Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
freifunk:infrastruktur:server:vpn1 [23.05.2016 23:37] – mape2k | freifunk:infrastruktur:server:vpn1 [28.06.2020 21:05] (aktuell) – hipposen | ||
---|---|---|---|
Zeile 60: | Zeile 60: | ||
* gesonderte Routingtabelle für Freifunk-internen Datenverkehr | * gesonderte Routingtabelle für Freifunk-internen Datenverkehr | ||
- | < | + | < |
23 ffef | 23 ffef | ||
</ | </ | ||
Zeile 214: | Zeile 214: | ||
on up " | on up " | ||
+ | ip link set address de: | ||
+ | ip link set up dev $INTERFACE | ||
echo 1 > / | echo 1 > / | ||
"; | "; | ||
Zeile 229: | Zeile 231: | ||
allow-hotplug mesh-vpn | allow-hotplug mesh-vpn | ||
iface mesh-vpn inet6 manual | iface mesh-vpn inet6 manual | ||
- | hwaddress | ||
post-up | post-up | ||
post-up | post-up | ||
Zeile 241: | Zeile 242: | ||
< | < | ||
# Get vpn keys for nodes | # Get vpn keys for nodes | ||
- | * * * * * root [[ $(rsync -ai --delete 10.99.254.43::peers/ / | + | * * * * * root [[ $(rsync -ai --delete 10.99.254.10::nodes/ / |
</ | </ | ||
Zeile 299: | Zeile 300: | ||
iface bat0 inet6 manual | iface bat0 inet6 manual | ||
post-up | post-up | ||
- | post-up | + | post-up |
- | post-up | + | post-up |
- | post-up | + | |
pre-down | pre-down | ||
+ | </ | ||
+ | |||
+ | ====Quagga==== | ||
+ | * FIXME: Generell überprüfen, | ||
+ | === Pakete === | ||
+ | |||
+ | * quagga | ||
+ | * telnet | ||
+ | |||
+ | < | ||
+ | zebra=yes | ||
+ | bgpd=yes | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | ! -*- zebra -*- | ||
+ | ! | ||
+ | ! zebra sample configuration file | ||
+ | ! | ||
+ | ! $Id: zebra.conf.sample, | ||
+ | ! | ||
+ | hostname vpn1.erfurt.freifunk.net | ||
+ | password xxxx | ||
+ | enable password xxxx | ||
+ | ! | ||
+ | ! Interface' | ||
+ | ! | ||
+ | !interface lo | ||
+ | ! description test of desc. | ||
+ | ! | ||
+ | !interface sit0 | ||
+ | ! multicast | ||
+ | |||
+ | ! | ||
+ | ! Static default route sample. | ||
+ | ! | ||
+ | !ip route 0.0.0.0/0 203.181.89.241 | ||
+ | ! | ||
+ | |||
+ | log file / | ||
+ | |||
+ | ! use src ip for local connection | ||
+ | route-map RM_SET_SOURCE permit 10 | ||
+ | set src 10.99.254.7 | ||
+ | ip protocol bgp route-map RM_SET_SOURCE | ||
+ | |||
+ | table 23 | ||
+ | </ | ||
+ | < | ||
+ | hostname vpn1 | ||
+ | password [PASSWORD] | ||
+ | ! | ||
+ | ! enable debug log | ||
+ | ! | ||
+ | debug bgp updates | ||
+ | ! | ||
+ | ! | ||
+ | router bgp 65099002 | ||
+ | bgp router-id 10.99.254.7 | ||
+ | bgp confederation identifier 65099 | ||
+ | bgp confederation peers 65099001 | ||
+ | | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | ! neighbor 10.99.254.1 remote-as 65099001 | ||
+ | ! neighbor 10.99.254.1 description icvpn2_suicider | ||
+ | ! neighbor 10.99.254.1 prefix-list ffef-backbone-in in | ||
+ | ! neighbor 10.99.254.1 prefix-list ffef-backbone-out out | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | ! neighbor 10.99.254.8 remote-as 65099002 | ||
+ | ! neighbor 10.99.254.8 description vpn3_ichirou | ||
+ | ! neighbor 10.99.254.8 peer-group ffef-backbone | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | ip prefix-list ffef-backbone-in description *** Backbone IP-Filter eingehend *** | ||
+ | ip prefix-list ffef-backbone-in seq 10 permit 0.0.0.0/0 | ||
+ | ip prefix-list ffef-backbone-in seq 19 deny 10.99.16.0/ | ||
+ | ip prefix-list ffef-backbone-in seq 20 permit 10.99.0.0/ | ||
+ | ip prefix-list ffef-backbone-in seq 21 permit 10.0.0.0/8 le 32 | ||
+ | ip prefix-list ffef-backbone-in seq 30 permit 172.16.0.0/ | ||
+ | ip prefix-list ffef-backbone-in seq 99 deny 0.0.0.0/0 le 32 | ||
+ | |||
+ | ip prefix-list ffef-backbone-out description *** Backbone IP-Filter ausgehend *** | ||
+ | ip prefix-list ffef-backbone-out seq 10 deny 0.0.0.0/0 | ||
+ | ip prefix-list ffef-backbone-out seq 20 permit 10.99.0.0/ | ||
+ | ip prefix-list ffef-backbone-out seq 99 deny 0.0.0.0/0 le 32 | ||
+ | ! | ||
+ | ! | ||
+ | log file / | ||
+ | ! | ||
+ | !log stdout | ||
+ | |||
+ | |||
</ | </ |