… | |
… | |
5 | =head1 DESCRIPTION |
5 | =head1 DESCRIPTION |
6 | |
6 | |
7 | This file tries to capture OS-dependent configuration or build issues, |
7 | This file tries to capture OS-dependent configuration or build issues, |
8 | quirks and platform limitations, as known. |
8 | quirks and platform limitations, as known. |
9 | |
9 | |
10 | =head2 TUN vs. TAP interface |
10 | =head1 TUN vs. TAP interface |
11 | |
11 | |
12 | Most operating systems nowadays support something called a |
12 | Most operating systems nowadays support something called a |
13 | I<tunnel>-device, which makes it possible to divert IPv4 (and often other |
13 | I<tunnel>-device, which makes it possible to divert IPv4 (and often other |
14 | protocols, too) into a userspace daemon like C<gvpe>. This is being |
14 | protocols, too) into a userspace daemon like C<gvpe>. This is being |
15 | referred to as a TUN-device. |
15 | referred to as a TUN-device. |
… | |
… | |
28 | found on a specific host, you will either need to hardwire the MAC address |
28 | found on a specific host, you will either need to hardwire the MAC address |
29 | for TUN-style hosts on all networks (and avoid ARP altogether, which is |
29 | for TUN-style hosts on all networks (and avoid ARP altogether, which is |
30 | possible), or you need to send a packet from these hosts into the vpn |
30 | possible), or you need to send a packet from these hosts into the vpn |
31 | network to tell gvpe the local interface address. |
31 | network to tell gvpe the local interface address. |
32 | |
32 | |
|
|
33 | =head1 Interface Initialisation |
|
|
34 | |
|
|
35 | Unless otherwise notes, the network interface will be initialized with the |
|
|
36 | expected MAC address and correct MTU value. With most interface drivers, |
|
|
37 | this is done by running C</sbin/ifconfig>, so make sure that this command |
|
|
38 | exists. |
|
|
39 | |
|
|
40 | =head1 Interface Types |
|
|
41 | |
33 | =head2 native/linux |
42 | =head2 native/linux |
34 | |
43 | |
35 | TAP-device is already part of the kernel (only 2.4 supported, but see |
44 | TAP-device; already part of the kernel (only 2.4+ supported, but see |
36 | tincd/linux). This is the configuration tested best, as gvpe is being |
45 | tincd/linux). This is the configuration tested best, as gvpe is being |
37 | developed on this platform. |
46 | developed on this platform. |
38 | |
47 | |
39 | To configure the interface, use either iproute2: |
48 | C<ifname> should be set to the name of the network device. |
40 | |
49 | |
41 | ip set $IFNAME address $MAC mtu $MTU up |
|
|
42 | ip addr add $IFNAME 10.11.12.13 |
|
|
43 | ip route add $IFNAME 10.11.12.13/8 |
|
|
44 | |
|
|
45 | Or ifconfig: |
|
|
46 | |
|
|
47 | ifconfig $IFNAME hw ether $MAC mtu $MTU |
|
|
48 | ifconfig $IFNAME 10.11.12.13 netmask 255.0.0.0 |
|
|
49 | |
|
|
50 | To hardwire ARP addresses, use iproute2 (ifconfig can do it, too): |
50 | To hardwire ARP addresses, use iproute2 (C<arp> can do it, too): |
51 | |
51 | |
52 | MAC=fe:fd:80:00:00:$(printf "%02x" $NODEID) |
52 | MAC=fe:fd:80:00:00:$(printf "%02x" $NODEID) |
53 | ip neighbour add 10.11.12.13 lladdr $MAC nud permanent dev $IFNAME |
53 | ip neighbour add 10.11.12.13 lladdr $MAC nud permanent dev $IFNAME |
54 | |
54 | |
55 | =head2 tincd/linux |
55 | =head2 tincd/linux |
56 | |
56 | |
57 | TAP-device is already part of the kernel (2.2 and 2.4 supported, only 2.4 |
57 | TAP-device; already part of the kernel (2.2 only). See |
58 | tested). See C<native/linux> for more info. |
58 | C<native/linux> for more info. |
|
|
59 | |
|
|
60 | C<ifname> should be set to the path of a tap device, |
|
|
61 | e.g. C</dev/tap0>. The interface will be named accordingly. |
59 | |
62 | |
60 | =head2 native/cygwin |
63 | =head2 native/cygwin |
61 | |
64 | |
62 | TAP-device. The MAC need not be set (and in fact I<cannot> be set). The |
