Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
R
re6stnet
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boris Kocherov
re6stnet
Commits
1257f36c
Commit
1257f36c
authored
Feb 26, 2015
by
Julien Muchembled
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Some network option should be the same everywhere so move them to the registry
parent
ef5401a4
Changes
15
Hide whitespace changes
Inline
Side-by-side
Showing
15 changed files
with
60 additions
and
62 deletions
+60
-62
demo/m1/re6stnet.conf
demo/m1/re6stnet.conf
+0
-3
demo/m2/re6stnet.conf
demo/m2/re6stnet.conf
+0
-3
demo/m3/re6stnet.conf
demo/m3/re6stnet.conf
+0
-3
demo/m4/re6stnet.conf
demo/m4/re6stnet.conf
+0
-3
demo/m5/re6stnet.conf
demo/m5/re6stnet.conf
+0
-1
demo/m6/re6stnet.conf
demo/m6/re6stnet.conf
+0
-3
demo/m7/re6stnet.conf
demo/m7/re6stnet.conf
+0
-3
demo/m8/re6stnet.conf
demo/m8/re6stnet.conf
+0
-1
demo/registry/re6st-registry.conf
demo/registry/re6st-registry.conf
+3
-0
demo/registry/re6stnet.conf
demo/registry/re6stnet.conf
+0
-3
re6st-registry
re6st-registry
+25
-0
re6st/plib.py
re6st/plib.py
+2
-2
re6st/registry.py
re6st/registry.py
+3
-1
re6st/tunnel.py
re6st/tunnel.py
+11
-9
re6stnet
re6stnet
+16
-27
No files found.
demo/m1/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,12 +2,9 @@ log m1/
state
m1
/
babel
-
pidfile
m1
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m1
/
cert
.
crt
key
m1
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
neighbour
6
/
16
demo/m2/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,11 +2,8 @@ log m2/
state
m2
/
babel
-
pidfile
m2
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m2
/
cert
.
crt
key
m2
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
demo/m3/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,11 +2,8 @@ log m3/
state
m3
/
babel
-
pidfile
m3
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m3
/
cert
.
crt
key
m3
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
demo/m4/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,11 +2,8 @@ log m4/
state
m4
/
babel
-
pidfile
m4
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m4
/
cert
.
crt
key
m4
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
demo/m5/re6stnet.conf
View file @
1257f36c
log
m5
/
state
m5
/
babel
-
pidfile
m5
/
babeld
.
pid
hello
4
ca
ca
.
crt
cert
m5
/
cert
.
crt
key
m5
/
cert
.
key
...
...
demo/m6/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,14 +2,11 @@ log m6/
state
m6
/
babel
-
pidfile
m6
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m6
/
cert
.
crt
key
m6
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
# TODO: Run a DHCPv4 client on machine9. Unfortunately, isc-dhcp-client 4.2.4
# fails with "Bind socket to interface: No such device"
daemon
"exec dnsmasq -d8 - -i $re6stnet_iface -F 192.168.42.2,192.168.42.254,255.255.255.0,infinite -F ${re6stnet_subnet%/*},ra-only,${re6stnet_subnet#*/},1d -O option:router,192.168.42.1 -l m6/dnsmasq.leases"
demo/m7/re6stnet.conf
View file @
1257f36c
...
...
@@ -2,11 +2,8 @@ log m7/
state
m7
/
babel
-
pidfile
m7
/
babeld
.
pid
pp
1194
tcp
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
m7
/
cert
.
crt
key
m7
/
cert
.
key
table
0
client
-
count
2
tunnel
-
refresh
100
demo/m8/re6stnet.conf
View file @
1257f36c
log
m8
/
state
m8
/
babel
-
pidfile
m8
/
babeld
.
pid
hello
4
ca
ca
.
crt
cert
m8
/
cert
.
crt
key
m8
/
cert
.
key
...
...
demo/registry/re6st-registry.conf
View file @
1257f36c
ca
ca
.
crt
key
registry
/
ca
.
key
logfile
registry
/
registry
.
log
hello
4
client
-
count
2
tunnel
-
refresh
100
demo/registry/re6stnet.conf
View file @
1257f36c
log
registry
/
state
registry
/
babel
-
pidfile
registry
/
babeld
.
pid
hello
4
dh
dh2048
.
pem
ca
ca
.
crt
cert
registry
/
cert
.
crt
key
registry
/
cert
.
key
gateway
client
-
count
2
tunnel
-
refresh
100
re6st-registry
View file @
1257f36c
...
...
