gvpe/doc/gvpe.5

.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sh \" Subsection heading
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  | will give a
.\" real vertical bar.  \*(C+ will give a nicer C++.  Capital omega is used to
.\" do unbreakable dashes and therefore won't be available.  \*(C` and \*(C'
.\" expand to `' in nroff, nothing in troff, for use with C<>.
.tr \(*W-|\(bv\*(Tr
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` 
.    ds C' 
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
'br\}
.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.if \nF \{\
.    de IX
.    tm Index:\\$1\t\\n%\t"\\$2"
..
.    nr % 0
.    rr F
.\}
.\"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.hy 0
.if n .na
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "GVPE 5"
.TH GVPE 5 "2005-01-27" "1.7" "GNU Virtual Private Ethernet"
.SH "NAME"
GNU\-VPE \- Overview of the GNU Virtual Private Ethernet suite.
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
\&\s-1GVPE\s0 is a suite designed to provide a virtual private network for multiple
nodes over an untrusted network.
.IP "\(bu" 4
.IX Xref "Virtual"
Virtual means that no physical network is created (of course), but an
ethernet is emulated by creating multiple tunnels between the member
nodes.
.IP "\(bu" 4
.IX Xref "Private"
Private means that non-participating nodes cannot decode (\*(L"sniff)\*(R" nor
inject (\*(L"spoof\*(R") packets.
.Sp
In the case of gvpe, even participating nodes cannot sniff packets send to
other nodes or spoof packets as if sent from other nodes.
.IP "\(bu" 4
.IX Xref "Network"
Network means that more than two parties can participate in the network,
so for instance it's possible to connect multiple branches of a company
into a single network. Many so-called \*(L"vpn\*(R" solutions only create
point-to-point tunnels.
.Sh "\s-1DESIGN\s0 \s-1GOALS\s0"
.IX Subsection "DESIGN GOALS"
.IP "\s-1SIMPLE\s0 \s-1DESIGN\s0" 4
.IX Item "SIMPLE DESIGN"
Cipher, \s-1HMAC\s0 algorithms and other key parameters must be selected
at compile time \- this makes it possible to only link in algorithms
you actually need. It also makes the crypto part of the source very
transparent and easy to inspect.
.IP "\s-1EASY\s0 \s-1TO\s0 \s-1SETUP\s0" 4
.IX Item "EASY TO SETUP"
A few lines of config (the config file is shared unmodified between all
hosts) and a single run of \f(CW\*(C`gvpectrl\*(C'\fR to generate the keys suffices to
make it work.
.IP "MAC-BASED \s-1SECURITY\s0" 4
.IX Item "MAC-BASED SECURITY"
Since every host has it's own private key, other hosts cannot spoof
traffic from this host. That makes it possible to filter packet by \s-1MAC\s0
address, e.g. to ensure that packets from a specific \s-1IP\s0 address come, in
fact, from a specific host that is associated with that \s-1IP\s0 and not from
another host.
.SH "PROGRAMS"
.IX Header "PROGRAMS"
Vpe comes with two programs: one daemon (\f(CW\*(C`gvpe\*(C'\fR) and one control program
(\f(CW\*(C`gvpectrl\*(C'\fR).
.IP "gvpectrl" 4
.IX Item "gvpectrl"
Is used to generate the keys, check and give an overview of of the
configuration and contorl the daemon (restarting etc.).
.IP "gvpe" 4
.IX Item "gvpe"
Is the daemon used to establish and maintain connections to the other
network members. It should be run on the gateway machine.
.SH "COMPILETIME CONFIGURATION"
.IX Header "COMPILETIME CONFIGURATION"
Please have a look at the \f(CW\*(C`gvpe.osdep(5)\*(C'\fR manpage for platform-specific
information.
