GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → neilalexander → vyatta-cjdns

neilalexander / vyatta-cjdns

Licence: GPL-3.0 license
A cjdns package for Ubiquiti EdgeOS and VyOS, allowing cjdns to be used on EdgeRouters

Programming Languages

python
139335 projects - #7 most used programming language
shell
77523 projects
Makefile
30231 projects

Labels

mesh-networksipv6networkmeshcjdnsvyosubiquitiedgeroutercjdrouteubiquiti-edgeos

Projects that are alternatives of or similar to vyatta-cjdns

ubnt-cloudflared
Install Cloudflare's DNS proxy on UBNT gateways
Stars: ✭ 22 (-43.59%)
Mutual labels:  ubiquiti, edgerouter, ubiquiti-edgeos
Cjdns
An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.
Stars: ✭ 4,766 (+12120.51%)
Mutual labels:  mesh-networks, mesh, cjdns
meshname
Meshname, a universal naming system for all IPv6-based mesh networks, including CJDNS and Yggdrasil
Stars: ✭ 65 (+66.67%)
Mutual labels:  ipv6, mesh, cjdns
Yggdrasil Go
An experiment in scalable routing as an encrypted IPv6 overlay network
Stars: ✭ 1,007 (+2482.05%)
Mutual labels:  mesh-networks, ipv6, mesh
EdgeOS-API
An API for Ubiquiti EdgeOS, the operating system used by Ubiquiti Inc's EdgeRouter & UFiber OLT products (part of the EdgeMax product range).
Stars: ✭ 27 (-30.77%)
Mutual labels:  ubiquiti, edgerouter, ubiquiti-edgeos
Ansible Openwisp2
Ansible role that installs and upgrades OpenWISP.
Stars: ✭ 403 (+933.33%)
Mutual labels:  mesh-networks, mesh
Spruce Network
Decentralized peer-to-peer mesh network.
Stars: ✭ 61 (+56.41%)
Mutual labels:  mesh-networks, mesh
Wifimeshraspberrypi
Workshop to create a sensor application over a WiFi Mesh network
Stars: ✭ 99 (+153.85%)
Mutual labels:  mesh-networks, mesh
Lime Packages
OpenWrt packages composing LibreMesh meta-firmware for wireless mesh networking
Stars: ✭ 204 (+423.08%)
Mutual labels:  mesh-networks, mesh
Mesh Networking
🌐 LEGO blocks for networking, a Python library to help create and test flexible network topologies across real and simulated physical links.
Stars: ✭ 329 (+743.59%)
Mutual labels:  mesh-networks, ipv6
Wireguard Private Networking
Build your own multi server private network using wireguard and ansible
Stars: ✭ 124 (+217.95%)
Mutual labels:  mesh-networks, mesh
Prototype Cjdns Pi
Prototype system for mesh networks on single board computers
Stars: ✭ 205 (+425.64%)
Mutual labels:  mesh-networks, mesh
MeshNetSimulator
A simulator for sketching mesh network routing strategies
Stars: ✭ 71 (+82.05%)
Mutual labels:  mesh-networks, mesh
Ot Rtos
OpenThread RTOS, an integration of OpenThread, LwIP, and FreeRTOS.
Stars: ✭ 90 (+130.77%)
Mutual labels:  mesh-networks, ipv6
Ergo
a Framework for creating mesh networks using technologies and design patterns of Erlang/OTP in Golang
Stars: ✭ 376 (+864.1%)
Mutual labels:  mesh-networks, mesh
Django Netjsongraph
Network Topology Visualizer & Network Topology Collector
Stars: ✭ 131 (+235.9%)
Mutual labels:  mesh-networks, mesh
Netjsongraph.js
NetJSON NetworkGraph visualizer based on d3.js
Stars: ✭ 216 (+453.85%)
Mutual labels:  mesh-networks, mesh
hphr
Halophile Router (a VyOS-based, SaltStack-automated, NetBox-configured router for small provider networks)
Stars: ✭ 39 (+0%)
Mutual labels:  ipv6, vyos
cellabox
Air quality modules with Nordic nRF52840. Thread network (OpenThread). TheThingsIO. Sensirion. SPEC Sensors. ST Microelectronics.
Stars: ✭ 27 (-30.77%)
Mutual labels:  mesh-networks, ipv6
everip
The Elastic Versatile Encrypted Relay for IP (EVER/IP) Networking Suite
Stars: ✭ 32 (-17.95%)
Mutual labels:  mesh-networks, mesh
View All Similar Projects ➔

cjdns for Ubiquiti EdgeOS / VyOS

Introduction

The vyatta-cjdns package provides cjdns support on supported Ubiquiti EdgeMAX, VyOS and potentially other Vyatta-based routers. It is integrated with the command line interface (CLI) allowing cjdns to be configured through the standard configuration system.

Compatibility

Architecture Compatible Notes
EdgeRouter X (ERX) mipsel Yes
EdgeRouter Lite (ERL) mips64 Yes
VyOS 1.1.x i386, amd64 Yes No support for IPv6 masquerade

Install / Upgrade

Either download or build a release and copy it to the router, then install/upgrade it:

sudo dpkg -i vyatta-cjdns-x.x.x-xxxxxx.deb

If you are upgrading from a previous release of vyatta-cjdns, then restart cjdns once the upgraded package is installed:

restart cjdns tun0

Configuration

All configuration is entered through the CLI. set commands, as listed below, will add new configuration and the cjdroute configuration file will be updated automatically. To remove configuration, for instance to remove a peering, authorised password or IP tunnel setting, replace the set keyword with delete.

cjdroute is restarted automatically after a configuration change is made.