@@ -92,6 +92,28 @@ def main():
_
(
'--min-protocol'
,
default
=
version
.
min_protocol
,
type
=
int
,
help
=
"Reject nodes that are too old. Current is %s."
%
version
.
protocol
)
_
=
parser
.
add_argument_group
(
'routing'
).
add_argument
_
(
'--hello'
,
type
=
int
,
default
=
15
,
help
=
"Hello interval in seconds, for both wired and wireless"
" connections. OpenVPN ping-exit option is set to 4 times the"
" hello interval. It takes between 3 and 4 times the"
" hello interval for Babel to re-establish connection with a"
" node for which the direct connection has been cut."
)
_
=
parser
.
add_argument_group
(
'tunnelling'
).
add_argument
_
(
'--encrypt'
,
action
=
'store_true'
,
help
=
'Specify that tunnels should be encrypted.'
)
_
(
'--client-count'
,
default
=
10
,
type
=
int
,
help
=
"Number of client tunnels to set up."
)
_
(
'--max-clients'
,
type
=
int
,
help
=
"Maximum number of accepted clients per OpenVPN server. (default:"
" client-count * 2, which actually represents the average number"
" of tunnels to other peers)"
)
_
(
'--tunnel-refresh'
,
default
=
300
,
type
=
int
,
help
=
"Interval in seconds between two tunnel refresh: the worst"
" tunnel is closed if the number of client tunnels has reached"
" its maximum number (client-count)."
)
config
=
parser
.
parse_args
()
if
not
version
.
min_protocol
<=
config
.
min_protocol
<=
version
.
protocol
:
...
...
@@ -100,6 +122,9 @@ def main():
utils
.
setupLog
(
config
.
verbose
,
config
.
logfile
)
if
config
.
max_clients
is
None
:
config
.
max_clients
=
config
.
client_count
*
2
server
=
registry
.
RegistryServer
(
config
)
def
requestHandler
(
request
,
client_address
,
_
):
RequestHandler
(
request
,
client_address
,
server
)
...
...
re6st/plib.py
View file @
1257f36c
...
...
@@ -61,7 +61,7 @@ def client(iface, address_list, encrypt, *args, **kw):
def
router
(
subnet
,
hello_interval
,
table
,
log_path
,
state_path
,
pidfile
,
tunnel_interfaces
,
control_socket
,
*
args
,
**
kw
):
tunnel_interfaces
,
control_socket
,
default
,
*
args
,
**
kw
):
s
=
utils
.
ipFromBin
(
subnet
)
n
=
len
(
subnet
)
cmd
=
[
'babeld'
,
...
...
@@ -71,7 +71,7 @@ def router(subnet, hello_interval, table, log_path, state_path, pidfile,
'-S'
,
state_path
,
'-I'
,
pidfile
,
'-s'
,
'-C'
,
'default
max-rtt-penalty 5000 rtt-max 500 rtt-decay 125'
,
'-C'
,
'default
'
+
default
,
'-C'
,
'redistribute local deny'
,
'-C'
,
'redistribute ip %s/%u eq %u'
%
(
s
,
n
,
n
),
'-C'
,
'redistribute deny'
]
...
...
re6st/registry.py
View file @
1257f36c
...
...
@@ -99,10 +99,12 @@ class RegistryServer(object):
def
updateNetworkConfig
(
self
):
kw
=
{
'babel_default'
:
'max-rtt-penalty 5000 rtt-max 500 rtt-decay 125'
,
'protocol'
:
version
.
protocol
,
'registry_prefix'
:
self
.
prefix
,
}
for
x
in
'min_protocol'
,:
for
x
in
(
'client_count'
,
'encrypt'
,
'hello'
,
'max_clients'
,
'min_protocol'
,
'tunnel_refresh'
):
kw
[
x
]
=
getattr
(
self
.
config
,
x
)
config
=
json
.
dumps
(
kw
,
sort_keys
=
True
)
if
config
!=
self
.
getConfig
(
'last_config'
,
None
):
...
...
re6st/tunnel.py
View file @
1257f36c
...
...
@@ -6,8 +6,6 @@ from . import ctl, plib, utils, version, x509
PORT
=
326
# Be careful the refresh interval should let the routes be established
class
MultiGatewayManager
(
dict
):
...
...
@@ -165,7 +163,7 @@ class BaseTunnelManager(object):
# TODO: To minimize downtime when network parameters change, we should do
# our best to not restart any process. Ideally, this list should be
# empty and the affected subprocesses reloaded.
NEED_RESTART
=
frozenset
()
NEED_RESTART
=
frozenset
(
(
'babel_default'
,
'encrypt'
,
'hello'
)
)
_forward
=
None
...