.PP
Here are a few recipes for compiling your gvpe, showing the extremes
(fast, small, insecure \s-1OR\s0 slow, large, more secure), between you should
choose:
.Sh "\s-1AS\s0 \s-1LOW\s0 \s-1PACKET\s0 \s-1OVERHEAD\s0 \s-1AS\s0 \s-1POSSIBLE\s0"
.IX Subsection "AS LOW PACKET OVERHEAD AS POSSIBLE"
.Vb 1
\&   ./configure --enable-hmac-length=4 --enable-rand-length=0
.Ve
.PP
Minimize the header overhead of \s-1VPN\s0 packets (the above will result in
only 4 bytes of overhead over the raw ethernet frame). This is a insecure
configuration because a \s-1HMAC\s0 length of 4 makes collision attacks based on
the birthday paradox easy, though.
.Sh "\s-1MINIMIZE\s0 \s-1CPU\s0 \s-1TIME\s0 \s-1REQUIRED\s0"
.IX Subsection "MINIMIZE CPU TIME REQUIRED"
.Vb 1
\&   ./configure --enable-cipher=bf --enable-digest=md4
.Ve
.PP
Use the fastest cipher and digest algorithms currently available in
gvpe. \s-1MD4\s0 has been broken and is quite insecure, though.
.Sh "\s-1MAXIMIZE\s0 \s-1SECURITY\s0"
.IX Subsection "MAXIMIZE SECURITY"
.Vb 1
\&   ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1
.Ve
.PP
This uses a 16 byte \s-1HMAC\s0 checksum to authenticate packets (I guess 8\-12
would also be pretty secure ;) and will additionally prefix each packet
with 8 bytes of random data. In the long run, people should move to
\&\s-1SHA\-224\s0 and beyond, but support in openssl is missing as of writing this
document.
.PP
In general, remember that \s-1AES\-128\s0 seems to be more secure and faster than
\&\s-1AES\-192\s0 or \s-1AES\-256\s0, more randomness helps against sniffing and a longer
\&\s-1HMAC\s0 helps against spoofing. \s-1MD4\s0 is a fast digest, \s-1SHA1\s0 or \s-1RIPEMD160\s0 are
better, and Blowfish is a fast cipher (and also quite secure).
.SH "HOW TO SET UP A SIMPLE VPN"
.IX Header "HOW TO SET UP A SIMPLE VPN"
In this section I will describe how to get a simple \s-1VPN\s0 consisting of
three hosts up and running.
.Sh "\s-1STEP\s0 1: configuration"
.IX Subsection "STEP 1: configuration"
First you have to create a daemon configuation file and put it into the
configuration directory. This is usually \f(CW\*(C`/etc/gvpe\*(C'\fR, depending on how you
configured gvpe, and can be overwritten using the \f(CW\*(C`\-c\*(C'\fR commandline switch.
.PP
Put the following lines into \f(CW\*(C`/etc/gvpe/gvpe.conf\*(C'\fR:
.PP
.Vb 3
\&   udp-port = 50000 # the external port to listen on (configure your firewall)
\&   mtu = 1400       # minimum MTU of all outgoing interfaces on all hosts
\&   ifname = vpn0    # the local network device name
.Ve
.PP
.Vb 2
\&   node = first     # just a nickname
\&   hostname = first.example.net # the DNS name or IP address of the host
.Ve
.PP
.Vb 2
\&   node = second
\&   hostname = 133.55.82.9
.Ve
.PP
.Vb 2
\&   node = third
\&   hostname = third.example.net
.Ve
.PP
The only other file neccessary if the \f(CW\*(C`if\-up\*(C'\fR script that initializes the
local ethernet interface. Put the following lines into \f(CW\*(C`/etc/gvpe/if\-up\*(C'\fR
and make it execute (\f(CW\*(C`chmod 755 /etc/gvpe/if\-up\*(C'\fR):
.PP
.Vb 6
\&   #!/bin/sh
\&   ip link set $IFNAME address $MAC mtu $MTU up
\&   [ $NODENAME = first  ] && ip addr add 10.0.1.1 dev $IFNAME
\&   [ $NODENAME = second ] && ip addr add 10.0.2.1 dev $IFNAME
\&   [ $NODENAME = third  ] && ip addr add 10.0.3.1 dev $IFNAME
\&   ip route add 10.0.0.0/16 dev $IFNAME
.Ve
.PP
This script will give each node a different \s-1IP\s0 address in the \f(CW\*(C`10.0/16\*(C'\fR
network.  The internal network (e.g. the \f(CW\*(C`eth0\*(C'\fR interface) should then be
set to a subset of that network, e.g.  \f(CW\*(C`10.0.1.0/24\*(C'\fR on node \f(CW\*(C`first\*(C'\fR,
\&\f(CW\*(C`10.0.2.0/24\*(C'\fR on node \f(CW\*(C`second\*(C'\fR, and so on.
