some built stuff, some questions

Dave Taht dave.taht at gmail.com
Sun Mar 18 09:00:53 UTC 2012 

On Sun, Mar 18, 2012 at 1:46 AM, Francis Dupont <fdupont at isc.org> wrote:
>> I have no idea what code from what branch needs to run on the cpe.
>
> => rt28354: this is the only one with sdcltd which, BTW, I compiled
> but not yet configured on ida.
>
>> In looking at the cpe emulator box I don't see *anything* running on it.
>> is it just a manual tunnel configured vi /etc/network/interfaces??
>
> => yes
>
>> and a hard coded ip or what?
>
> => there is a script in ~fdupont/s and some pending questions about
> where to enable forwarding.

That clarifies matters significantly.

>
>> So I just went and started building everything I could for mips in the
>> hope that it would become clear.
>>
>> Tonight I got packaged up and built for cerowrt
>> from the rt28354 branch of aftr the following bits of code:
>>
>> aftr
>> libpcp
>> pcpd (not the python bit tho)
>> b4iwf
>> sdctld
>
> => you need for a SD-CPE sdctld (PCP/UPnP-IGD/NAT-PMP server) and
> libpcp (PCP client). aftr and pcpd are for an AFTR, b4iwf for
> a standard B4.
> For a SD-B4 you need too from standard packages ip (iproute2) and
> the script changes from messages I exchanged with Alain (and I still
> have to send to you).

any time...

>
>> and they all run, at least briefly.
>
> => fine
>
>> On my 'I thought I had to do list' was the b4 multicast code, some
>> mods to various scripts, etc.
>
> => IMHO we can forget multicast as we don't have (including in the SOW)
> the SD-AFTR equivalent part.

good.

>
>> other sources of confusion - what - from where - modified version of
>> miniupnp* is needed? the
>> one from this branch? usermode? rt28256?
>
> => server (miniupnpd) -> sdctld in rt28354
> client (miniupnpc) -> miniupnpc+ in its own git repo

I have already built another version of the latter tool, getting the
right one built will take a few minutes.


>
>> root at sdcpe:/usr/sbin# pcpd
>> list pcp is empty
>
> => this means you run an AFTR on the same box but this AFTR has no
> port pool configured for PCP. Unfortunately it is soon so you didn't
> test many things. (PS: it doesn't matter until we want to use cheap
> hardware for an AFTR).

I came, I saw, I compiled.

>
>> root at sdcpe:/tmp# sdctld
>> Reading configuration from file /etc/sdctld.conf
>> perm rule added : allow 1024-65535 c0a80000/ffffff00 1024-65535
>> perm rule added : allow 1024-65535 c0a80100/ffffff00 1024-65535
>> perm rule added : allow 1024-65535 c0a80000/fffffe00 22-22
>> perm rule added : allow 12345-12345 c0a80771/ffffffff 54321-54321
>> perm rule added : deny 0-65535 00000000/00000000 0-65535
>> PCP requires an external address
>
> => incompatible config. Even the saved config in
> rt28354/conf/testbeds/vm/sdb4-sdctld.conf needs some edit.

OK

>> I installed but did not configure the dhcp4-client_4.2.3-P2 package
>> I'd built last week. Is
>> that truly needed or does udhcpd just go through the tunnel
>
> => DHCPv4 is not really over IPv4 so doesn't go over the tunnel.
> But the DHCPv6 client can be useful... As far as I know we
> decided to go to static configs so to limit the risks.
> If we want to show DHCPv4-over-IPv6, we need a DHCPv4 client
> (udhcpc works so we can keep it) and the CRA (relay/dhccra).

that package has the dhcp4 version that has support for both
ipv6 and ipv4.

>
>> I DO understand that aftr is not needed (but it would be kind of cool
>> to run this cpe as both CGN
>> and SD)
>
> => you can't run the two functions on the same kernel at the same time.

But you can run it on two of the same cheap boxes at the same time.
Sharing the lab with io - which has howling fans - is not ideal....

>
>> and I'm relieved we have enough ram and flash to run
>> everything I just installed.
>
> => including DHCP stuff?

including dhclient. not isc-dhcp server.

df reports 3MB free (which is an estimate, it's probably closer to 1.5
uncompressed). So yes, *barely*.

I still need to find a dhcp-pd solution that can fit, and this wipes
out the possibility of a slew of other add-on packages that are used
in the cerowrt effort - but it's suitable for the demo.

What of libpcp's binaries is actually required?

>
>> I did just give fdupont an account on huchra.bufferbloat.net,
>
> => hucha is a WNDR3800 CPE?

No the ipv6 address and ipv4 addresses

huchra is the main bufferbloat/cerowrt build box - an 8 core platform
that was donated to the bufferbloat effort by isc last year. It's
NICE.


>
>> On cerowrt the public address is ge00, so that was the only change I
>> needed to make to aftr-script
>
> => ge00? oops, it is the name of the interface.

http://www.bufferbloat.net/projects/cerowrt/wiki/Device_naming_scheme

>
>> Last note: arbitrarily flushing the nat rules is not a particularly
>> good idea.
>
> => in this case it is required. BTW on an AFTR without a shared address
> it is even better to disable iptables, i.e., put a NOTRACK in the raw
> table chains.

noted.

>
>>...
>> no dynamic mapping will be created until the PCP daemon enables this
>
> => looks fine.

A start. I'm relieved it fit, and nothing segvioed and the
dependencies on external libs was minimal
(only libxml and libdb were required in addition to the normal libs on the box)

> Regards
>
> Francis Dupont <fdupont at isc.org>



-- 
Dave Täht
SKYPE: davetaht
US Tel: 1-239-829-5608
http://www.bufferbloat.net

More information about the sdcpe-devel mailing list