...
@@ -425,13 +423,14 @@ class BaseTunnelManager(object):
class
TunnelManager
(
BaseTunnelManager
):
NEED_RESTART
=
BaseTunnelManager
.
NEED_RESTART
.
union
((
'client_count'
,
'max_clients'
,
'tunnel_refresh'
))
def
__init__
(
self
,
control_socket
,
cache
,
cert
,
cert_renew
,
openvpn_args
,
timeout
,
refresh
,
client_count
,
iface_list
,
address
,
ip_changed
,
encrypt
,
remote_gateway
,
disable_proto
,
neighbour_list
=
()):
timeout
,
client_count
,
iface_list
,
address
,
ip_changed
,
remote_gateway
,
disable_proto
,
neighbour_list
=
()):
super
(
TunnelManager
,
self
).
__init__
(
cache
,
cert
,
cert_renew
,
address
)
self
.
ctl
=
ctl
.
Babel
(
control_socket
,
weakref
.
proxy
(
self
),
self
.
_network
)
self
.
encrypt
=
encrypt
self
.
ovpn_args
=
openvpn_args
self
.
timeout
=
timeout
# Create and open read_only pipe to get server events
...
...
@@ -440,7 +439,6 @@ class TunnelManager(BaseTunnelManager):
self
.
_disconnected
=
0
self
.
_distant_peers
=
[]
self
.
_iface_to_prefix
=
{}
self
.
_refresh_time
=
refresh
self
.
_iface_list
=
iface_list
self
.
_ip_changed
=
ip_changed
self
.
_gateway_manager
=
MultiGatewayManager
(
remote_gateway
)
\
...
...
@@ -457,8 +455,12 @@ class TunnelManager(BaseTunnelManager):
for
i
in
xrange
(
1
,
self
.
_client_count
+
1
))
self
.
_free_iface_list
=
[]
@
property
def
encrypt
(
self
):
return
self
.
cache
.
encrypt
def
resetTunnelRefresh
(
self
):
self
.
_next_tunnel_refresh
=
time
.
time
()
+
self
.
_refresh_time
self
.
_next_tunnel_refresh
=
time
.
time
()
+
self
.
cache
.
tunnel_refresh
def
_tuntap
(
self
,
iface
=
None
):
if
iface
:
...
...
re6stnet
View file @
1257f36c
...
...
@@ -59,12 +59,6 @@ def getConfig():
_
(
'--control-socket'
,
metavar
=
'CTL_SOCK'
,
default
=
ctl
.
SOCK_PATH
,
help
=
"Socket path to use for communication between re6stnet and babeld"
" (option -R of Babel)."
)
_
(
'--hello'
,
type
=
int
,
default
=
15
,
help
=
"Hello interval in seconds, for both wired and wireless"
" connections. OpenVPN ping-exit option is set to 4 times the"
" hello interval. It takes between 3 and 4 times the"
" hello interval for Babel to re-establish connection with a"
" node for which the direct connection has been cut."
)
_
(
'--table'
,
type
=
int
,
default
=
42
,
help
=
"Use given table id. Set 0 to use the main table, if you want to"
" access internet via this network (in this case, make sure you"
...
...
@@ -80,8 +74,6 @@ def getConfig():
" subprocesses. Often used to configure verbosity."
)
_
(
'--ovpnlog'
,
action
=
'store_true'
,
help
=
"Tell each OpenVPN subprocess to log to a dedicated file."
)
_
(
'--encrypt'
,
action
=
'store_true'
,
help
=
'Specify that tunnels should be encrypted.'
)
_
(
'--pp'
,
nargs
=
2
,
action
=
'append'
,
metavar
=
(
'PORT'
,
'PROTO'
),
help
=
"Port and protocol to be announced to other peers, ordered by"
" preference. For each protocol (udp, tcp, udp6, tcp6), start one"
...
...
@@ -95,16 +87,12 @@ def getConfig():
" Common name defines the allocated prefix in the network."
)
_
(
'--key'
,
required
=
True
,
help
=
"Local peer's private key in .pem format."
)
_
(
'--client-count'
,
default
=
10
,
type
=
int
,
help
=
"Number of client tunnels to set up."
)
_
(
'--client-count'
,
type
=
int
,
help
=
"Number of client tunnels to set up."