Initial

Start by creating the default configuration on the interface:

configure
set interfaces cjdns tun0
set interfaces cjdns tun0 description CJDNS
commit

This automatically generates a new private key and then populates the IPv6 address, public key, private key and admin socket details into the config, as shown with show interfaces cjdns tun0 in the configure view.

Peerings

To establish a peering is straight-forward; replace bind-address a.b.c.d:e with the address you want cjdroute to listen on in ip:port format and replace peers a.b.c.d:e with the ip:port address of your peer. Use login to specify the login name (which is sometimes default-login), and peername to identify the peering friendly name (as seen in the peering stats):

configure
set interfaces cjdns tun0 udp-interface 0 bind-address a.b.c.d:e
set interfaces cjdns tun0 udp-interface 0 peers a.b.c.d:e password xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
set interfaces cjdns tun0 udp-interface 0 peers a.b.c.d:e publickey xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.k
set interfaces cjdns tun0 udp-interface 0 peers a.b.c.d:e login xxxxxxxx
set interfaces cjdns tun0 udp-interface 0 peers a.b.c.d:e peername xxxxxxxx
commit

To configure beacons to automatically peer with other devices on your network using ethernet (assuming switch0 is your internal interface):

configure
set interfaces cjdns tun0 ethernet-interface 0 bind-interface switch0
set interfaces cjdns tun0 ethernet-interface 0 beacon listen-send
commit

To configure new authorized passwords for incoming connections:

configure
set interfaces cjdns tun0 authorized-password user1 password password1
set interfaces cjdns tun0 authorized-password user2 password password2
commit

Identity

An IPv6 address and a keypair are automatically generated when you create a new cjdns interface. The publickey, privatekey and ipv6 fields will be automatically populated with these.

To override the automatically generated keypair and manually configure your own IPv6 address and keypair (i.e. to bring in an existing keypair from another machine):

configure
set interfaces cjdns tun0 publickey xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.k
set interfaces cjdns tun0 privatekey xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
set interfaces cjdns tun0 ipv6 xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
commit

Firewall

An example stateful firewall configuration that will block unexpected incoming traffic on the cjdns interface, i.e. to prevent other people from reaching your ssh or Web UI ports:

configure
set firewall ipv6-name CJD_LOCAL default-action drop
set firewall ipv6-name CJD_LOCAL rule 10 action accept
set firewall ipv6-name CJD_LOCAL rule 10 state established enable
set firewall ipv6-name CJD_LOCAL rule 10 state related enable
set firewall ipv6-name CJD_LOCAL rule 20 action drop
set firewall ipv6-name CJD_LOCAL rule 20 state invalid enable
set interfaces cjdns tun0 firewall local ipv6-name CJD_LOCAL
configure

Masquerade

If you want to allow other IPv6 hosts on your network to communicate through cjdns, you can configure an IPv6 masquerade rule. All traffic sent from other hosts on the network through the cjdns interface will be NAT'd.

For example:

configure
set interfaces cjdns tun0 masquerade from xxxx:xxxx:xxxx::/48
commit

If you have multiple IPv6 subnets, then they can be configured individually by setting multiple masquerade from source ranges. Both private/ULA and public IPv6 subnets are acceptable.

IPv6 masquerade is not supported on VyOS 1.1.x due to missing support in the kernel.

IP Tunnel

To connect to and receive a tunnel prefix from a remote peer, where xxx.k is the remote public key:

configure
set interfaces cjdns tun0 ip-tunnel xxx.k connect
commit

To provide an IPv4 tunnel prefix to a remote peer, where xxx.k is the remote public key:

configure
set interfaces cjdns tun0 ip-tunnel xxx.k provide-ipv4-prefix x.x.x.x/x
commit

To provide an IPv6 tunnel prefix to a remote peer where, xxx.k is the remote public key:

configure
set interfaces cjdns tun0 ip-tunnel xxx.k provide-ipv6-prefix x::x/x
commit

Operational Commands

To see information about peerings, in operational view:

show interfaces cjdns tun0 peers

To see your IPv6 address and public/private keys, in operational view:

show interfaces cjdns tun0 identity

To restart a cjdns tunnel, in operational view:

restart cjdns tun0

Crash Detection

The cjdroute daemon is still in development and is prone to crashes sometimes. The easiest way to make sure that the process is restarted if it crashes is to schedule the vyatta-check-cjdns script to run at a regular interval:

configure
set system task-scheduler task check-cjdns executable path /opt/vyatta/sbin/vyatta-check-cjdns
set system task-scheduler task check-cjdns interval 1m
commit

Upgrading EdgeOS

When EdgeOS is upgraded, vyatta-cjdns will be uninstalled and, as a result, the cjdns interface configuration will be missing from the running configuration after upgrade. In order to preserve your vyatta-cjdns configuration through a system upgrade, use the following steps.

Before upgrading EdgeOS, make sure to save your running configuration to storage:

configure
save

Download a backup of your configuration from the router and then upgrade EdgeOS.

Once the EdgeRouter has come back up, you must reinstall vyatta-cjdns and then reload the saved configuration from storage:

sudo dpkg -i vyatta-cjdns-x.x.x-xxxxxx.deb
configure
load
compare

If at this point your interfaces cjdns configuration is displayed, then commit to make it effective:

commit

If you do not see your interfaces cjdns configuration at this point, then restore from your previously backed up configuration.

WARNING: Do not issue the save command at any point after the system upgrade or make any other configuration changes at all UNTIL you are happy that your cjdns configuration has been successfully committed, otherwise it may be lost.

Verify that cjdroute is running again, in operational view:

ps -ef | grep cjdroute
show interfaces cjdns tunX peers

Footnotes

If cjdns fails to start, you can find logging output in /tmp/cjdroute.tunX.log, where tunX is the specified interface.

You may also need to manually adjust your firewall to allow traffic on the bind-address that you specified.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].