
-
!!How do I get on the MetaNet?
-Currently, we are up to "REL2" (release two) -- you might want to check with someone if we've released a more recent version. See WanDaemonHeadHowto for information on how to set "HEAD" up. At the moment, its the same as REL2 but we'll be making some major
-changes to it.
-To get on the MetaNet, you first should subscribe to meta-admin@lists.meta.net.nz. This is a mailman list
. The best way to subscribe is to go here: https://lists.meta.net.nz/cgi-bin/mailman/listinfo/meta-admin. Then you'll need renumber to an internal [IP] range that is unique, so you contact someone on the list (MetaNetAssignments) to allocate you some space. Once they have allocated
you some
space (and you have renumbered), you need
to install wand. Space can be allocated on
http://www.tla/maint/
+Please ensure you've read the MetaNet page and understand what exactly you're doing before you follow these instructions.
+
+Currently, we are up to WanDaemon version REL2 (release two) -- you might want to check with someone to see if we've released a more recent version. If you want cutting edge, the head of the CVS tree might suit your needs - see WanDaemonHeadHowto for information on how to set "HEAD" up. At the moment, HEAD is the same as REL2, but the WanDaemon contributors are soon likely to make major changes.
+
+
+!!Before You Touch The Software
+
+!Subscribe to the mailing list
+
+
To get on the MetaNet, you first should subscribe to meta-admin@lists.meta.net.nz. This is a MailMan MailingList
. The best way to subscribe is to go here: https://lists.meta.net.nz/cgi-bin/mailman/listinfo/meta-admin.
+
+!Renumber your network
+
+
Then you'll need renumber to an internal [IP] address
range that is unique, so you contact someone on the list (MetaNetAssignments) to allocate you some space. They can allocate
you address
space by going
to http://www.tla/maint/. (This is a !MetaNet address, and isn't actually a Catch-22 situation.)
+
+!Compile a kernel
+
+This guide assumes you're running Linux. If you aren't, all hope is not lost. See [1].
-!!Requirements
You need a 2.4 series kernel.
$ uname -a
If you don't have one, go get one now. You'll thank yourself later. You might have to upgrade your firewalling from ipchains to iptables; check FirewallNotes for information.
-There are two options here: Ethertap, or
TUN/TAP. TUN/TAP is the recommended driver. Make sure
you have
"Universal TUN/TAP device driver support" selected in "Network Device Support"
.
+Your kernel has to support
TUN/TAP. If
you're configuring with ''make menuconfig'' select "Network device support" and then
"Universal TUN/TAP device driver support". For information on Ethertap, see [2]
.
-We have deprecated Ethertap support as it is deprecated in the kernel.
Note that if your kernel
is already configured for ethertap, you can keep using it - just change etud.conf to point at ethertap.so for its driver
, not tuntap.so
+__
Note__: The module for TUN/TAP
is '__tun__'
, not '
tuntap.' Many an hour of head banging has occured due to trying to modprobe the wrong module!
-Note - if your tuntap is a module, you should modprobe tun, not modprobe tuntap... thanks to cuchulain for pointing this out after hours of me beating my head against a wall -- KyleCarter
+!Install iproute
-!!Device Files
-"mknod
/dev
/tap0 c 36 16"
(if you are using the ETHERTAP driver
) or "mkdir /dev/net ; mknod /dev/net/tun c 10 200"
(if you are using the TUN driver
).
+You will also need
/sbin
/ip
(see iproute(8
)). This usually comes in a package called iproute
(eg [Debian]
) or iproute2 depending on your distribution
.
+!Create your device files
-!!via apt-get
-add
to your /etc/apt/sources.list:
+TUN/TAP needs a device file created. [3]
+ mkdir /dev/net
+ mknod /dev/net/tun c 10 200
+
+
!!Install the wandclients software
+
+!DebianLinux Users:
+Add
to your /etc/apt/sources.list:
deb http://sheridan.meta.net.nz/debian metanet contrib
deb-src http://sheridan.meta.net.nz/debian metanet contrib
-then do
+then issue
apt-get update
apt-get install wandclients
-answer the questions and your done for the install
-!!From Source
-!
CVS
-checkout
wand the WanDaemon software:
+Answer the questions, and you're done for the install.
+
+
!RedHat users:
+There is no [RPM] for wand yet, however you should really go and make one.
+
+
!From Source -
CVS
+Check out
wand,
the WanDaemon software:
cvs -d:pserver:anonymous@cvs.wand.sourceforge.net:/cvsroot/wand login
-when
prompted for a password press enter
+When
prompted for a password press enter
cvs -z3 -d:pserver:anonymous@cvs.wand.sourceforge.net:/cvsroot/wand co -r REL2 wand
+
!Tarballs
-you
can download tarballs from
+You
can download tarballs from
http://sheridan.meta.net.nz/wand-REL2.tar.bz2
http://sheridan.meta.net.nz/wand-REL2.tar.gz
-!
Then you need to compile and install it:
-
+Then you need to compile and install it
cd wand
make
make install
-after
that, you will need to configure it:
+If you get an ld error on make (e.g. /usr/bin/ld cannot find -lconfig) check you are running make from the top level directory and you have bison & flex installed.