.PP
By enabling routing on the gateway host that runs \f(CW\*(C`gvpe\*(C'\fR all nodes will
be able to reach the other nodes. You can, of course, also use proxy arp
or other means of pseudo-bridging (or even real briding), or (best) full
routing \- the choice is yours.
.Sh "\s-1STEP\s0 2: create the \s-1RSA\s0 key pairs for all hosts"
.IX Subsection "STEP 2: create the RSA key pairs for all hosts"
Run the following command to generate all key pairs (that might take a
while):
.PP
.Vb 1
\&   gvpectrl -c /etc/gvpe -g
.Ve
.PP
This command will put the public keys into \f(CW\*(C`/etc/gvpe/pubkeys/\f(CInodename\f(CW\*(C'\fR and the private keys into \f(CW\*(C`/etc/gvpe/hostkeys/\f(CInodename\f(CW\*(C'\fR.
.Sh "\s-1STEP\s0 3: distribute the config files to all nodes"
.IX Subsection "STEP 3: distribute the config files to all nodes"
Now distribute the config files to the other nodes. This should be done in two steps, since the
private keys should not be distributed. The example uses rsync-over-ssh
.PP
First all the config files without the hostkeys should be distributed:
.PP
.Vb 3
\&   rsync -avzessh /etc/gvpe first.example.net:/etc/. --exclude hostkeys
\&   rsync -avzessh /etc/gvpe 133.55.82.9:/etc/. --exclude hostkeys
\&   rsync -avzessh /etc/gvpe third.example.net:/etc/. --exclude hostkeys
.Ve
.PP
Then the hostkeys should be copied:
.PP
.Vb 3
\&   rsync -avzessh /etc/gvpe/hostkeys/first  first.example.net:/etc/hostkey
\&   rsync -avzessh /etc/gvpe/hostkeys/second 133.55.82.9:/etc/hostkey
\&   rsync -avzessh /etc/gvpe/hostkeys/third  third.example.net:/etc/hostkey
.Ve
.PP
You should now check the configration by issuing the command \f(CW\*(C`gvpectrl \-c
/etc/gvpe \-s\*(C'\fR on each node and verify it's output.
.Sh "\s-1STEP\s0 4: starting gvpe"
.IX Subsection "STEP 4: starting gvpe"
You should then start gvpe on each node by issuing a command like:
.PP
.Vb 1
\&   gvpe -D -linfo first # first is the nodename
.Ve
.PP
This will make the gvpe stay in foreground. You should then see
\&\*(L"connection established\*(R" messages. If you don't see them check your
firewall and routing (use tcpdump ;).
.PP
If this works you should check your networking setup by pinging various
endpoints.
.PP
To make gvpe run more permanently you can either run it as a daemon
(by starting it without the \f(CW\*(C`\-D\*(C'\fR switch), or, much better, from your
inittab. I use a line like this on my systems:
.PP
.Vb 1
\&   t1:2345:respawn:/opt/gvpe/sbin/gvpe -D -L first >/dev/null 2>&1
.Ve
.Sh "\s-1STEP\s0 5: enjoy"
.IX Subsection "STEP 5: enjoy"
\&... and play around. Sending a \-HUP (\f(CW\*(C`gvpectrl \-kHUP\*(C'\fR) to the daemon
will make it try to connect to all other nodes again. If you run it from
inittab, as is recommended, \f(CW\*(C`gvpectrl \-k\*(C'\fR (or simply \f(CW\*(C`killall gvpe\*(C'\fR) will
kill the daemon, start it again, making it read it's configuration files
again.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIgvpe.osdep\fR\|(5) for OS-depedendent information, \fIgvpe.conf\fR\|(5), \fIgvpectrl\fR\|(8), and
for a description of the protocol and routing algorithms, \fIgvpe.protocol\fR\|(7).
