Server

Mesh für Server (Debian, Tunneldigger, Respondd)

Dies ist eine stark verkürzte Anleitung wie man Mesh auf seinen Server bekommt. Wichtig: die IPs anpassen!

Software #

Tunneldigger #

cd /opt
git clone https://github.com/wlanslovenija/tunneldigger.git
cd tunneldigger/client

cmake .
make

/etc/modules:

l2tp_eth

/etc/systemd/system/tunneldigger@.service

[Unit]
Description=Tunneldigger-client %I
After=syslog.target network.target

[Service]
Type=simple
User=root
Group=root
PIDFile=/var/run/tunneldigger_%i.pid
ExecStart=/opt/tunneldigger/client/tunneldigger -u [SERVERNAME] -b %i.vpn.freifunk-gera-greiz.de:20181 -i mesh-vpn-l2tp-%i -a -t %i
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable tunneldigger@1.service
systemctl enable tunneldigger@2.service
systemctl enable tunneldigger@3.service

systemctl start tunneldigger@1.service
systemctl start tunneldigger@2.service
systemctl start tunneldigger@3.service

Respondd #

cd /opt
git clone https://github.com/ffggrz/ext-respondd
cd ext-respondd/
cp alias.json.example alias.json
cp config.json.example config.json

alias.json anpassen!

/opt/ext-respondd/config.json:

{
  "batman": "bat0",
  "bridge": "br-client",
  "wan": "eth0",
  "mesh-vpn": [ "mesh-vpn-l2tp-1", "mesh-vpn-l2tp-2", "mesh-vpn-l2tp-3"]
}

/etc/systemd/system/ext-respondd.service:

[Unit]
Description=ext-respondd (respondd Status for Servers)
After=syslog.target network.target

[Service]
Type=simple
User=root
Group=root
WorkingDirectory=/opt/ext-respondd
ExecStart=/opt/ext-respondd/ext-respondd.py

[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable ext-respondd.service

Netzwerk #

Interfaces #

/etc/network/interfaces.d/freifunk:

auto br-client
iface br-client inet static
  mtu 1380
  bridge-stp no
  bridge-fd 0
  bridge-hello 10
  bridge_ports none
  address 10.181.0.161
  netmask 255.255.192.0

iface br-client inet6 static
  address fdb5:78b:64cc::161/64
  post-up sysctl net.ipv6.conf.$IFACE.accept_ra=0
  post-up sysctl net.ipv6.conf.$IFACE.accept_redirects=0
  post-up ip -6 addr add 2a03:2260:100b::161/64 dev $IFACE

allow-hotplug bat0
iface bat0 inet manual
  pre-up ip link set address $(cat /sys/class/net/eth0/address) dev $IFACE
  #pre-up ip link set address 02:44:08:0f:87:35 dev $IFACE
  post-up ip link set up dev $IFACE
  post-up sysctl net.ipv6.conf.$IFACE.disable_ipv6=1

  # prevent Gateway-Traffic
  post-up echo 100 > /sys/class/net/$IFACE/mesh/hop_penalty
  post-up echo 1 >  /sys/class/net/$IFACE/mesh/bridge_loop_avoidance
  post-up batctl gw client 45
  post-up batctl orig_interval 5000
  post-up batctl multicast_mode 0
  post-up brctl addif br-client $IFACE

allow-hotplug mesh-vpn-l2tp-1
iface mesh-vpn-l2tp-1 inet manual
  post-up ip link set up dev $IFACE
  post-up ip link set mtu 1406 $IFACE
  post-up sysctl net.ipv6.conf.$IFACE.disable_ipv6=1

  post-up batctl if add $IFACE
  
allow-hotplug mesh-vpn-l2tp-2
iface mesh-vpn-l2tp-2 inet manual
  post-up ip link set up dev $IFACE
  post-up ip link set mtu 1406 $IFACE
  post-up sysctl net.ipv6.conf.$IFACE.disable_ipv6=1

  post-up batctl if add $IFACE

allow-hotplug mesh-vpn-l2tp-3
iface mesh-vpn-l2tp-3 inet manual
  post-up ip link set up dev $IFACE
  post-up ip link set mtu 1406 $IFACE
  post-up sysctl net.ipv6.conf.$IFACE.disable_ipv6=1

  post-up batctl if add $IFACE

Autostart mit mehreren Verbindungen #

/etc/systemd/system/tunneldigger@.service:

[Unit]
Description=Tunneldigger-client %I
After=syslog.target network.target

[Service]
Type=simple
User=root
Group=root
PIDFile=/var/run/tunneldigger_%i.pid
ExecStart=/opt/tunneldigger/client/tunneldigger -u [HOSTNAME] -b %i.vpn.freifunk-gera-greiz.de:20181 -i mesh-vpn-l2tp-%i -a -t %i
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable tunneldigger@1.service
systemctl enable tunneldigger@2.service
systemctl enable tunneldigger@3.service

Autostart mit nur einer Verbindung #

/etc/systemd/system/tunneldigger.service:

[Unit]
Description=Tunneldigger-client
After=syslog.target network.target

[Service]
Type=simple
User=root
Group=root
PIDFile=/var/run/tunneldigger.pid
ExecStart=/opt/tunneldigger/client/tunneldigger -u [HOSTNAME] -b 1.vpn.freifunk-gera-greiz.de:20181 -b 2.vpn.freifunk-gera-greiz.de:20181 -b 3.vpn.freifunk-gera-greiz.de:20181 -i mesh-vpn-l2tp-1 -a
Restart=always
RestartSec=5

[Install]
WantedBy=multi-user.target
systemctl daemon-reload
systemctl enable tunneldigger
ממוצע (0 הצבעות)
הערות
אין תגובות עדיין. היה הראשון

Wiki-Navigation Wiki-Navigation