Le seguenti 297 parole non sono state trovate nel dizionario di 1275 termini (includendo 1275 LocalSpellingWords) e sono evidenziate qui sotto:
5z   address   Address   allow   always   apt   Arno   at   authorized   Available   available   avoid   babel   babeld   Babeld   based   be   because   before   between   Bfn8   bison   Bit   Bom8   boot   branch   Bs   build   but   can   cat   cd   checkout   chmod   choosen   chosen   città   city   clamp   clone   Cnmv   community   compile   conf   config   configuration   Configure   configure   connect   Connect   Connessione   coppermine   crontab   Debian   default   deny   depending   dev   diderot   different   difficult   dir   Disclaimer   distant   Distro   distro   diverse   down   download   Download   E6   eigenlab   emerge   ensure   enter   entries   essentials   etc   everything   example   executable   F4efag   F5th   Fb3an   file   flags   flex   folder   following   for   fr   Fr9hz3p   from   ge   generated   Gentoo   Gestione   get   Ghv   gihub   git   github   go   guide   H1   heimdall   his   hna4   hoc   Host   hosts   Hosts   I2   if   If   Ii   Indirizzi   insert   inside   intended   intercomunication   interface   internal   ip   iptables   Iqr   islands   isole   Isole   itself   jch   Jujd   Jun1ffo   K2hwgp   key   Keypair   keys   Kgsvi   Kx1   L1l   L2mm   latest   learned   libs   like   line   Load   local   Look   look   Lq2z   Lu   main   mainly   Make   make   mark   mkdir   Mode   mss   mtu   Name   Ncby   Nd   need   needed   network   networks   new   Nick   Nickname   ninuxorg   Nmu9w   node   notification   now   Now   null   O9dlu   olsr   olsrd   on   Once   one   only   operate   operation   Optionally   or   our   out   over   page   Param   paris   path   permit   persons   ping   Pl   place   plugin   Plugin   plugins   pmtu   Pnd   point   pps   Proto   proto   Public   public   pull   put   Qanl8v   Qcmiy   Qf   rc3   Rd   received   recognize   recommended   redistribute   refer   repository   required   Roma   root   routes   Rt   run   rxcost   see   self   Send   services   set   setup   should   similar   single   slow   so   something   Std   subnet   switch   table   tap   tcp   that   This   this   Tinc   tinc   tincd   to   To   top   Tqhfop1   traffic   true   try   two   univ   up   updated   use   used   Uxt   vary   very   Vh   via   Vpn   Vr   Vsmim   Vyw   want   wants   way   we   when   Where   will   wired   wireless   with   worked   Xu   Xzb   Yf1peh7ctcq   yournickname   Yzotq   zefiro   Zj   Zz8  

Nascondi questo messaggio

Italiano English
Modifica History Actions

IsoleVPN

Le sedi di Ninux sono:

a Roma presso il FusoLab

  • Fusolab

a Pisa all'EigenLab

  • Eingelab

a Cosenza presso la sede dell'Hacklab Cosenza

  • HLCS

a Catanzaro presso la sede dell'Hacklab Catanzaro

  • HLCZ

a Firenze presso l'exfila

  • exfila

a Bologna presso il makerspace di RaspiBO

  • NinuxBO

Ninux.org partecipa al World IPv6 day

  • WorldIpv6Day

OBSOLETE: see: Connessione VPN tra isole ninux in città diverse

Disclaimer

This VPN is mainly used to connect network islands when it is very difficult to build a wired/wireless link ( for example two community networks in very distant city ). It is not intended to connect single persons that wants access internal services via VPN. It is recommended to avoid data traffic over the VPN because it will slow down troubleshooting operation that is one of main use of the VPN itself.

Connect to the VPN between islands with Tinc

1) Install tinc on your Linux Distro ( Debian based: apt-get install tinc, Gentoo based: emerge tinc ) MAKE SURE YOU HAVE AT LEAST TINC 1.0.13

2) Create config dir 

mkdir /etc/tinc/isole

3) Create config file 

/etc/tinc/isole/tinc.conf

Name = yournickname
ConnectTo = coppermine
ConnectTo = zefiro
ConnectTo = RomaVpnIsole
ConnectTo = BitArno
ConnectTo = heimdall
Mode = switch

Mode switch is required because tinc will operate with a tap interface, needed to run babeld on it.

4) Download hosts keys from our git repository 

cd /etc/tinc/isole/
git clone git://github.com/ninuxorg/HostsVpnIsole.git hosts

Optionally to ensure your hosts keys are always updated you can add the following line or something similar to your crontab 

0 * * * *       root    cd /etc/tinc/isole/hosts && git pull &> /dev/null

5) Generate a Keypair 

tincd -n isole -K

6) Look for a free IP address in the subnet 10.0.5.0/24 and add your self in the table on the GestioneIndirizzi wiki page.