.SH "AUTHOR"
.IX Header "AUTHOR"
Marc Lehmann <gvpe@plan9.de>
.SH "COPYRIGHTS AND LICENSES"
.IX Header "COPYRIGHTS AND LICENSES"
\&\s-1GVPE\s0 itself is distributed under the \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 (see the file
\&\s-1COPYING\s0 that should be part of your distribution).
.PP
In some configurations it uses modified versions of the tinc vpn suite,
which is also available under the \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0.
Revision:	1.4
Committed:	Thu Jan 27 07:02:18 2005 UTC (19 years, 3 months ago) by pcg
Branch:	MAIN
Changes since 1.3:	+9 -4 lines
Log Message:	* empty log message *
#	User	Rev	Content
1	pcg	1.1	.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.14
2			.\"
3			.\" Standard preamble:
4			.\" ========================================================================
5			.de Sh \" Subsection heading
6			.br
7			.if t .Sp
8			.ne 5
9			.PP
10			\fB\\$1\fR
11			.PP
12			..
13			.de Sp \" Vertical space (when we can't use .PP)
14			.if t .sp .5v
15			.if n .sp
16			..
17			.de Vb \" Begin verbatim text
18			.ft CW
19			.nf
20			.ne \\$1
21			..
22			.de Ve \" End verbatim text
23			.ft R
24			.fi
25			..
26			.\" Set up some character translations and predefined strings. \*(-- will
27			.\" give an unbreakable dash, \(PI will give pi, \(L" will give a left
28			.\" double quote, and \*(R" will give a right double quote. \| will give a
29			.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
30			.\" do unbreakable dashes and therefore won't be available. \(C` and \(C'
31			.\" expand to `' in nroff, nothing in troff, for use with C<>.
32			.tr \(W-\|\(bv\(Tr
33			.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
34			.ie n \{\
35			. ds -- \(*W-
36			. ds PI pi
37			. if (\n(.H=4u)&(1m=24u) .ds -- \(W\h'-12u'\(W\h'-12u'-\" diablo 10 pitch
38			. if (\n(.H=4u)&(1m=20u) .ds -- \(W\h'-12u'\(W\h'-8u'-\" diablo 12 pitch
39			. ds L" ""
40			. ds R" ""
41			. ds C`
42			. ds C'
43			'br\}
44			.el\{\
45			. ds -- \\|\(em\\|
46			. ds PI \(*p
47			. ds L" ``
48			. ds R" ''
49			'br\}
50			.\"
51			.\" If the F register is turned on, we'll generate index entries on stderr for
52			.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
53			.\" entries marked with X<> in POD. Of course, you'll have to process the
54			.\" output yourself in some meaningful fashion.
55			.if \nF \{\
56			. de IX
57			. tm Index:\\$1\t\\n%\t"\\$2"
58			..
59			. nr % 0
60			. rr F
61			.\}
62			.\"
63			.\" For nroff, turn off justification. Always turn off hyphenation; it makes
64			.\" way too many mistakes in technical documents.
65			.hy 0
66			.if n .na
67			.\"
68			.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
69			.\" Fear. Run. Save yourself. No user-serviceable parts.
