Rip44d: Difference between revisions
No edit summary |
|||
Line 73: | Line 73: | ||
/usr/local/sbin/rip44d -p PasswordGoesHere < /dev/null & | /usr/local/sbin/rip44d -p PasswordGoesHere < /dev/null & | ||
That should be all. Really. The downside of this configuration is that it will take up to 5 minutes for the gateway to receive a routing update and become operational after a reboot. The daemon should really be improved to store the current routing table in a local file and load it from there when starting up. | That should be all. Really. The downside of this configuration is that it will take up to 5 minutes for the gateway to receive a routing update and become operational after a reboot. The daemon should really be improved to store the current routing table in a local file and load it from there when starting up. '''(See: [[startampr]] about configuring reload of the AMPR routing table upon reboot with rip44d.)''' | ||
The above route add command will cause packets destined to 44.255.259.* to be dropped on the floor, unless a more specific route (such as 44.255.259.0/25) exists. If you route the whole /24 subnet to your radio interface, the blackhole route should not be used. If you have smaller subnets or per-host routes for each user host, the blackhole route will prevent packets destined to unused addresses from getting into a loop between your gateway and the Amprgw. | The above route add command will cause packets destined to 44.255.259.* to be dropped on the floor, unless a more specific route (such as 44.255.259.0/25) exists. If you route the whole /24 subnet to your radio interface, the blackhole route should not be used. If you have smaller subnets or per-host routes for each user host, the blackhole route will prevent packets destined to unused addresses from getting into a loop between your gateway and the Amprgw. |
Revision as of 09:26, 3 August 2015
Technically, rip44d is a custom RIPv2 daemon which receives periodic routing table updates from the AMPRNet routing service, and inserts them in the Linux routing table.
RIP (Routing Information Protocol) is a method to dynamically update IP routing tables. In practice, on the AMPRNet Gateway, it removes the requirement to periodically download the tunnel routing table (encap.txt) using FTP and apply it to the routing table. It transmits changes quicker and should be simpler to set up. Amprgw transmits the RIP routing table updates every 5 minutes, while the encap.txt has traditionally been only updated once per day. Some operators have even done the downloads manually (and not very often).
The RIP protocol is used in a slightly unconventional way on the AMPRNet, and the standard IP routing daemons such as zebra/quagga are not able to process these packets. Until those daemons are modified to support Amprnet routing updates, a custom implementation such as rip44d can be used.
rip44d is written in the Perl programming language. C might be the conventionally right language to implement daemons such as this, but the author happened to have a good bunch of perl code that could be easily reused in the implementation of rip44d. The routing table is relatively small, so the performance or memory consumption of this daemon isn't very critical.
Requirements
- You'll need a Linux computer, which has been added in the Gateways file using the Portal, so that it is know as an AMPRnet gateway and will receive RIP updates from the Amprgw. It will take some time before Amprgw will learn about new gateways.
- If you have been running the gateway before, and you have already set up a cron job to automatically update the routing table by downloading encap.txt, you need to disable that cron job so that there's only one updating method running at a time.
- The instructions below are currently only for Debian/Ubuntu, but there's nothing Debian-specific in rip44d - it should work fine on other distributions. It does not read or touch any of the operating system's configuration files.
Installation of dependencies on Debian/Ubuntu
install perl, and IO::Socket::Multicast, a Perl module used for receiving the RIP multicast packets
sudo apt-get install perl libio-socket-multicast-perl libio-interface-perl
install something to download the daemon, if needed
sudo apt-get install curl
Installation of dependencies on other distributions
Other distributions should have an easy way to install the required packages too (using yum or a similar program). Please fill in details here, if you know them.
If all else fails, but you have Perl installed already, you can use CPAN to install the module. For details, please see the CPAN installation guide.
cpan App::cpanminus cpanm IO::Socket::Multicast
Installation of rip44d
Download the daemon
curl -O https://raw.github.com/hessu/rip44d/master/rip44d
Make it executable
chmod u+x rip44d
Run it for the first time
Run it first with the -v option to verify that it sees the route announcements from amprgw, and to learn the plaintext password used to authenticate the RIP packets (it's not included in the script, and I'm not posting it here, so that spoofing can only be done by those who are already receiving the announcements). Wait up to 5 minutes until the routes are transmitted, and it'll complain about the password it's not expecting:
hessu@gateway:~$ sudo ./rip44d -v found local address: 1.2.3.4 found local address: 127.0.0.1 found local address: 44.255.259.253 opening UDP socket... entering main loop, waiting for RIPv2 datagrams received from 44.0.0.1: 520: 504 bytes RIPv2 packet contains password PasswordFoundHere but we require none
Run it again with the correct password
hessu@gateway:~$ sudo ./rip44d -p PasswordGoesHere
Within 5 minutes it should receive the new routing table and take it into use. For added fun, use -v (verbose) or -d (debug, really verbose) to see what it does.
After confirming that it works, move it to /usr/local/sbin (or something) and put it in your boot scripts (see: startampr). At minimum, the following lines in /etc/rc.local should do the required tricks to bring Amprnet routing up. The IP addresses are intentionally invalid – you'll need to replace them with your own.
# Route my own subnet to blackhole, just to make sure I don't accidentally # transmit packets destined for us back out to Amprgw and create a loop. # More specific routes will route packets for these addresses out on the # correct radio interfaces. /sbin/ip route add blackhole 44.255.259.0/24 # Bring up the tunnel interface and assign an IP address to it. /sbin/ifconfig tunl0 44.255.259.253 up || exit 2 # Start up the RIP routing daemon to learn the routing table. /usr/local/sbin/rip44d -p PasswordGoesHere < /dev/null &
That should be all. Really. The downside of this configuration is that it will take up to 5 minutes for the gateway to receive a routing update and become operational after a reboot. The daemon should really be improved to store the current routing table in a local file and load it from there when starting up. (See: startampr about configuring reload of the AMPR routing table upon reboot with rip44d.)
The above route add command will cause packets destined to 44.255.259.* to be dropped on the floor, unless a more specific route (such as 44.255.259.0/25) exists. If you route the whole /24 subnet to your radio interface, the blackhole route should not be used. If you have smaller subnets or per-host routes for each user host, the blackhole route will prevent packets destined to unused addresses from getting into a loop between your gateway and the Amprgw.
Notes
- rip44d automatically ignores announced routes which are pointed to the system's local addresses. The addresses are automatically learned using /sbin/ifconfig, but you can add more gateway addresses using -a (comma-separated list of IP addresses).
- It expects that your tunnels are configured on tunl0. Use the -i <if> option to change to another. The tunnel interface must be up and configured before rip44d starts up.
- Old encap routes may be present, the daemon will overwrite them as necessary (it won't touch more specific routes, or ones which are not found in the route advertisements). You don't need to "clean" the routing table before running rip44d if you have populated it from encap.txt.
- rip44d does not automatically start, see startampr for more information about running on boot
Support, bug reports and improvements
If you have questions to ask about the usage of this daemon, please contact the 44Net mailing list.
If you have improved the daemon and wish to submit a patch, please use Github. Create an account, fork the rip44d repository to your own private repository, push your changes there, and submit a merge request. I'll then merge the changes in the master source tree and release a new version. Thank you!
Github repository: https://github.com/hessu/rip44d
The daemon was written by Heikki Hannikainen, OH7LZB.