65 | TAP-device; The TAP device to be used must either be the CIPE driver |
|
|
66 | (C<http://cipe-win32.sourceforge.net/>), or (highly recommended) the newer |
|
|
67 | TAP-Win32 driver bundled with openvpn (http://openvpn.sf.net/). Just |
|
|
68 | download and run the openvpn installer. The only option you need to select |
|
|
69 | is the TAP driver. |
|
|
70 | |
|
|
71 | C<ifname> should be set to the name of the device, found in the registry |
|
|
72 | at (no kidding :): |
|
|
73 | |
|
|
74 | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\<adapterid>\Connection\Name |
|
|
75 | |
63 | MAC address is dynamically beign patched into packets and ARP-requests, so |
76 | The MAC address is dynamically being patched into packets and |
64 | only IPv4 works with ARP on this platform. |
77 | ARP-requests, so only IPv4 works with ARP on this platform. |
65 | |
78 | |
66 | The TAP device to be used must either be the CIPE driver |
79 | =head2 tincd/bsd |
67 | (C<http://cipe-win32.sourceforge.net/>), or the newer TAP-Win32 driver |
80 | |
68 | bundled with openvpn (http://openvpn.sf.net/). Just download and run the |
81 | TAP-device, maybe; migth work for many bsd variants. |
69 | openvpn installer. The only option you need to select is the TAP driver. |
82 | |
|
|
83 | This driver is a newer version of the C<tincd/*bsd> drivers. It I<might> |
|
|
84 | provide a TAP device, or might not work at all. You might try this |
|
|
85 | interface type first, and, if it doesn't work, try one of the OS-specific |
|
|
86 | drivers. |
70 | |
87 | |
71 | =head2 tincd/freebsd |
88 | =head2 tincd/freebsd |
72 | |
89 | |
73 | TAP-device is part of kernel (since 4.x, maybe earlier). To initialize the |
90 | TAP-device; part of the kernel (since 4.x, maybe earlier). |
74 | interface, use this command: |
|
|
75 | |
91 | |
76 | ifconfig $IFNAME ether $MAC mtu $MTU up |
92 | C<ifname> should be set to the path of a tap device, |
|
|
93 | e.g. C</dev/tap0>. The interface will be named accordingly. |
|
|
94 | |
|
|
95 | These commands might be helpful examples: |
|
|
96 | |
|
|
97 | ifconfig $IFNAME 10.0.0.$NODEID |
|
|
98 | route add -net 10.0.0.0 -netmask 255.255.255.0 -interface $IFNAME 10.0.0.$NODEID |
77 | |
99 | |
78 | =head2 tincd/netbsd |
100 | =head2 tincd/netbsd |
79 | |
101 | |
80 | TUN-device. The interface is a point to point-device. To initialize it, |
102 | TUN-device; The interface is a point-to-point device. To initialize it, |
81 | you currently need to configure it as such, giving it an address on your |
103 | you currently need to configure it as a point-to-point device, giving it |
82 | vpn (the exact address doesn't matter), like this: |
104 | an address on your vpn (the exact address doesn't matter), like this: |
83 | |
105 | |
84 | ifconfig $IFNAME mtu $MTU up |
106 | ifconfig $IFNAME mtu $MTU up |
85 | ifconfig $IFNAME 10.11.12.13 10.55.66.77 |
107 | ifconfig $IFNAME 10.11.12.13 10.55.66.77 |
86 | route add -net 10.0.0.0 10.55.66.77 255.0.0.0 |
108 | route add -net 10.0.0.0 10.55.66.77 255.0.0.0 |
87 | ping -c1 10.55.66.77 # ping once to tell gvpe your gw ip |
109 | ping -c1 10.55.66.77 # ping once to tell gvpe your gw ip |
88 | |
110 | |
|
|
111 | The ping is required to tell the ARP emulator inside GVPE the local IP |
|
|
112 | address. |
|
|
113 | |
|
|
114 | C<ifname> should be set to the path of a tun device, |
|
|
115 | e.g. C</dev/tun0>. The interface will be named accordingly. |
|
|
116 | |
89 | =head2 tincd/openbsd |
117 | =head2 tincd/openbsd |
90 | |
118 | |
91 | TUN-device is already part of the kernel. See C<tincd/netbsd> for more information. |
119 | TUN-device; already part of the kernel. See C<tincd/netbsd> for more information. |
|
|
120 | |
|
|
121 | =head2 native/darwin |
|
|
122 | |
|
|
123 | TAP-device; |
|
|
