Blog de Flap

08/01/2012

Channel Bonding sur UMTS

Filed under: Réseau — flap @ 17:47

Lien original http://wiki.leipzig.freifunk.net/ChannelBonding

Server
Configuration du serveur openvpn situé chez un hébergeur (ovh, dedibox, etc…) :

/etc/openvpn0.conf

local SERVER0_IP
port SERVER0_PORT

/etc/openvpn1.conf

local SERVER1_IP
port SERVER1_PORT
proto udp
dev tap0

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh2048.pem
tls-auth /etc/openvpn/keys/ta.key 0

keepalive 2 10

mode server
tls-server

client-to-client

max-clients 10
tun-mtu 1500

daemon
verb 3

cipher DES-EDE3-CBC  # Triple-DES

comp-lzo

status /var/log/openvpn-status.log

persist-key
persist-tun

bonding VPN’s

bonding.sh

#!/bin/bash

modprobe bonding mode=3 miimon=100
modprobe tun

ifconfig tap0 down
ifconfig tap1 down

tunctl -u root -g root -t tap0
tunctl -u root -g root -t tap1

ifconfig tap0 up
ifconfig tap1 up

openvpn /etc/openvpn/openvpn.conf &
openvpn /etc/openvpn/openvpn2.conf &
sleep 10

ifconfig bond0 hw ether 00:11:22:33:44:55
ifconfig bond0 10.10.0.1 netmask 255.255.255.252 broadcast 10.10.0.3 up

ifenslave bond0 tap0 tap1

ip addr add 10.10.10.1/24 dev tap0 scope link
ip addr add 10.10.11.1/24 dev tap1 scope link

cleanup.sh

#!/bin/bash
ip addr del 10.10.0.1/32 dev lo
ip addr del 10.10.10.1/24 dev tap1
ip addr del 10.10.11.1/24 dev tap0

killall -9 openvpn

rmmod bonding
rmmod tap

Client

UMTS connect

USB-Stick
idProduct          0x4400
iManufacturer           1 Novatel Wireless
iProduct                2 Novatel Wireless HSUPA Modem

modules: option, serailusb

pppd updetach defaultroute usepeerdns noipdefault debug noauth asyncmap 0 ipcp-accept-local ipcp-accept-remote modem crtscts user vodafone password 42 connect ‘/usr/sbin/chat -t5 -v -e -E -f umts_vodafone.chat’ 100 115200 /dev/ttyUSB1

PCMCIA-Karte
modules: nozomi

pppd updetach defaultroute usepeerdns noipdefault debug noauth asyncmap 0 ipcp-accept-local ipcp-accept-remote modem crtscts user eplus password 42 connect ‘/usr/sbin/chat -t5 -v -e -E -f umts_eplus.chat’ 100 115200 /dev/noz0

umts_eplus.chat

ABORT   BUSY
ABORT   'NO CARRIER'
ABORT   ERROR
REPORT  CONNECT
TIMEOUT 10
""      "AT&F"
OK      "ATE1"
OK      'AT+CGDCONT=1,"IP","internet.eplus.de"'
SAY     "Calling UMTS/GPRS"
TIMEOUT 30
OK      "ATD*99***1#"
CONNECT ' '

umts_vodafone.chat

ABORT   BUSY
ABORT   'NO CARRIER'
ABORT   ERROR
REPORT  CONNECT
TIMEOUT 10
""      "AT&F"
OK      "ATE1"
OK      'AT+CGDCONT=1,"IP","web.vodafone.de"'
SAY     "Calling UMTS/GPRS"
TIMEOUT 30
OK      "ATD*99***1#"
CONNECT ' '

openvpn config

/etc/openvpn0.conf

remote SERVER0_IP SERVER0_PORT

/etc/openvpn1.conf

remote SERVER1_IP SERVER1_PORT
client

dev tap0
proto udp

ping 2
ping-restart 10

resolv-retry infinite

cipher DES-EDE3-CBC  # Triple-DES

tls-client

persist-key
#persist-tun

tun-mtu 1500

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client1.crt
key /etc/openvpn/keys/client1.key
tls-auth /etc/openvpn/keys/ta.key 1

ns-cert-type server

comp-lzo

verb 3

bonding VPN’s

#!/bin/bash

ip route del default
ip route del default

ppp_ip0=`ip addr show ppp0 | grep inet | awk '{ print $2 }'`
ppp_ip1=`ip addr show ppp1 | grep inet | awk '{ print $2 }'`
ppp_pip0=`ip addr show ppp0 | grep inet | awk '{ print $4 }'`
ppp_pip1=`ip addr show ppp1 | grep inet | awk '{ print $4 }'`
ppp_gwip0=`ipcalc "$ppp_pip0" | grep Address | awk '{ print $2 }'`
ppp_gwip1=`ipcalc "$ppp_pip1" | grep Address | awk '{ print $2 }'`

echo "$ppp_ip0"  "$ppp_ip1"  "$ppp_pip0"  "$ppp_pip1"  "$ppp_gwip0"  "$ppp_gwip1" 

ip route add "$ppp_gwip0" dev ppp0 src "$ppp_ip0" scope link table 100
ip route add "$ppp_gwip1" dev ppp1 src "$ppp_ip1" scope link table 101
ip route add default via "$ppp_gwip0" dev ppp0 table 100
ip route add default via "$ppp_gwip1" dev ppp1 table 101
ip rule add from "$ppp_ip0" table 100 prio 20000
ip rule add from "$ppp_ip1" table 101 prio 20001

modprobe bonding mode=3 miimon=100
modprobe tun

tunctl -d tap0
tunctl -d tap1

echo  "$ppp_ip0" "$ppp_ip1"
openvpn --config /etc/openvpn/openvpn.conf --local "$ppp_ip0" --script-security 2 --up /vpn/entap0.sh &
openvpn --config /etc/openvpn/openvpn2.conf --local "$ppp_ip1" --script-security 2 --up /vpn/entap1.sh &

ifconfig bond0 hw ether 55:44:33:22:11:00
ifconfig bond0 10.10.0.2 netmask 255.255.255.252 broadcast 10.10.0.3 up

ip route add default via 10.10.0.1 dev bond0

echo "nameserver 208.67.222.222" > /etc/resolv.conf

#mtr -t google.de 2>&1 |tee /vpn/logs/mtr
#!/bin/bash
ip addr add 10.10.10.2/24 dev tap0
ifenslave bond0 tap0
#!/bin/bash
ip addr add 10.10.11.2/24 dev tap1
ifenslave bond0 tap1

cleanup network-foo

cleanup.sh

#!/bin/bash

ip addr del 10.10.0.2/32 dev lo
ip addr del 10.10.10.2/24 dev tap1
ip addr del 10.10.11.2/24 dev tap0

killall -9 openvpn
killall -9 openvpn

ppp_ip0=ip addr show ppp0 | grep inet | awk '{ print $2 }'
ppp_ip1=ip addr show ppp1 | grep inet | awk '{ print $2 }'

ip addr del "$ppp_ip0" dev ppp0
ip addr del "$ppp_ip1" dev ppp1

killall -9 pppd
killall -9 pppd

pccardctl eject
pccardctl insert

ip route flush table 100
ip route flush table 101

rmmod bonding
rmmod tap

04/01/2012

[fai-locaux] FTTH DIY HowTo – Début du premier jet

Filed under: Fibre optique — flap @ 19:59

https://lists.fdn.fr/wws/arc/fai-locaux/2010-11/msg00068.html

Et un post intéressant sur linuxfr.org,

http://linuxfr.org/news/fibrer-cest-faisable-par-une-bande-de-copains

Powered by WordPress