70			. \" fudge factors for nroff and troff
71			.if n \{\
72			. ds #H 0
73			. ds #V .8m
74			. ds #F .3m
75			. ds #[ \f1
76			. ds #] \fP
77			.\}
78			.if t \{\
79			. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
80			. ds #V .6m
81			. ds #F 0
82			. ds #[ \&
83			. ds #] \&
84			.\}
85			. \" simple accents for nroff and troff
86			.if n \{\
87			. ds ' \&
88			. ds ` \&
89			. ds ^ \&
90			. ds , \&
91			. ds ~ ~
92			. ds /
93			.\}
94			.if t \{\
95			. ds ' \\k:\h'-(\\n(.wu8/10-\(#H)'\'\h"\|\\n:u"
96			. ds ` \\k:\h'-(\\n(.wu8/10-\(#H)'\`\h'\|\\n:u'
97			. ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'^\h'\|\\n:u'
98			. ds , \\k:\h'-(\\n(.wu*8/10)',\h'\|\\n:u'
99			. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'\|\\n:u'
100			. ds / \\k:\h'-(\\n(.wu8/10-\(#H)'\z\(sl\h'\|\\n:u'
101			.\}
102			. \" troff and (daisy-wheel) nroff accents
103			.ds : \\k:\h'-(\\n(.wu8/10-\(#H+.1m+\(#F)'\v'-\(#V'\z.\h'.2m+\(#F'.\h'\|\\n:u'\v'\(#V'
104			.ds 8 \h'\(#H'\(b\h'-\*(#H'
105			.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\(#H)/2u'\v'-.3n'\(#[\z\(de\v'.3n'\h'\|\\n:u'\*(#]
106			.ds d- \h'\(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\(#H'
107			.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'\|\\n:u'
108			.ds th \(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u2/3)'\s-1o\s+1\*(#]
109			.ds Th \(#[\s+2I\s-2\h'-\w'I'u3/5'\v'-.3m'o\v'.3m'\*(#]
110			.ds ae a\h'-(\w'a'u*4/10)'e
111			.ds Ae A\h'-(\w'A'u*4/10)'E
112			. \" corrections for vroff
113			.if v .ds ~ \\k:\h'-(\\n(.wu9/10-\(#H)'\s-2\u~\d\s+2\h'\|\\n:u'
114			.if v .ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'\v'-.4m'^\v'.4m'\h'\|\\n:u'
115			. \" for low resolution devices (crt and lpr)
116			.if \n(.H>23 .if \n(.V>19 \
117			\{\
118			. ds : e
119			. ds 8 ss
120			. ds o a
121			. ds d- d\h'-1'\(ga
122			. ds D- D\h'-1'\(hy
123			. ds th \o'bp'
124			. ds Th \o'LP'
125			. ds ae ae
126			. ds Ae AE
127			.\}
128			.rm #[ #] #H #V #F C
129			.\" ========================================================================
130			.\"
131			.IX Title "GVPE 5"
132	pcg	1.3	.TH GVPE 5 "2005-01-27" "1.7" "GNU Virtual Private Ethernet"
133	pcg	1.1	.SH "NAME"
134			GNU\-VPE \- Overview of the GNU Virtual Private Ethernet suite.
135			.SH "DESCRIPTION"
136			.IX Header "DESCRIPTION"
137			\&\s-1GVPE\s0 is a suite designed to provide a virtual private network for multiple
138			nodes over an untrusted network.
139	pcg	1.3	.IP "\(bu" 4
140			.IX Xref "Virtual"
141			Virtual means that no physical network is created (of course), but an
142	pcg	1.1	ethernet is emulated by creating multiple tunnels between the member
143			nodes.
144	pcg	1.3	.IP "\(bu" 4
145			.IX Xref "Private"
146			Private means that non-participating nodes cannot decode (\(L"sniff)\(R" nor
147	pcg	1.1	inject (\(L"spoof\(R") packets.
148	pcg	1.3	.Sp
149	pcg	1.1	In the case of gvpe, even participating nodes cannot sniff packets send to
150			other nodes or spoof packets as if sent from other nodes.
151	pcg	1.3	.IP "\(bu" 4
152			.IX Xref "Network"
153			Network means that more than two parties can participate in the network,
154			so for instance it's possible to connect multiple branches of a company
155			into a single network. Many so-called \(L"vpn\(R" solutions only create
156	pcg	1.1	point-to-point tunnels.
157			.Sh "\s-1DESIGN\s0 \s-1GOALS\s0"
158			.IX Subsection "DESIGN GOALS"
159			.IP "\s-1SIMPLE\s0 \s-1DESIGN\s0" 4
160			.IX Item "SIMPLE DESIGN"
161			Cipher, \s-1HMAC\s0 algorithms and other key parameters must be selected
162			at compile time \- this makes it possible to only link in algorithms
163			you actually need. It also makes the crypto part of the source very
164			transparent and easy to inspect.
