=== vtund L2TP Connectivity === ==== Installing the Prerequisite Software ==== vtund solution depends on two packages: '''vtun''' - virtual tunnel over TCP/IP, and '''bridge-utils''' - utilities for configuring Ethernet bridging. Both packages can be installed by using your favorite package manager. For example: {{{ apt-get install vtun bridge-utils }}} ==== Seting up the Tunnel ==== [[Image(TunnelConfig.jpg)]] Each tunnel has two servers as shown in Figure 1. landing1.orbit-lab.org is always assumed to be the '''master''' server while the other endpoint server is assumed to be the '''slave'''. Configuration files are somewhat different for the two servers and are described in following sections. ==== Bridge Configuration ==== Bridge interfaces need to be configured on both ends in order to connect LAN segments to the tunnel. This is achieved by creating a bridge and attaching it to the interface facing the internal LAN. The tunnel interface will be added to the bridge by the VTUN daemon once it establishes the tunnel. One way to configure the bridge is to use /etc/network/interfaces configuration file and assign unique addresses on each end. For this example we will configure bridge on the master side with IP address of 10.43.0.253/16 and bridge on the slave side with 10.43.21.253/16 '''/etc/network/interfaces''' on master {{{ iface br0 inet static address 10.43.0.253 netmask 255.255.0.0 bridge_ports eth3 }}} '''/etc/network/interfaces''' on slave {{{ auto br0 iface br0 inet static address 10.43.21.253 netmask 255.255.0.0 bridge_ports eth0 }}} ===== VTUN Master Configuration ===== '''/etc/default/vtun''' {{{ RUN_SERVER=yes SERVER_ARGS="-P 5000" }}} Please note that server port numbers and password have to be coordinated with the Rutgers team. '''/etc/vtund.conf''' {{{ # # VTun - Virtual Tunnel over TCP/IP network. # Copyright (C) 1998-2001 Maxim Krasnyansky #... # Lines which begin with '#' are comments options { port 5000; # Listen on this port. # Syslog facility syslog daemon; # Path to various programs ifconfig /sbin/ifconfig; route /sbin/route; firewall /sbin/iptables; ip /sbin/ip; } default { compress no; encrypt no; speed 0; } slave1 { passwd XXXXXXXXX; type ether; proto udp; keepalive yes; compress no; encrypt no; up { # Connection is Up ifconfig "%% up"; program "brctl addif br0 %%"; }; down { # Connection is Down ifconfig "%% down"; }; } }}} ===== VTUN Slave Configuration ===== '''/etc/default/vtun''' {{{ RUN_SERVER=yes # SERVER_ARGS="-P 5000" CLIENT0_NAME=slave1 CLIENT0_HOST=128.6.192.147 }}} '''/etc/vtund.conf''' {{{ options { # Syslog facility syslog daemon; # Path to various programs ifconfig /sbin/ifconfig; route /sbin/route; firewall /sbin/iptables; ip /sbin/ip; } default { compress no; encrypt no; speed 0; } slave1 { passwd XXXXXXXXXXX; type ether; # Ethernet tunnel up { # Connection is Up ifconfig "%% up"; program "brctl addif br0 %%"; }; down { # Connection is Down ifconfig "%% down"; }; } }}} NOTE: Names of the tunnels have to match on both ends!