7) Create the file 

/etc/tinc/isole/tinc-up

# If your distro supports flexible init networking scripts like Gentoo, you can do it in more elegant way

ip link set dev $INTERFACE up
ip address add dev $INTERFACE HEREYOURIPADDRESS/24
#Adjust MTU
ip link set mtu 1350 dev $INTERFACE
iptables -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Where in place of HEREYOURIPADDRESS you must put the IP address choosen at point 6 of this guide

Make the file executable 

chmod +x /etc/tinc/isole/tinc-up

8) Send an email to contatti@ninux.org and info@eigenlab.org with your Nickname chosen at point 3 and your generated public key that may look something like. 

cat /etc/tinc/isole/hosts/YourHostNickName

Address = Public_Host_Address(not_the_10.0.5.x_one)_If_Available

-----BEGIN RSA PUBLIC KEY-----
TXKAJun1ffoORTQTqhfop1Bfn8BZjKF4efagDCNdQanl8vVMRIqrFb3anXzbUI2O
QVL1lIBom8KgsviE6VywVrF5thYzotqWVKH1K2hwgpZXGVsmimIiFr9hz3pBsOfZ
dL2mmLuZXKx1JujdLq2zVYf1peh7ctcqXuXQfJRJIFGhvPndO9dluQUxtZz8StdY
sVhQcmiyCnmvKNcbyIHQXCA+5zZYNNmu9wIDAQAB
-----END RSA PUBLIC KEY-----

This file has the address ( if available ) and the public key of the VPN node

9) Once you received notification that your public key is authorized you can try to connect 

tincd -n isole

If everything worked out you can ping 10.0.5.103. Now configure babeld to use the interface "isole"

It is FUNDAMENTAL to use latest babeld version

11) Configure babeld ( depending on your distro default babeld config file path can be different we will refer to Debian in the example )

edit 

/etc/babeld.conf

After editing it should look like this but may vary depending on your setup 

## Add interface isole as wired with a fixed cost of 300
interface isole wired true rxcost 300

# Suggested
in le 14 ip 0.0.0.0/0 deny
in ge 23 ip 10.0.0.0/23 deny
in ge 23 ip 10.255.254.0/23 deny
in ge 10 ip 100.64.0.0/10 deny
in ge 23 ip 172.16.0.0/23 deny
in ge 23 ip 172.31.254.0/23 deny
in ge 23 ip 192.168.0.0/23 deny
in ge 23 ip 192.168.254.0/24 deny


# example
## Refuse 131.114.0.0/16 route
#in ip 131.114.0.0/16 deny

# example ( this is useful if your adsl router have a subnet like this )
## Refuse route with a prefix lenght great or equal 24 matching with 192.168.2.0/24
# in ge 24 ip 192.168.2.0/24 deny

# example ( this is useful if you are using another routing protocol on your island )
## Redistribute route in the 10/8 subnet from another routing protocol that have proto 157
# redistribute ip 10.0.0.0/8 proto 157

# Mandatory
## Allow announcing route 10.0.5.0/24
redistribute ip 10.0.5.0/24 allow

## Allow here the sharing of route you want share
## for example
# redistribute ip 10.0.0.0/8 allow

## Deny announcing all other local route 
redistribute local deny

OLSRd configuration for Babeld

1) Install git, build-essentials, flex and bison for compile the olsrd version with ad-hoc plugin that permit intercomunication between olsrd and babeld.

2) download ninux.org gihub repository: 

git clone git://github.com/ninuxorg/olsrd.git

3) when enter olsrd folder and switch to new plugin branch: 

git checkout proto_plugin_rc3

4) compile olsrd and his plugins: 

make
make libs

5) install olsrd and plugins: 

make install
make install_libs

6) now go to /etc/olsrd.conf and insert  RtProto 157  inside the config on top, before hna4 entries. (this mark all routes learned from olsr network with proto 157, in this way babeld can recognize olsr routes)

CAUTION AT THIS POINT

7) If you want that olsrd redistribute routes from babeld you need to insert this configuration inside the file: 

LoadPlugin "olsrd_proto.so.0.2"
{
        PlParam "proto_no" "42"
}

IF BABELD IS IMPROPERLY CONFIGURED THIS OPTION CAN CREATE A BLACKHOLE! WATCH OUT!

8) now you only need to configure olsrd to start on boot with babeld and tincd.

l'ultima modifica è del 2015-09-18 08:41:20, fatta da Nemesis