wiki:Internal/SESMF

Current Demo Setup for SES and MF

Networks

  • Satelite link
    • Each machine connected directly to a sat modem has a /30 public ip, with the modem as gateway. Some L2 packets appear to pass, but not reliably? To compensate, L2TP tunnels are used.
    • SES_SAT is the tunnel interface, between each site and landing1.orbit-lab.org.
    • This tunnel is bridged to vlan 31, outdoor data, on landing1.
  • Terrestrial link
    • This link operates over the public internet. In order to pass L2 traffic, an L2TP tunnel to landing1.orbit-lab.org is used.
    • This tunnel is bridged to vlan 3701, GENI MF, on landing1.

Topology

SES1 in princeton has one satelite and one ground link. There is an l2 tunnel over each of these to landing1, at winlab.

Node4-3 and mf1 at winlab, each have one interface on each bridged vlan.

Traffic for satellite will thus travel over the public internet to the ground station, then over the sat link to SES1.

KEYS

SSH key based authentication is set up for SES1 and SES2 machines. The keys are in /home/native/.ssh on machine mf1, and in /root/SES_KEYS on remote-l.

Machines

  • node4-3.outdoor.orbit-lab.org
    • Eth0: Outdoor data, 10.41.4.3/16
    • Eth0.3701: MF vlan, bridged to geni sites, 10.100.200.53/16
    • Eth1: Outdoor Control, 10.40.4.3/16
    • Eth2: Direct connection to satelite modem port 1, 216.226.242.246/30
  • mf1.outdoor.orbit-lab.org
    • em1: was direct connection to sat modem, currently disconnected.
    • em2: outdoor control, 10.40.0.53/16
    • p2p1: Geni MF vlan, 3701. Terrestrial tunnel Link, 10.100.200.54/16
    • p2p2: Outdoor data, vlan 31, sat tunnel link, 10.41.200.54/16
  • ses1: Princeton remote machine
    • em1: sat link
      • ip: 216.226.242.242/30
    • em2: public internet link
      • ip: 23.24.73.161
    • ses_ground: tunnel for ground link, over em2
      • ip: 10.100.200.55/16
    • ses_sat: tunnel for sat link, over em1
      • 10.41.200.55/16
    • Scripts:
      • Routing tables have been changed to allow two tunnels. There is an additonal table, sat. This table has one rule, that for traffic from 216.226.242.242 to landing1, it should go via the sat modem. It is added to the ip rules just before the main table.
      • To view routes, type ip r show
      • native@ses1:~$ ip r show
        default via 23.24.73.166 dev em2 
        10.41.0.0/16 dev ses_sat  proto kernel  scope link  src 10.41.200.55 
        10.100.0.0/16 dev ses_ground  proto kernel  scope link  src 10.100.200.55 
        23.24.73.160/29 dev em2  proto kernel  scope link  src 23.24.73.161 
        128.6.192.147 via 23.24.73.166 dev em2  src 23.24.73.161 
        192.168.14.0/24 dev veth1  proto kernel  scope link  src 192.168.14.4 
        192.168.14.0/24 dev veth2  proto kernel  scope link  src 192.168.14.101 
        216.226.242.240/30 dev em1  proto kernel  scope link  src 216.226.242.242 
        
      • To view extra table, type ip r show table sat
      • native@ses1:~$ ip r show table sat
        128.6.192.147 via 216.226.242.241 dev em1 
        
      • To show rules, type ip rule show
      • native@ses1:~$ ip rule show
        0:	from all lookup local 
        32765:	from 216.226.242.242 lookup sat 
        32766:	from all lookup main 
        32767:	from all lookup default 
        
    • Tunnel setup
      • In native's home directory, there is a file tunnel.sh
      • This runs on boot, and sets up both L2TP tunnels to landing1, as well as routes.
      • This script is symlinked to from /etc/init.d and was set to run on boot with update-rc.d tunnel defaults
      • Contents of script:
        #!/bin/bash
        
        #sets up tunnel via terrestrial link
        #remote ip for landing 1 is 128.6.192.147
        #local IP for ses1 is ???.???.???.???
        #ip address for tunnel to MF at Winlab is 
        #mf1.outdoor.orbit-lab.org 10.41.0.54
        #ses1 10.41.0.55
        #ses2 10.41.0.56
        
        modprobe l2tp_eth
        #ground
        ip l2tp del tunnel tunnel_id 1
        ip l2tp add tunnel remote 128.6.192.147 local 23.24.73.161 \
        	tunnel_id 1 peer_tunnel_id 5 udp_sport 3004 udp_dport 3004 encap udp
        ip l2tp add session name ses_ground \
        	tunnel_id 1 session_id 1 peer_session_id 1
        ip link set ses_ground up mtu 1500
        ip r add 128.6.192.147 via 23.24.73.166
        ip addr add 10.100.200.55/16 dev ses_ground
        ping 10.100.200.53 -c 10
        
        #satelite
        ip l2tp del tunnel tunnel_id 2
        ip l2tp add tunnel remote 128.6.192.147 local 216.226.242.242 \
        	tunnel_id 2 peer_tunnel_id 6 udp_sport 3005 udp_dport 3005 encap udp
        ip l2tp add session name ses_sat \
        	tunnel_id 2 session_id 1 peer_session_id 1
        ip link set ses_sat up mtu 1500
        ip route add 128.6.192.147 via 216.226.242.241 table sat
        ip rule add from 216.226.242.242/32 table sat
        
        #ip r add 128.6.192.147 via 216.226.242.241
        
        #ip addr add 10.100.200.55/16 dev ses_ground
        #ping 10.100.200.54 -c 10
        

Desired Final Configuration

Sites

There will be 4 sites.

Location Sat IP Ground IP Description
Woodbine 10.10.0.9/29 216.226.210.34/30 Uplink and core router
Princeton 216.226.242.241/30 23.24.73.161/29 Remote 1
WINLAB 216.226.242.245/30 Private IP on tunnel. Remote 2
iDirect Herndon 216.226.242.249/30 ?? Remote 3

All sites will have a l2tp tunnel over public internet to WINLAB, to be connected to GENI MF vlan. Ideally, all 3 sites will pass L2 broadcast/multicast traffic to each other. While that is in progress, all sites will terminate a L2TP tunnel at Woodbine, over their satellite links.

Idrac: SESwinlab2009

Last modified 19 months ago Last modified on 10/23/17 16:21:08