See my comments below in bold. Thanks. Kun
________________________________ From: 44Net 44net-bounces+dnwk=linkun.info@mailman.ampr.org on behalf of Marius Petrescu via 44Net 44net@mailman.ampr.org Sent: Thursday, November 4, 2021 14:25 To: 44net@mailman.ampr.org 44net@mailman.ampr.org Cc: Marius Petrescu marius@yo2loj.ro Subject: Re: [44net] Tunnel setup help: Debian 11
Kun,
I think you got the whole concept wrong.
1. you need yo configure a network interface with your public IP I am configuring it on my public IP. Interface ens3 is the interface with public IP. I create an interface ens3:1 with my AMPR IP 2. You need to register that public IP wit the portal I have setup my public IP with amprportal 3. After 30 min or so, on that public IP you need to receive IP proto 4 The find_pass.sh could receive the password bradcast now traffic, at least the once every 5 minutes (the RIP broadcasts) 4. Next you need to set up a point to multipoint tunnel interface I have setup a script to create the IPIP tunnel. Attached below. Let me know if something isn't right. 5. You need to run ampr-ripd on that tunnel interface to receive the RIP broadcasts. Ampr-ripd will set up all your additional routes as defined in its command parameters 6. you need to setup a local networtk interface according to your allocation, where the gateway will forward the 44-net trafic to local machines
So in your case you may listen to ens3 as long as you wish. The correct command to check for RIPv2 messages is:
ampr-ripd -d -v -i ampr0 Where is the ampr0 interface come from. I could create one in /etc/network/interface. I only have one network interface.
The incoming ampr0 traffic is seen on the interface ampr0, not on ens3... Ens3 in your setup is for connecting your local machines...
Marius, YO2LOJ
-- rc.local
### ## Create AMPRNet Tunnel and routing ##
## Configure Tunnel (put your ISP you received from your ISP Here). ip tunnel add ampr0 mode ipip local 209.141.42.9 ttl 255
## Bring it up ip link set dev ampr0 up
## Enable Multicast in order to receive routes ifconfig ampr0 multicast
## Configure Policy Based routing # Packets to 44/8 network use routing table 44 ip rule add to 44.0.0.0/8 table 44 priority 44
# Packets from our 44 subnet use table 44 (put your AMPRNet Subnet here) ip rule add from 44.26.0.168/29 table 44 priority 45
## Configure static routes # Default route for table 44 is to send traffic to amprnet gateway at UCSD ip route add default dev ampr0 via 169.228.34.84 onlink table 44
# Route packets for our net to local interface (put your AMPRNet Subnet here) ip route add 44.26.0.168/29 dev ens3 table 44
## Start ampr-ripd to learn rest of mesh routes # Be sure to substitute the password you found earlier for <SecretPassword> # Put your static IP you received from your ISP here. /usr/bin/ampr-ripd -s -i ampr0 -a 209.141.42.9 -t 44 -p <thepassword I received>
--/etc/network/interfaces
# The loopback network interface auto lo iface lo inet loopback
# The primary network interface allow-hotplug ens3 iface ens3 inet dhcp
auto ens3:1 iface ens3:1 inet static address 44.26.0.168 netmask 255.255.255.248
On 04/11/2021 23:15, KUN LIN via 44Net wrote:
Yes. I am trying this on a buyvm vps.
When I run sudo tcpdump -i ens3 -vvv host amprgw.ucsd.edu This is what I got: tcpdump: listening on ens3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
So it does look like something is blocking it? Kun ________________________________ From: 44Net 44net-bounces+dnwk=linkun.info@mailman.ampr.org on behalf of Steve L via 44Net 44net@mailman.ampr.org Sent: Wednesday, November 3, 2021 18:46 To: 44Net general discussion 44net@mailman.ampr.org Cc: Steve L kb9mwr@gmail.com Subject: Re: [44net] Tunnel setup help: Debian 11
I have configured the public IP in the AMPR portal as gateway.
If you just did this, wait a while like a half hour.
When I try to run find_password.sh in ampr-ripd-2.4, I am stopped at Waiting for RIPv2 broadcasts... and never retrieve a password.
You don't need to run the find password script or specify a password if you are using ampr-ripd above version 1.14 (its hardcoded in the program). But I do believe even if you run that, it should retrieve it.
I usually start off really stripped down, with all firewall stuff off till I know I am receiving the protocol 4 rip broadcasts.
Do you see anything with tcpdump ? tcpdump -i eth0 -vvv host amprgw.ucsd.edu or ip proto \icmp
If not, then something upstream is blocking protocol 4 from reaching you. Seems like it might be outside of your home if your configuring the interface directly with a public IP
In the iptables world, here is the ipencap (protocol 4) syntax: iptables -A INPUT -p 4 -j ACCEPT
On Wed, Nov 3, 2021 at 6:11 PM KUN LIN via 44Net 44net@mailman.ampr.org wrote:
I have been trying to configure the AMPRtunnel for a while without success. Could someone please point me to the right direction.
I am running Debian 11 with public IP. I have configured the public IP in the AMPR portal as gateway.
I am trying to follow this document https://wiki.ampr.org/wiki/Ubuntu_Linux_Gateway_Example
When I try to run find_password.sh in ampr-ripd-2.4, I am stopped at Waiting for RIPv2 broadcasts... and never retrieve a password.
Here is what I have done so far.
in /etc/network/interfaces, I added
auto ens3:1 iface ens3:1 inet static address 44.26.0.168 netmask 255.255.255.248
Then I created ipip tunnel using following commands
ip tunnel add ampr0 mode ipip local 209.141.42.9 ttl 255 ip link set dev ampr0 up ifconfig ampr0 multicast ip rule add to 44.0.0.0/8 table 44 priority 44 ip rule add from 44.26.0.168/29 table 44 priority 45 ip route add default dev ampr0 via 169.228.34.84 onlink table 44 ip route add 44.26.0.168/29 dev ens3 table 44
Then, I run ampr-ripd -d -v -i ens3 to get the password in order to plug into lat command ampr-ripd -s -i ampr0 -a 209.141.42.9-t 44 -p <SecretPassword>
However, the find_password.sh stopped at waiting for ripv2 broadcast. Here is the logs for command
Using metric 0 for routes. Using TCP window 840 for routes. Using gateway 209.141.42.1 for direct 44net endpoints via interface ens3. Waiting for RIPv2 broadcasts...
Any idea on what am I doing wrong? Thanks
Kun
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net _________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net