Repeater linking: Difference between revisions
Brian Wilson (talk | contribs) |
Brian Wilson (talk | contribs) |
||
| Line 35: | Line 35: | ||
reboot | reboot | ||
Now you have an unconfigured interface called tunl0. | Now you have an unconfigured interface called tunl0. I add a new one, tun0 | ||
On violet, | On violet, | ||
ip tunnel add tun0 mode ipip remote | ip tunnel add tun0 mode ipip remote 44.127.9.2 | ||
ip addr add 10.10.10.1/24 dev tun0 | ip addr add 10.10.10.1/24 dev tun0 | ||
ip link set tun0 up | ip link set tun0 up | ||
On tenrec, | |||
ip tunnel add tun0 mode ipip remote 44.127.9.1 | |||
ip addr add 10.10.10.2/24 dev tun0 | |||
ip link set tun0 up | |||
ping 10.10.10.1 | |||
Revision as of 02:54, 27 February 2022
I am testing network configurations for TARRA, the Teton Amateur Radio Repeater Association in Wyoming.
Goal here is to route our 44 subnet to the repeaters. The repeaters can be on any service provider so we need to accommodate that.
I have to keep in mind that the bigger picture is to control and link the repeaters, so that might mean changing out the operating system. For example, the Pi image distributed for Allstar is ArchLinux.
Wireguard would be one approach but my current thought is to keep it as simple as possible by using only tunnels.
Test setup
I am using a Pi4 and a Pi3 for testing right now, using the official image based on Debian.
Violet is the pi3, connected over Wifi so I can ssh into it
Tenrec is the pi4, connected by a 10BT patch cable to violet. Tenrec has a 7" screen and kbd.
Tools you will be be needing.
apt install tcpdump
Tunnels
IPIP tunnels
cat /etc/modules-load.d cat > ip_tunnel.conf tunnel4 ipip reboot
Now you have an unconfigured interface called tunl0. I add a new one, tun0
On violet,
ip tunnel add tun0 mode ipip remote 44.127.9.2 ip addr add 10.10.10.1/24 dev tun0 ip link set tun0 up
On tenrec,
ip tunnel add tun0 mode ipip remote 44.127.9.1 ip addr add 10.10.10.2/24 dev tun0 ip link set tun0 up
ping 10.10.10.1
GRE tunnels
Not working the way I expect,
Basics
- https://david-waiting.medium.com/a-beginners-guide-to-generic-routing-encapsulation-fb2b4fb63abb
- https://www.xmodulo.com/create-gre-tunnel-linux.html
Types and basic commands
On Raspbian I had to create a file to load the modules at boot, in this order.
cd /etc/modules-load.d cat > gre_tunnel.conf gre ip_tunnel ip_gre
I reboot at this point and make sure the modules are loading, with
lsmod | grep gre
TUN interface - encapsulates ether header
The "gre0" interface exists so if I try to use the first command with gre0 I get an 'exists' error, I could follow the first example above and use "tun0" instead of "gre0"?
On violet,
ip tunnel add tun0 mode gre remote 172.16.123.1 local 172.16.123.2 ttl 255 ip addr add 10.10.10.1/24 dev tun0 ip link set tun0 up
On tenrec, the other way round,
ip tunnel add tun0 mode gre remote 172.16.123.2 local 172.16.123.1 ttl 255 ip addr add 10.10.10.2/24 dev tun0 ip link set tun0 up
To shutdown simply use, then press on and test TAP.
ip link set tun0 down
TAP interface - no ether header
On violet,
ip link add tun1 type gretap remote 172.16.123.1 local 172.16.123.2 dev eth0 ip addr add 10.10.10.1/24 dev tun1 ip link set tun1 up ip -d link show tun1
On tenrec, going the other direction,
ip link add tun1 type gretap remote 172.16.123.2 local 172.16.123.1 dev eth0 ip addr add 10.10.10.2/24 dev tun1 ip link set tun1 up ip -d link show tun1
I need some sample commands here to confirm the links actually work.
ping 10.10.10.1 ping 172.16.123.1 tcpdump -i tun0
Wireguard
Wireguard is an encrypted tunnel that is easy to set up.
Instructions and download are available from https://github.com/WireGuard/wireguard-vyatta-ubnt/wiki/EdgeOS-and-Unifi-Gateway