165			.IP "\s-1EASY\s0 \s-1TO\s0 \s-1SETUP\s0" 4
166			.IX Item "EASY TO SETUP"
167			A few lines of config (the config file is shared unmodified between all
168			hosts) and a single run of \f(CW\(C`gvpectrl\(C'\fR to generate the keys suffices to
169			make it work.
170			.IP "MAC-BASED \s-1SECURITY\s0" 4
171			.IX Item "MAC-BASED SECURITY"
172			Since every host has it's own private key, other hosts cannot spoof
173			traffic from this host. That makes it possible to filter packet by \s-1MAC\s0
174			address, e.g. to ensure that packets from a specific \s-1IP\s0 address come, in
175			fact, from a specific host that is associated with that \s-1IP\s0 and not from
176			another host.
177			.SH "PROGRAMS"
178			.IX Header "PROGRAMS"
179			Vpe comes with two programs: one daemon (\f(CW\(C`gvpe\(C'\fR) and one control program
180			(\f(CW\(C`gvpectrl\(C'\fR).
181			.IP "gvpectrl" 4
182			.IX Item "gvpectrl"
183			Is used to generate the keys, check and give an overview of of the
184			configuration and contorl the daemon (restarting etc.).
185			.IP "gvpe" 4
186			.IX Item "gvpe"
187			Is the daemon used to establish and maintain connections to the other
188			network members. It should be run on the gateway machine.
189			.SH "COMPILETIME CONFIGURATION"
190			.IX Header "COMPILETIME CONFIGURATION"
191			Please have a look at the \f(CW\(C`gvpe.osdep(5)\(C'\fR manpage for platform-specific
192			information.
193			.PP
194	pcg	1.4	Here are a few recipes for compiling your gvpe, showing the extremes
195			(fast, small, insecure \s-1OR\s0 slow, large, more secure), between you should
196			choose:
197	pcg	1.1	.Sh "\s-1AS\s0 \s-1LOW\s0 \s-1PACKET\s0 \s-1OVERHEAD\s0 \s-1AS\s0 \s-1POSSIBLE\s0"
198			.IX Subsection "AS LOW PACKET OVERHEAD AS POSSIBLE"
199			.Vb 1
200			\& ./configure --enable-hmac-length=4 --enable-rand-length=0
201			.Ve
202			.PP
203	pcg	1.4	Minimize the header overhead of \s-1VPN\s0 packets (the above will result in
204			only 4 bytes of overhead over the raw ethernet frame). This is a insecure
205			configuration because a \s-1HMAC\s0 length of 4 makes collision attacks based on
206			the birthday paradox easy, though.
207	pcg	1.1	.Sh "\s-1MINIMIZE\s0 \s-1CPU\s0 \s-1TIME\s0 \s-1REQUIRED\s0"
208			.IX Subsection "MINIMIZE CPU TIME REQUIRED"
209			.Vb 1
210			\& ./configure --enable-cipher=bf --enable-digest=md4
211			.Ve
212			.PP
213	pcg	1.4	Use the fastest cipher and digest algorithms currently available in
214			gvpe. \s-1MD4\s0 has been broken and is quite insecure, though.
215	pcg	1.1	.Sh "\s-1MAXIMIZE\s0 \s-1SECURITY\s0"
216			.IX Subsection "MAXIMIZE SECURITY"
217			.Vb 1
218			\& ./configure --enable-hmac-length=16 --enable-rand-length=8 --enable-digest=sha1
219			.Ve
220			.PP
221			This uses a 16 byte \s-1HMAC\s0 checksum to authenticate packets (I guess 8\-12
222			would also be pretty secure ;) and will additionally prefix each packet
223	pcg	1.2	with 8 bytes of random data. In the long run, people should move to
224			\&\s-1SHA\-224\s0 and beyond, but support in openssl is missing as of writing this
225			document.
