View page as slide show

RTMaps Experimental Data Collection Platform

ULLA Prefix

My test Unique Local IPv6 Unicast Address (4193) network, with randomly generated Global ID BC:3A:78:83:C0, uses prefix FDBC:3A78:83C0::/48.

Experiments

Replicating Packets to RTMaps

Solution Feasability Comment Issue
Direct copy NO See xt_TEE No native support
(x)l2tp :?: Doesn't seem practical
TUN + bridge NO Can't bridge over TUNs
TAP + bridge NO Involves userland and has encapsulation issues Bridge optimizations only send traffic on the relevant interface ()
xtables TEE target from xtables-addons YES May be the best option (only DST MAC is changed)

TUN

Router Configuration

To ease thigs, the router is configured as a mobilerouters. The HoA is 2001:660:3013:f100::dead:beef and the MNP is 2001:660:3013:dead::/64

$ sudo ip6tables -A INPUT --proto 41 -j ACCEPT # Allow ip6ip6 tunnels
$ sudo ip -6 tunnel add stat mode ip6ip6 local 2001:660:3013:dead::1 remote 2001:660:3013:dead:a00:46ff:fee0:dfcc
$ sudo ip addr add FDBC:3A78:83C0:1::1/64 dev stat
$ sudo ip link set dev stat up

RTMaps Computer Configuration

$ sudo ip -6 tunnel add stat mode ip6ip6 remote 2001:660:3013:dead::1
$ sudo ip addr add FDBC:3A78:83C0:1::2/64 dev stat
$ sudo ip link set dev stat up

TAP

Tunnelling Application

See SVN repository.

FIXME Promiscuous mode?

$ sudo modprobe tun
$ sudo ./stap
info: TAP stap0 interface created
info: UDP socket openned and bound on port 7473
info: waiting for activity...

Bridge Setup

$ sudo brctl addbr stap
$ sudo brctl addif stap stap0
$ sudo brctl addif stap eth0
$ sudo brctl show
bridge name     bridge id               STP enabled     interfaces
stap            8000.001cbf996497       no              stap0
                                                        eth0
$ sudo /sbin/ifconfig stap0 up
$ sudo /sbin/ifconfig stap up

Client Application

$ nc6 -u ::1 7473
nc6: using datagram socket

33���d���^�������d�����^rb_dns-sd_udplocal
                                                _presence_tcp�
                                                              �
(...)

When the first carriage return is sent from the client to the server, the following is displayed.

info: new client connected (::1)

xt_TEE

Every packet seen on the router's egress interface is replicated verbatim (except for the destination MAC address as this is akin to IP routing) to the logging computer.

It may be necessary to drop router advertisements to avoid configuring wrong prefixes.

  $ EGRESS=eth0
  $ STATADDR=2001:660:3013:dead::2                             # it is important that ${STATADDR} is not on ${EGRESS} to avoid infinite replications
  $ sudo modprobe ip6table_mangle compat_xtables xt_TEE        # avoid error "No chain/target/match by that name." by loading the modules before trying to use them...
  $ sudo ip6tables -t mangle -A OUTPUT -o ${EGRESS} -j TEE --gateway ${STATADDR}
  $ sudo ip6tables -t mangle -A PREROUTING -i ${EGRESS} -p icmpv6 \! --icmpv6-type router-advertisement -j TEE --gateway ${STATADDR}
  $ sudo ip6tables -t mangle -A PREROUTING -i ${EGRESS} \! -p icmpv6 -j TEE --gateway ${STATADDR}

RTMaps Component

 
users/oliviermehani/2008phd/rtmapsplatform.txt · Last modified: 2011/02/10 14:08 (external edit)
Recent changes · Show pagesource · Login