+
+After
that, you will need to configure it:
+
+!!Configure the software
+
+If you installed from the Sheridan Debian archive, you should check the files in /etc/wandclients/, but this step will be mostly done for you.
+
+There are two config files: etud.conf and wand.conf.
+
+!etud.conf
-There are two config files: etud.conf and wand.conf
cp /usr/local/etc/etud.conf{.sample,}
$EDITOR /usr/local/etc/etud.conf
-Probably stick with using tuntap.so as the driver, unless
you really have to use ethertap. In which case
, change 'tuntap.so'
-mtu
to 1280.
-Set macaddr to the MAC address of one of the NIC's in your machine. Eth0
is the normal one to use.
+If
you're an Ethertap user (see footnotes [2] and [3])
, change 'tuntap.so' to read 'ethertap.so'.
+
Set the [MTU]
to 1280.
+Set macaddr to the MAC address of one of the NIC's in your machine. eth0
is the normal one to use. If you don't know your [MAC] address, ifconfig(8) will tell you: try
+ /sbin/ifconfig eth0 | grep HWaddr | cut -c 39-
+
+!wand.conf
cp /usr/local/etc/wand.conf{.sample,}
$EDITOR /usr/local/etc/wand.conf
- (N.B. make install may create /usr/local/etc/wand.$HOSTNAME.conf.original
- - in this case use: cp /usr/local/etc/wand.$HOSTNAME.conf{.original,} )
-You need to talk to someone to get a server ip to go
in the server part of
this config
+(N.B. make install may create /usr/local/etc/wand.$HOSTNAME.conf.original:
in this case use: cp /usr/local/etc/wand.$HOSTNAME.conf{.original,} )
-!!Starting the MetaNet daemons
-also
need /sbin/ip (see iproute(8))
, this usually comes in a package called iproute (eg
[Debian
]) or iproute2 depending
on your distribution
.
+You will need to talk to the person who allocated your address space
, or
[#wlug
] on UnderNet, to get the IP address of a server to go in this config
.
-There are init scripts that work fine under debian. They are
/etc
/init.d/Etud and
/etc/init
.d/wand
. Etud needs
to be started
-before wand does
.
+! wan0 interface
+You also need to provide the tun driver with network settings for the interface, otherwise you get an error message like:
+
/usr
/local
/etc# Etud
+ tuntap_setup () entered
...
+ Failed
to initialise interface.
+ Aborting
...
+ /usr/local/etc#
-Make sure that your firewall allows udp traffic on ports 22222 and 44444 udp. Also make sure that traffic
to/from tap0
/wan0 is not blocked (depending on if you are using ethertap
/tuntap
)
+In debian, you can simply add a stanza like the following
to /etc
/network
/interfaces (replacing x and y for your network id
):
-Now you should be able to ping
192.168.66
.10 after a few seconds
. This is deuterium's metaix address
.
-Reasons this might not work:
-* If you have a Nokia M1122/M1122 or similar router doing your NAT then you will need to setup a pinhole for port 22222
.
-* You are missing the device files as mentioned above
.
+ noauto wan0
+ iface wan0 inet static
+ address
192.168.x
.y
+ netmask 255
.255
..
+ network 192.168.
.
+ broadcast 192
.168.255.255
+ mtu 1280
-Next you have to configure
and start zebra(8).
-%%%
+RedHat users can create the file /etc/sysconfig/network-scripts/ifcfg-wan0
and add:
-!!zebra and bgpd
+ DEVICE=wan0
+ BROADCAST=192.168.255.255
+ IPADDR=192.168.x.y
+ NETMASK=255.255..
+ NETWORK=192.168..
+ MTU=1280
+ USERCRL=yes
+ ONBOOT=no
+ GATEWAY=10.x.y.z
-WanDaemon, at low level, provides you with 192
.168 addresses. What you want
is 10.x.x.x connectivity - so
you need to run zebra
.
+The GATEWAY value is your normal gateway (Same as in ifcfg-eth0)
. This
is needed because RedHat likes overwriting your default route each time
you bring up an interface
.
-Configuration information is in ZebraConfig: ''Note: may have a slight debian tint''
+!!Starting the !MetaNet daemons
-Read [MetaNetBGPNotes] for information describing BGP on
the [MetaNet]
+There are init scripts that work fine under Debian. They are /etc/init.d/Etud and /etc/init.d/wand. Etud needs to be started before wand does. If you installed from
the Debian packages, they are at startup levels 19 and 20 in your /etc/rc?.d/ directories.
-!!Routing
-add to your boot
scripts somewhere
- route add -net 10
...0 netmask 255...0 reject
- route
add -net 192.168..0 netmask 255.255.
.0 metric 1000 reject
-This will give you "Destination host unreachable errors" without sending random packets out your default gateway
+RedHat users don't have init
scripts (yet?)