" (default: value from registry)"
)
_
(
'--max-clients'
,
type
=
int
,
help
=
"Maximum number of accepted clients per OpenVPN server. (default:"
" client-count * 2, which actually represents the average number"
" of tunnels to other peers)"
)
_
(
'--tunnel-refresh'
,
default
=
300
,
type
=
int
,
help
=
"Interval in seconds between two tunnel refresh: the worst"
" tunnel is closed if the number of client tunnels has reached"
" its maximum number (client-count)."
)
help
=
"Maximum number of accepted clients per OpenVPN server."
" (default: value from registry)"
)
_
(
'--remote-gateway'
,
action
=
'append'
,
dest
=
'gw_list'
,
help
=
"Force each tunnel to be created through one the given gateways,"
" in a round-robin fashion."
)
...
...
@@ -145,10 +133,13 @@ def main():
exit
.
signal
(
-
1
,
signal
.
SIGHUP
,
signal
.
SIGUSR2
)
next_renew
=
cert
.
maybeRenew
(
config
.
registry
)
cache
=
Cache
(
db_path
,
config
.
registry
,
cert
)
network
=
cert
.
network
if
config
.
client_count
is
None
:
config
.
client_count
=
cache
.
client_count
if
config
.
max_clients
is
None
:
config
.
max_clients
=
c
onfig
.
client_count
*
2
config
.
max_clients
=
c
ache
.
max_clients
if
'none'
in
config
.
disable_proto
:
config
.
disable_proto
=
()
...
...
@@ -253,15 +244,13 @@ def main():
# Init db and tunnels
tunnel_interfaces
=
server_tunnels
.
keys
()
timeout
=
4
*
config
.
hello
cache
=
Cache
(
db_path
,
config
.
registry
,
cert
)
timeout
=
4
*
cache
.
hello
cleanup
=
[
lambda
:
cache
.
cacheMinimize
(
config
.
client_count
)]
if
config
.
client_count
and
not
config
.
client
:
tunnel_manager
=
tunnel
.
TunnelManager
(
config
.
control_socket
,
cache
,
cert
,
next_renew
,
config
.
openvpn_args
,
timeout
,
config
.
tunnel_refresh
,
config
.
client_count
,
config
.
iface_list
,
address
,
ip_changed
,
config
.
encrypt
,
remote_gateway
,
config
.
disable_proto
,
config
.
neighbour
)
config
.
client_count
,
config
.
iface_list
,
address
,
ip_changed
,
remote_gateway
,
config
.
disable_proto
,
config
.
neighbour
)
tunnel_interfaces
+=
tunnel_manager
.
new_iface_list
write_pipe
=
tunnel_manager
.
write_pipe
else
:
...
...
@@ -293,13 +282,13 @@ def main():
sys
.
exit
(
"error: --disable_proto option disables"
" all addresses given by --client"
)
cleanup
.
append
(
plib
.
client
(
're6stnet'
,
address_list
,
c
onfig
.
encrypt
,
'--ping-restart'
,
address_list
,
c
ache
.
encrypt
,
'--ping-restart'
,
str
(
timeout
),
*
config
.
openvpn_args
).
stop
)
elif
server_tunnels
:
required
(
'dh'
)
for
iface
,
(
port
,
proto
)
in
server_tunnels
.
iteritems
():
cleanup
.
append
(
plib
.
server
(
iface
,
config
.
max_clients
,
config
.
dh
,
write_pipe
,
port
,
proto
,
c
onfig
.
encrypt
,
config
.
dh
,
write_pipe
,
port
,
proto
,
c
ache
.
encrypt
,
'--ping-exit'
,
str
(
timeout
),
*
config
.
openvpn_args
).
stop
)
ip
(
'addr'
,
my_ip
,
'dev'
,
config
.
main_interface
)
...
...
@@ -356,11 +345,11 @@ def main():
ip
(
'route'
,
'unreachable'
,
*
x
)
config
.
babel_args
+=
config
.
iface_list
cleanup
.
append
(
plib
.
router
(
subnet
,
c
onfig
.
hello
,
config
.
table
,
cleanup
.
append
(
plib
.
router
(
subnet
,
c
ache
.
hello
,
config
.
table
,
os
.
path
.
join
(
config
.
log
,
'babeld.log'
),
os
.
path
.
join
(
config
.
state
,
'babeld.state'
),
config
.
babel_pidfile
,
tunnel_interfaces
,
config
.
control_socket
,
config
.
control_socket
,
cache
.
babel_default
,
*
config
.
babel_args
).
stop
)
if
config
.
up
:
exit
.
release
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment