public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed
From: Alan Holt <berber.it@gmail•com>
To: Alan Holt <berber.it@gmail•com>, govpn-devel@lists.cypherpunks.ru
Subject: Re: [Govpn-devel] build from last tarball
Date: Thu, 14 May 2015 12:22:48 +0300 [thread overview]
Message-ID: <CAKw30nrBAc7f78EF2MxquDF_WcHYcye1RWS5h9xvqQtdW_Ck_w@mail.gmail.com> (raw)
In-Reply-To: <CAKw30nrPfCQsandKsCKaNVdoniZFcr09wnOBJZ_B8tyUh9n0mw@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 6815 bytes --]
Hello,
I did some tests and I see that pings are ok and I think the speed of
tunnel too.
*GoVPN*
root@farengeit:~# ping 172.16.0.1
PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1.14 ms
64 bytes from 172.16.0.1: icmp_seq=2 ttl=64 time=3.82 ms
64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=4.30 ms
64 bytes from 172.16.0.1: icmp_seq=4 ttl=64 time=2.09 ms
64 bytes from 172.16.0.1: icmp_seq=5 ttl=64 time=2.85 ms
64 bytes from 172.16.0.1: icmp_seq=6 ttl=64 time=1.85 ms
64 bytes from 172.16.0.1: icmp_seq=7 ttl=64 time=3.14 ms
64 bytes from 172.16.0.1: icmp_seq=8 ttl=64 time=1.31 ms
^C
--- 172.16.0.1 ping statistics ---
8 packets transmitted, 8 received, 0% packet loss, time 7018ms
rtt min/avg/max/mdev = 1.143/2.565/4.301/1.080 ms
root@farengeit:~#
root@farengeit:~#
root@farengeit:~#
*PPPD over SSH*
root@farengeit:~# ping 10.0.8.2
PING 10.0.8.2 (10.0.8.2) 56(84) bytes of data.
64 bytes from 10.0.8.2: icmp_seq=1 ttl=64 time=1.56 ms
64 bytes from 10.0.8.2: icmp_seq=2 ttl=64 time=3.76 ms
64 bytes from 10.0.8.2: icmp_seq=3 ttl=64 time=3.53 ms
64 bytes from 10.0.8.2: icmp_seq=4 ttl=64 time=3.71 ms
64 bytes from 10.0.8.2: icmp_seq=5 ttl=64 time=4.35 ms
64 bytes from 10.0.8.2: icmp_seq=6 ttl=64 time=4.03 ms
64 bytes from 10.0.8.2: icmp_seq=7 ttl=64 time=4.08 ms
64 bytes from 10.0.8.2: icmp_seq=8 ttl=64 time=3.75 ms
I should do more test with remote machines.
On Thu, May 14, 2015 at 11:30 AM, Alan Holt <berber.it@gmail•com> wrote:
> Hello,
>
> yes it works fine now.
> In some reason I have high pings:
>
> root@farengeit:~# ping 172.16.0.1
> PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
> 64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1.15 ms
> 64 bytes from 172.16.0.1: icmp_seq=2 ttl=64 time=2.24 ms
> 64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=*4.36* ms
> 64 bytes from 172.16.0.1: icmp_seq=4 ttl=64 time=3.75 ms
> 64 bytes from 172.16.0.1: icmp_seq=5 ttl=64 time=*4.70* ms
> 64 bytes from 172.16.0.1: icmp_seq=6 ttl=64 time=3.76 ms
> 64 bytes from 172.16.0.1: icmp_seq=7 ttl=64 time=*4.39* ms
>
> Both machines are on the same laptop, if you remember
> Also I created user manual.
> I will publish this on my blog too.
>
>
> Example of Usage on Ubuntu 14.04 or Centos 6.6
>
> Both VMs are Ubuntu Server:
>
> *Server EXT IP:* 172.25.60.62
> *Client EXT IP:* 172.25.60.63
>
> *====INSTALLATION PART=====*
>
> Install dependencies:
> # apt-get install uml-utilities
> # apt-get install golang
>
> *====COMPILATION PART=====*
>
> On both *CLIENT *and *SERVER *do:
>
> Download tarball here:
> http://www.cypherpunks.ru/govpn/Prepared-tarballs.html#Prepared-tarballs
>
> Fore example last stable:
> # wget http://www.cypherpunks.ru/govpn/download/govpn-3.2.tar.xz
>
> Extract archive and compile the code
> # tar xvf govpn-3.2.tar.xz
> # cd govpn-3.2
> # mkdir -p peers
> # make
>
> On *SERVER*:
> This is number of CPU's
> # export GOMAXPROC=4
> # cd govpn-3.2
>
> Create new client:
> # ./utils/newclient.sh Alice
> Place verifier to peers/6d4ac605ce8dc37c2f0bf21cb542a713/verifier
>
> 6d4ac605ce8dc37c2f0bf21cb542a713 - This is Client ID
>
> On *CLIENT*:
> # ./utils/storekey.sh /tmp/passphrase
> Enter passphrase:[my secure passphrase is here]
>
> Id - this is number generated on server with script newclient.sh:
> # govpn-verifier -id 6d4ac605ce8dc37c2f0bf21cb542a713 -key /tmp/passphrase
> 562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55
>
> 562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55 - this
> number is verifier
>
> Remove file:
> # rm /tmp/passphrase
>
> On *SERVER*:
> # cd govpn-3.2
>
> Put verifier to file and save it:
> # vim peers/6d4ac605ce8dc37c2f0bf21cb542a713/verifier
> 562556cc9ecf0019b4cf45bcdf42706944ae9b3ac7c73ad299d83f2d5a169c55
>
> *====RUN PART=====*
>
> On *SERVER*:
> # echo "echo tap10" >> peers/6d4ac605ce8dc37c2f0bf21cb542a713/up.sh
> # tunctl -t tap10
> # ip link set mtu 1432 dev tap10
> # ip addr add 172.16.0.1/24 dev tap10
> # ip link set up dev tap10=
> # ifconfig tap10 up
> # ifup tap10
>
> Run the daemon:
> # govpn-server -bind 172.25.60.62:1194 -mtu 1472
>
> On *CLIENT*:
> # umask 066
> # utils/storekey.sh key.txt
> # tunctl -t tap10
> # ip link set mtu 1432 dev tap10
> # ip addr add 172.16.0.2/24 dev tap10
> # ip link set up dev tap10
> # ip route add default via 172.16.0.1
> # ifconfig tap10 up
> # ifup tap10
>
> Run the daemon:
> # govpn-client -key key.txt -id 6d4ac605ce8dc37c2f0bf21cb542a713 -iface
> tap10 -remote 172.25.60.62:1194 -mtu 1472
>
> Check that tunnel works, do ping from CLIENT to SERVER:
> # ping 172.16.0.1
> PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
> 64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1.15 ms
> 64 bytes from 172.16.0.1: icmp_seq=2 ttl=64 time=2.24 ms
> 64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=4.36 ms
>
> ======================================================================
>
> I will continue test to see how stable is tunnel and why pings are so high.
> Also I will create tunnel between machines in USA and ISRAEL to check its
> performance.
> In future, I want to create deb and rpm packages for it too, but before
> need to do checks
>
> Alex.
>
>
>
>
> On Wed, May 13, 2015 at 7:52 PM, <stargrave@stargrave•org> wrote:
>
>> Greetings,
>>
>> *** Alan Holt [2015-05-13 18:21]:
>> >*You can see on attached screenshot that both interface are up.*
>>
>> But interface on the server side is no "RUNNING", as client's do.
>> Does up.sh in server's peer subdirectory contain something like echo
>> tap10? Will "ifconfig tap10 up" (or "ip link set up dev tap10") help?
>>
>> >Looks like no traffic can go trough the tunnel.
>>
>> I think that tunnel works (you can listen tcpdump over unencrypted
>> network part), but server's TAP is not running.
>>
>> In FreeBSD I had to turn sysctl options:
>>
>> net.link.tap.user_open=1
>> net.link.tap.up_on_open=1
>>
>> The second one up-s the interface when tap device is opened. Maybe
>> something similar is needed under GNU/Linux (currently I do not have any
>> working under the hand).
>>
>> --
>> Happy hacking, Sergey Matveev
>>
>
>
>
> --
> *בברכה, *
> *אלכס ברבר*
>
> *+9 72 54 285 952 3*
> *www.linuxspace.org* <http://www.linuxspace.org>
> *--*
> *Best regards.*
> *Alex Berber*
> *+9 72 54 285 952 3*
> *www.linuxspace.org* <http://www.linuxspace.org/>
>
--
*בברכה, *
*אלכס ברבר*
*+9 72 54 285 952 3*
*www.linuxspace.org* <http://www.linuxspace.org>
*--*
*Best regards.*
*Alex Berber*
*+9 72 54 285 952 3*
*www.linuxspace.org* <http://www.linuxspace.org/>
[-- Attachment #2: Type: text/html, Size: 11142 bytes --]
next prev parent reply other threads:[~2015-05-14 9:23 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-13 7:59 [Govpn-devel] build from last tarball Alan Holt
2015-05-13 8:47 ` stargrave
2015-05-13 9:00 ` Alan Holt
2015-05-13 9:36 ` stargrave
2015-05-13 10:01 ` Alan Holt
2015-05-13 10:14 ` stargrave
2015-05-13 10:52 ` Alan Holt
2015-05-13 11:41 ` stargrave
2015-05-13 13:31 ` Alan Holt
2015-05-13 13:47 ` Alan Holt
2015-05-13 14:09 ` stargrave
2015-05-13 14:55 ` Alan Holt
2015-05-13 16:52 ` stargrave
2015-05-14 8:30 ` Alan Holt
2015-05-14 9:22 ` Alan Holt [this message]
2015-05-14 12:34 ` stargrave
2015-05-14 13:25 ` stargrave
2015-05-14 13:32 ` Alan Holt
2015-05-14 14:11 ` stargrave
2016-01-19 19:04 ` Alan Holt
2016-01-19 22:08 ` stargrave
2016-01-19 22:58 ` Alan Holt
2016-01-20 7:53 ` stargrave
2016-01-21 9:43 ` stargrave
2016-01-28 10:26 ` Alan Holt
2016-01-28 10:46 ` stargrave
2016-01-28 13:39 ` Alan Holt
2016-01-28 14:20 ` stargrave
2015-05-13 14:06 ` stargrave