some built stuff, some questions

[Francis Dupont]

> I have no idea what code from what branch needs to run on the cpe.

=> rt28354: this is the only one with sdcltd which, BTW, I compiled
but not yet configured on ida.

> In looking at the cpe emulator box I don't see *anything* running on it.
> is it just a manual tunnel configured vi /etc/network/interfaces??

=> yes

> and a hard coded ip or what?

=> there is a script in ~fdupont/s and some pending questions about
where to enable forwarding.

> So I just went and started building everything I could for mips in the
> hope that it would become clear.
> 
> Tonight I got packaged up and built for cerowrt
> from the rt28354 branch of aftr the following bits of code:
> 
> aftr
> libpcp
> pcpd (not the python bit tho)
> b4iwf
> sdctld

=> you need for a SD-CPE sdctld (PCP/UPnP-IGD/NAT-PMP server) and
libpcp (PCP client). aftr and pcpd are for an AFTR, b4iwf for
a standard B4.
For a SD-B4 you need too from standard packages ip (iproute2) and
the script changes from messages I exchanged with Alain (and I still
have to send to you).

> and they all run, at least briefly.

=> fine

> On my 'I thought I had to do list' was the b4 multicast code, some
> mods to various scripts, etc.

=> IMHO we can forget multicast as we don't have (including in the SOW)
the SD-AFTR equivalent part.

> other sources of confusion - what - from where - modified version of
> miniupnp* is needed? the
> one from this branch? usermode? rt28256?

=> server (miniupnpd) -> sdctld in rt28354
client (miniupnpc) -> miniupnpc+ in its own git repo

> root at sdcpe:/usr/sbin# pcpd
> list pcp is empty

=> this means you run an AFTR on the same box but this AFTR has no
port pool configured for PCP. Unfortunately it is soon so you didn't
test many things. (PS: it doesn't matter until we want to use cheap
hardware for an AFTR).

> root at sdcpe:/tmp# sdctld
> Reading configuration from file /etc/sdctld.conf
> perm rule added : allow 1024-65535 c0a80000/ffffff00 1024-65535
> perm rule added : allow 1024-65535 c0a80100/ffffff00 1024-65535
> perm rule added : allow 1024-65535 c0a80000/fffffe00 22-22
> perm rule added : allow 12345-12345 c0a80771/ffffffff 54321-54321
> perm rule added : deny 0-65535 00000000/00000000 0-65535
> PCP requires an external address

=> incompatible config. Even the saved config in
rt28354/conf/testbeds/vm/sdb4-sdctld.conf needs some edit.

> I installed but did not configure the dhcp4-client_4.2.3-P2 package
> I'd built last week. Is
> that truly needed or does udhcpd just go through the tunnel

=> DHCPv4 is not really over IPv4 so doesn't go over the tunnel.
But the DHCPv6 client can be useful... As far as I know we
decided to go to static configs so to limit the risks.
If we want to show DHCPv4-over-IPv6, we need a DHCPv4 client
(udhcpc works so we can keep it) and the CRA (relay/dhccra).

> I DO understand that aftr is not needed (but it would be kind of cool
> to run this cpe as both CGN
> and SD)

=> you can't run the two functions on the same kernel at the same time.

> and I'm relieved we have enough ram and flash to run
> everything I just installed.

=> including DHCP stuff?

> I did just give fdupont an account on huchra.bufferbloat.net,

=> hucha is a WNDR3800 CPE?

> On cerowrt the public address is ge00, so that was the only change I
> needed to make to aftr-script

=> ge00? oops, it is the name of the interface.

> Last note: arbitrarily flushing the nat rules is not a particularly
> good idea.

=> in this case it is required. BTW on an AFTR without a shared address
it is even better to disable iptables, i.e., put a NOTRACK in the raw
table chains.

>...
> no dynamic mapping will be created until the PCP daemon enables this

=> looks fine.

Regards

Francis Dupont <fdupont at isc.org>