226	pcg	1.1	.PP
227			In general, remember that \s-1AES\-128\s0 seems to be more secure and faster than
228			\&\s-1AES\-192\s0 or \s-1AES\-256\s0, more randomness helps against sniffing and a longer
229			\&\s-1HMAC\s0 helps against spoofing. \s-1MD4\s0 is a fast digest, \s-1SHA1\s0 or \s-1RIPEMD160\s0 are
230			better, and Blowfish is a fast cipher (and also quite secure).
231			.SH "HOW TO SET UP A SIMPLE VPN"
232			.IX Header "HOW TO SET UP A SIMPLE VPN"
233			In this section I will describe how to get a simple \s-1VPN\s0 consisting of
234			three hosts up and running.
235			.Sh "\s-1STEP\s0 1: configuration"
236			.IX Subsection "STEP 1: configuration"
237			First you have to create a daemon configuation file and put it into the
238			configuration directory. This is usually \f(CW\(C`/etc/gvpe\(C'\fR, depending on how you
239			configured gvpe, and can be overwritten using the \f(CW\(C`\-c\(C'\fR commandline switch.
240			.PP
241			Put the following lines into \f(CW\(C`/etc/gvpe/gvpe.conf\(C'\fR:
242			.PP
243			.Vb 3
244			\& udp-port = 50000 # the external port to listen on (configure your firewall)
245			\& mtu = 1400 # minimum MTU of all outgoing interfaces on all hosts
246			\& ifname = vpn0 # the local network device name
247			.Ve
248			.PP
249			.Vb 2
250			\& node = first # just a nickname
251			\& hostname = first.example.net # the DNS name or IP address of the host
252			.Ve
253			.PP
254			.Vb 2
255			\& node = second
256			\& hostname = 133.55.82.9
257			.Ve
258			.PP
259			.Vb 2
260			\& node = third
261			\& hostname = third.example.net
262			.Ve
263			.PP
264			The only other file neccessary if the \f(CW\(C`if\-up\(C'\fR script that initializes the
265			local ethernet interface. Put the following lines into \f(CW\(C`/etc/gvpe/if\-up\(C'\fR
266			and make it execute (\f(CW\(C`chmod 755 /etc/gvpe/if\-up\(C'\fR):
267			.PP
268			.Vb 6
269			\& #!/bin/sh
270			\& ip link set $IFNAME address $MAC mtu $MTU up
271			\& [ $NODENAME = first ] && ip addr add 10.0.1.1 dev $IFNAME
272			\& [ $NODENAME = second ] && ip addr add 10.0.2.1 dev $IFNAME
273			\& [ $NODENAME = third ] && ip addr add 10.0.3.1 dev $IFNAME
274			\& ip route add 10.0.0.0/16 dev $IFNAME
275			.Ve
276			.PP
277			This script will give each node a different \s-1IP\s0 address in the \f(CW\(C`10.0/16\(C'\fR
278			network. The internal network (e.g. the \f(CW\(C`eth0\(C'\fR interface) should then be
279			set to a subset of that network, e.g. \f(CW\(C`10.0.1.0/24\(C'\fR on node \f(CW\(C`first\(C'\fR,
280			\&\f(CW\(C`10.0.2.0/24\(C'\fR on node \f(CW\(C`second\(C'\fR, and so on.
281			.PP
282			By enabling routing on the gateway host that runs \f(CW\(C`gvpe\(C'\fR all nodes will
283			be able to reach the other nodes. You can, of course, also use proxy arp
284			or other means of pseudo-bridging (or even real briding), or (best) full
285			routing \- the choice is yours.
286			.Sh "\s-1STEP\s0 2: create the \s-1RSA\s0 key pairs for all hosts"
287			.IX Subsection "STEP 2: create the RSA key pairs for all hosts"
288			Run the following command to generate all key pairs (that might take a
289			while):
290			.PP
291			.Vb 1
292			\& gvpectrl -c /etc/gvpe -g
293			.Ve
294			.PP
295			This command will put the public keys into \f(CW\(C`/etc/gvpe/pubkeys/\f(CInodename\f(CW\(C'\fR and the private keys into \f(CW\(C`/etc/gvpe/hostkeys/\f(CInodename\f(CW\(C'\fR.
