Repeater linking: Difference between revisions
Brian Wilson (talk | contribs) m →Tunnel |
Brian Wilson (talk | contribs) m →Tunnel |
||
| Line 14: | Line 14: | ||
my current thought is to keep it as simple as possible by using only tunnels. | my current thought is to keep it as simple as possible by using only tunnels. | ||
Tools you will be be needing. | |||
apt install tcpdump | |||
== Tunnels == | |||
TAP interface | === GRE tunnels === | ||
Basics | |||
* https://david-waiting.medium.com/a-beginners-guide-to-generic-routing-encapsulation-fb2b4fb63abb | |||
* https://www.xmodulo.com/create-gre-tunnel-linux.html | |||
Types and basic commands | |||
On Raspbian I had to create a file to load the modules at boot, in this order. | |||
cd /etc/modules-load.d | |||
cat > tunnel.conf | |||
gre | |||
ip_tunnel | |||
ip_gre | |||
I reboot at this point and make sure the modules are loading, with | |||
lsmod | grep gre | |||
'''TUN interface''' - encapsulates ether header | |||
The "gre0" interface exists so if I try to use the first command with gre0 | |||
I get an 'exists' error, | |||
I could follow the first example above and use "tun0" instead of "gre0"? | |||
On violet, | |||
ip tunnel add tun0 mode gre remote 172.16.123.1 local 172.16.123.2 ttl 255 | |||
ip addr add 10.10.10.1/24 dev tun0 | |||
ip link set tun0 up | |||
On tenrec, the other way round, | |||
ip tunnel add tun0 mode gre remote 172.16.123.2 local 172.16.123.1 ttl 255 | |||
ip addr add 10.10.10.2/24 dev tun0 | |||
ip link set tun0 up | |||
To shutdown simply use, then press on and test TAP. | |||
ip link set tun0 down | |||
'''TAP interface''' - no ether header | |||
On violet, | |||
ip link add tun1 type gretap remote 172.16.123.1 local 172.16.123.2 dev eth0 | |||
ip addr add 10.10.10.1/24 dev tun1 | |||
ip link set tun1 up | |||
ip -d link show tun1 | |||
On tenrec, going the other direction, | |||
ip link add tun1 type gretap remote 172.16.123.2 local 172.16.123.1 dev eth0 | |||
ip addr add 10.10.10.2/24 dev tun1 | |||
ip link set tun1 up | |||
ip -d link show tun1 | |||
I need some sample commands here to confirm the links actually work. | |||
ping 10.10.10.1 | |||
ping 172.16.123.1 | |||
tcpdump -i tun0 | |||
== Wireguard == | == Wireguard == | ||
Revision as of 22:05, 26 February 2022
I am testing network configurations for TARRA, the Teton Amateur Radio Repeater Association in Wyoming.
Goal here is to route our 44 subnet to the repeaters. The repeaters can be on any service provider so we need to accommodate that.
I am using a Pi4 and a Pi3 for testing right now, using the official image based on Debian.
I have to keep in mind that the bigger picture is to control and link the repeaters, so that might mean changing out the operating system. For example, the Pi image distributed for Allstar is ArchLinux.
Wireguard would be one approach but my current thought is to keep it as simple as possible by using only tunnels.
Tools you will be be needing.
apt install tcpdump
Tunnels
GRE tunnels
Basics
- https://david-waiting.medium.com/a-beginners-guide-to-generic-routing-encapsulation-fb2b4fb63abb
- https://www.xmodulo.com/create-gre-tunnel-linux.html
Types and basic commands
On Raspbian I had to create a file to load the modules at boot, in this order.
cd /etc/modules-load.d cat > tunnel.conf gre ip_tunnel ip_gre
I reboot at this point and make sure the modules are loading, with
lsmod | grep gre
TUN interface - encapsulates ether header
The "gre0" interface exists so if I try to use the first command with gre0 I get an 'exists' error, I could follow the first example above and use "tun0" instead of "gre0"?
On violet,
ip tunnel add tun0 mode gre remote 172.16.123.1 local 172.16.123.2 ttl 255 ip addr add 10.10.10.1/24 dev tun0 ip link set tun0 up
On tenrec, the other way round,
ip tunnel add tun0 mode gre remote 172.16.123.2 local 172.16.123.1 ttl 255 ip addr add 10.10.10.2/24 dev tun0 ip link set tun0 up
To shutdown simply use, then press on and test TAP.
ip link set tun0 down
TAP interface - no ether header
On violet,
ip link add tun1 type gretap remote 172.16.123.1 local 172.16.123.2 dev eth0 ip addr add 10.10.10.1/24 dev tun1 ip link set tun1 up ip -d link show tun1
On tenrec, going the other direction,
ip link add tun1 type gretap remote 172.16.123.2 local 172.16.123.1 dev eth0 ip addr add 10.10.10.2/24 dev tun1 ip link set tun1 up ip -d link show tun1
I need some sample commands here to confirm the links actually work.
ping 10.10.10.1 ping 172.16.123.1 tcpdump -i tun0
Wireguard
Wireguard is an encrypted tunnel that is easy to set up.
Instructions and download are available from https://github.com/WireGuard/wireguard-vyatta-ubnt/wiki/EdgeOS-and-Unifi-Gateway