124 | |
|
|
125 | The necessary kernel extension can be found here: |
|
|
126 | |
|
|
127 | http://www-user.rhrk.uni-kl.de/~nissler/tuntap/ |
|
|
128 | |
|
|
129 | There are two drivers, the one to use is the "tap" driver. It driver must |
|
|
130 | be loaded before use, read the docs on how to install it as a startup |
|
|
131 | item. |
|
|
132 | |
|
|
133 | C<ifname> should be set to the path of a tap device, |
|
|
134 | e.g. C</dev/tap0>. The interface will be named accordingly. |
|
|
135 | |
|
|
136 | These commands might be helpful examples: |
|
|
137 | |
|
|
138 | ifconfig $IFNAME 10.0.0.$NODEID |
|
|
139 | route add -net 10.0.0.0 -interface $IFNAME 255.255.255.0 |
92 | |
140 | |
93 | =head2 tincd/darwin |
141 | =head2 tincd/darwin |
94 | |
142 | |
95 | TUN-device. See C<tincd/netbsd> for more information. |
143 | TUN-device; See C<tincd/netbsd> for more information. C<native/darwin> is |
|
|
144 | preferable. |
96 | |
145 | |
97 | The necessary kernel extension can be found here: |
146 | The necessary kernel extension can be found here: |
98 | |
147 | |
99 | http://chrisp.de/en/projects/tunnel.html |
148 | http://chrisp.de/en/projects/tunnel.html |
100 | |
149 | |
|
|
150 | C<ifname> should be set to the path of a tun device, |
|
|
151 | e.g. C</dev/tun0>. The interface will be named accordingly. |
|
|
152 | |
|
|
153 | The driver must be loaded before use: |
|
|
154 | |
|
|
155 | kmodload tunnel |
|
|
156 | |
101 | =head2 tincd/solaris |
157 | =head2 tincd/solaris |
102 | |
158 | |
103 | TUN-device is already part of the kernel. see C<tincd/netbsd> for more information. Completey untested so far. |
159 | TUN-device; already part of the kernel(?), or available here: |
|
|
160 | |
|
|
161 | http://vtun.sourceforge.net/tun/ |
|
|
162 | |
|
|
163 | Some precompiled tun drivers might be available here: |
|
|
164 | |
|
|
165 | http://www.monkey.org/~dugsong/fragroute/ |
|
|
166 | |
|
|
167 | The interface MAC and MTU are I<NOT> set up for you. Please try it out and |
|
|
168 | send me an C<ifconfig> command invocation that does that. |
|
|
169 | |
|
|
170 | See C<tincd/netbsd> for more information. |
|
|
171 | |
|
|
172 | Completely unstested so far. |
104 | |
173 | |
105 | =head2 tincd/mingw |
174 | =head2 tincd/mingw |
106 | |
175 | |
107 | TAP-device, see C<native/cygwin> for more information. Completey untested so far. |
176 | TAP-device; see C<native/cygwin> for more information. |
|
|
177 | |
|
|
178 | The setup is likely to be similar to C<native/cygwin>. |
|
|
179 | |
|
|
180 | Completely untested so far. |
|
|
181 | |
|
|
182 | =head2 tincd/raw_socket |
|
|
183 | |
|
|
184 | TAP-device; purpose unknown and untested, probably binds itself on an |
|
|
185 | existing ethernet device (given by C<ifname>). It must be down prior to |
|
|
186 | running the command, and GVPE will try to set it's MAC address and MTU to |
|
|
187 | the "correct" values. |
|
|
188 | |
|
|
189 | Completely untested so far. |
|
|
190 | |
|
|
191 | =head2 tincd/uml_socket |
|
|
192 | |
|
|
193 | TAP-device; purpose unknown and untested, probably creates a unix datagram |
|
|
194 | socket (path given by C<ifname>) and reads and writes raw packets, so |
|
|
195 | might be useful in other than UML contexts. |
|
|
196 | |
|
|
197 | No network interface is created, and the MAC and MTU must be set as |
|
|
198 | approriate on the other side of the socket. GVPE will exit if the MAC |
|
|
199 | address doesn't match what it expects. |
|
|
200 | |
|
|
201 | Completely untested so far. |
108 | |
202 | |
109 | =head2 tincd/cygwin |
203 | =head2 tincd/cygwin |
110 | |
204 | |
111 | Known to be broken. |
205 | Known to be broken, use C<native/cygwin> instead. |
112 | |
|
|
113 | |
206 | |
114 | =head1 SEE ALSO |
207 | =head1 SEE ALSO |
115 | |
208 | |
116 | gvpe(5). |
209 | gvpe(5). |
117 | |
210 | |