296			.Sh "\s-1STEP\s0 3: distribute the config files to all nodes"
297			.IX Subsection "STEP 3: distribute the config files to all nodes"
298			Now distribute the config files to the other nodes. This should be done in two steps, since the
299			private keys should not be distributed. The example uses rsync-over-ssh
300			.PP
301			First all the config files without the hostkeys should be distributed:
302			.PP
303			.Vb 3
304			\& rsync -avzessh /etc/gvpe first.example.net:/etc/. --exclude hostkeys
305			\& rsync -avzessh /etc/gvpe 133.55.82.9:/etc/. --exclude hostkeys
306			\& rsync -avzessh /etc/gvpe third.example.net:/etc/. --exclude hostkeys
307			.Ve
308			.PP
309			Then the hostkeys should be copied:
310			.PP
311			.Vb 3
312			\& rsync -avzessh /etc/gvpe/hostkeys/first first.example.net:/etc/hostkey
313			\& rsync -avzessh /etc/gvpe/hostkeys/second 133.55.82.9:/etc/hostkey
314			\& rsync -avzessh /etc/gvpe/hostkeys/third third.example.net:/etc/hostkey
315			.Ve
316			.PP
317			You should now check the configration by issuing the command \f(CW\*(C`gvpectrl \-c
318			/etc/gvpe \-s\*(C'\fR on each node and verify it's output.
319			.Sh "\s-1STEP\s0 4: starting gvpe"
320			.IX Subsection "STEP 4: starting gvpe"
321			You should then start gvpe on each node by issuing a command like:
322			.PP
323			.Vb 1
324			\& gvpe -D -linfo first # first is the nodename
325			.Ve
326			.PP
327			This will make the gvpe stay in foreground. You should then see
328			\&\(L"connection established\(R" messages. If you don't see them check your
329			firewall and routing (use tcpdump ;).
330			.PP
331			If this works you should check your networking setup by pinging various
332			endpoints.
333			.PP
334			To make gvpe run more permanently you can either run it as a daemon
335			(by starting it without the \f(CW\(C`\-D\(C'\fR switch), or, much better, from your
336			inittab. I use a line like this on my systems:
337			.PP
338			.Vb 1
339			\& t1:2345:respawn:/opt/gvpe/sbin/gvpe -D -L first >/dev/null 2>&1
340			.Ve
341			.Sh "\s-1STEP\s0 5: enjoy"
342			.IX Subsection "STEP 5: enjoy"
343			\&... and play around. Sending a \-HUP (\f(CW\(C`gvpectrl \-kHUP\(C'\fR) to the daemon
344			will make it try to connect to all other nodes again. If you run it from
345			inittab, as is recommended, \f(CW\(C`gvpectrl \-k\(C'\fR (or simply \f(CW\(C`killall gvpe\(C'\fR) will
346			kill the daemon, start it again, making it read it's configuration files
347			again.
348			.SH "SEE ALSO"
349			.IX Header "SEE ALSO"
350			\&\fIgvpe.osdep\fR\\|(5) for OS-depedendent information, \fIgvpe.conf\fR\\|(5), \fIgvpectrl\fR\\|(8), and
351			for a description of the protocol and routing algorithms, \fIgvpe.protocol\fR\\|(7).
352			.SH "AUTHOR"
353			.IX Header "AUTHOR"
354			Marc Lehmann <gvpe@plan9.de>
355			.SH "COPYRIGHTS AND LICENSES"
356			.IX Header "COPYRIGHTS AND LICENSES"
357			\&\s-1GVPE\s0 itself is distributed under the \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0 (see the file
358			\&\s-1COPYING\s0 that should be part of your distribution).
359			.PP
360			In some configurations it uses modified versions of the tinc vpn suite,
361			which is also available under the \s-1GENERAL\s0 \s-1PUBLIC\s0 \s-1LICENSE\s0.