. For now, they can
add to /etc/rc
.local something like:
-!!DNS
-After you have zebra working correctly and you can ping 10.66.10.1, then you may want to setup [DNS] (debian: apt
-get install bind)
. In your name server you need to make sure you don
't have any forwarders (sigh), and that you do have the blocks:
+ killall Etud wand
+ /usr/local/sbin/Etud
-l 22222 -p /var/run/Etud
.pid
+ ifup wan0
+ /usr/local/sbin/wand -i
''servername'' -l 44444
+ /usr/local/sbin/zebra -d
+ /usr/local/sbin/bgpd -d
- zone "10
.in-addr.arpa" {
- type stub;
- masters { 10.66.10.1; };
- file "
/var
/cache
/named/stubs/10
.x";
- };
- zone "tla" {
- type stub;
- masters { 10.66.10.1; };
- file "/var/cache/named/stubs/tla";
- };
+Make sure that your FireWall allows [UDP] traffic on ports 22222 and 44444 UDP
. Also make sure that traffic to
/from wan0
/tap is not blocked (wan0 for TUN
/TAP, tap0 for ethertap [2])
.
-For future use (?) and resolving metanet routers
, also add
- zone "168.192.in-addr.arpa" {
- type stub;
- masters { 10.66.10.1; };
- file "/var/cache/bind/stubs/
192.168.x";
- };
- zone "metaix.tla" {
- type stub;
- masters { 10
.66.10.1; };
- file "/var/cache/bind/stubs/metaix.tla";
- };
-as well
.
+Now
, you should be able to ping
192.168.66.10 after a few seconds
. This is the [MetaIX] address of Hydrogen, the current !MetaNet server
.
-The reason is
if you use
a forwarder
, then all queries get forwarded
to the other server
and it won't
be able
to resolve metanet names
and addresses
.
+!!Cleanups
+You may wish to add a
+ killall -USR1 wand
+to your ip-up scripts
if your internet connection terminates on your linux machine and
you have
a dynamic IP.
+
+!!Reasons this might not work:
+* If you have a Nokia M11/M1122 or similar router doing your NAT
, then you will need
to setup a pinhole for ports 22222
and 44444.
+* You might
be missing the device files as mentioned above.
+
+!!Onwards and upwards.
+Congratulations, at this point you should have WanDaemon running on your machine.
+
+Next you have
to configure
and start zebra(8)
.
-Note: you may wish
to change
the paths based
on your distribution.
-Under debian woody you probably want
to use the directory "/var/cache/bind/stubs"
. You will need to make sure the stubs directory exists!
+The next step is
to enable all
the useful stuff: proceed
on to MetaNetConfiguration
.
-You should then be able to restart named(8) (debian: /etc/init.d/bind restart or reload if it's already running) and then ping "www.tla". You are now properly on the metanet, and should be able to visit http://www.tla/ and http://www.plaz.tla/.
+-----
-Now make sure any clients on your network that you want to resolve metanet addresses have the address of your nameserver as the first nameserver in /etc/resolv.conf. You can put your
[ISP
]'s nameservers after it as a precaution, if you like.
+[1
] Not Running Linux?
-!!Root CA
-also want
to install our "root CA" that we use for signing SSL websites etc, load your webbrowser and click here: http:
//www
.meta
.net
.nz/install-cert.html
+; MicrosoftWindows :
You might still be able
to get onto the !MetaNet if you can find some kind soul who will allow you to make a [PPTP]
/[IPSec] connection onto their gateway
. See the [PPTPServerHowto] for more information on this
.
+; FreeBSD : Theres a port to FreeBSD thats being trialed, talk to PerryLorier about it if you're interested
.
+; Other *nix : Maybe you could try porting it ;)
-!!Not Running Linux?
+[GRE] Tunnels are supported now, although you have to talk nicely to be allowed on via one. In the general case, point-to-point tunnels like ipsec/gre/pptp aren't preferred, as they require all your
!MetaNet traffic to go through one host. Talk to DanielLawson if you want a GRE or PPTP tunnel onto the MetaNet. Look at [GRETunnel] for more information on GRE Tunnels.
-;windows:You might still be able to get onto
the meta net
if you can find some kind soul who will allow you
to make a pptp/ipsec connection onto their gateway
. See the [PPTPServerHowto]
for more information on this
.
-;FreeBSD:Theres a port to FreeBSD thats being trialed
, talk to PerryLorier about it if
you're interested
.
-;other *nix: Maybe you could try porting it ;)
+[2] Ethertap support has been deprecated as it has been deprecated in
the kernel. Note that
if your kernel is already configured for ethertap,
you can keep using it - just change etud.conf
to point at ethertap
.so
for its driver, not tuntap.so
. However
, look at compiling TUN/TAP in next time
you change your kernel
.
-[GRE
] Tunnels are supported now
, although
you have to talk nicely to be allowed on via one. In the general case, point-to-point tunnels like ipsec
/gre
/pptp aren't preferred, as they require all your metanet traffic to go through one host. Talk to DanielLawson if you want a GRE or PPTP tunnel onto the MetaNet. Look at [GRETunnel] for more information on GRE Tunnels
+[3
] If you're using Ethertap
, you will
have to create tap0 as follows:
+ mknod
/dev
/tap0 c 36 16
