some built stuff, some questions

Sun Mar 18 05:48:26 UTC 2012

I have no idea what code from what branch needs to run on the cpe.

In looking at the cpe emulator box I don't see *anything* running on it.
is it just a manual tunnel configured vi /etc/network/interfaces??

and a hard coded ip or what?

So I just went and started building everything I could for mips in the
hope that it would become clear.

Tonight I got packaged up and built for cerowrt
from the rt28354 branch of aftr the following bits of code:

aftr
libpcp
pcpd (not the python bit tho)
b4iwf
sdctld

and they all run, at least briefly.

On my 'I thought I had to do list' was the b4 multicast code, some
mods to various scripts, etc.

other sources of confusion - what - from where - modified version of
miniupnp* is needed? the
one from this branch? usermode? rt28256?

root at sdcpe:/usr/sbin# pcpd
list pcp is empty

root at sdcpe:/tmp# sdctld
Reading configuration from file /etc/sdctld.conf
perm rule added : allow 1024-65535 c0a80000/ffffff00 1024-65535
perm rule added : allow 1024-65535 c0a80100/ffffff00 1024-65535
perm rule added : allow 1024-65535 c0a80000/fffffe00 22-22
perm rule added : allow 12345-12345 c0a80771/ffffffff 54321-54321
perm rule added : deny 0-65535 00000000/00000000 0-65535
PCP requires an external address

I installed but did not configure the dhcp4-client_4.2.3-P2 package
I'd built last week. Is
that truly needed or does udhcpd just go through the tunnel

I DO understand that aftr is not needed (but it would be kind of cool
to run this cpe as both CGN
and SD) and I'm relieved we have enough ram and flash to run
everything I just installed.

Anyway, I slammed this box up on 2001:4f8:fff8:700::1, *root password*
is the previously
agreed on std password (please don't change it), if anyone wants to
poke at it, although
you have to ssh to it from within the lab.

The repo where the packages reside is not public, given that there is
no public place to stick it.
I did just give fdupont an account on huchra.bufferbloat.net, the
package db is in ~cero1/src/isc

On cerowrt the public address is ge00, so that was the only change I
needed to make to aftr-script

Last note: arbitrarily flushing the nat rules is not a particularly good idea.

root at sdcpe:/etc# aftr -c /etc/aftr.conf
tunnel add 2001:db8:0:1::2
+ awk -F/ {print $1}
+ awk {print $2}
+ ip addr show dev ge00
+ grep -w inet
+ PUBLIC=149.20.63.24
+ aftr_start
+ sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
+ sysctl -w net.ipv6.conf.all.forwarding=1
net.ipv6.conf.all.forwarding = 1
+ ip link set tun0 up
+ ip addr add 192.0.0.1 peer 192.0.0.2 dev tun0
+ ip route add 198.18.0.0/15 dev tun0
+ ip -6 route add 2001:db8::/64 dev tun0
+ iptables -t nat -F
+ iptables -t nat -A POSTROUTING -s 198.18.200.111 -j SNAT --to-source
149.20.63.24
+ iptables -t nat -A PREROUTING -p tcp -d 149.20.63.24 --dport
1024:1523 -j DNAT --to-destination 198.18.200.111
+ iptables -t nat -A PREROUTING -p udp -d 149.20.63.24 --dport
1024:1523 -j DNAT --to-destination 198.18.200.111
+ iptables -t nat -A OUTPUT -p tcp -d 149.20.63.24 --dport 1024:1523
-j DNAT --to-destination 198.18.200.111
+ iptables -t nat -A OUTPUT -p udp -d 149.20.63.24 --dport 1024:1523
-j DNAT --to-destination 198.18.200.111
+ exit 0
no dynamic mapping will be created until the PCP daemon enables this

-- 
Dave Täht
SKYPE: davetaht
US Tel: 1-239-829-5608
http://www.bufferbloat.net