Networking on ScienceChronicle https://www.ScienceChronicle.org/en/categories/networking/ Recent content in Networking on ScienceChronicle Hugo en Sun, 09 Jun 2024 11:52:37 +0000 Round-robin load-balancing between two VPNs with iptables and policy-based routing https://www.ScienceChronicle.org/en/article/round-robin-load-balancing-between-two-vpns-with-iptables-and-pbr/ Sun, 09 Jun 2024 11:52:37 +0000 https://www.ScienceChronicle.org/en/article/round-robin-load-balancing-between-two-vpns-with-iptables-and-pbr/ <h2 id="experiment-1">Experiment 1</h2> <p>We want to send http traffik generated by our computer through a VPN tunnel.</p> <h3 id="vpn-tunnels">VPN tunnels</h3> <p>Create two VPN tunnels:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>openvpn --config au.ovpn </span></span><span style="display:flex;"><span>openvpn --config at.ovpn </span></span></code></pre></div><p>Two new interfaces will be created: <code>tun0</code> and <code>tun1</code>.</p> <p>Two configs should prevent setting of default gateways:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-text" data-lang="text"><span style="display:flex;"><span>pull-filter ignore redirect-gateway </span></span></code></pre></div><h3 id="routing">Routing</h3> <p>Create a new routing table:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#8be9fd;font-style:italic">echo</span> <span style="color:#f1fa8c">&#34;201 vpn1&#34;</span> &gt;&gt; /etc/iproute2/rt_tables </span></span></code></pre></div><p>and add default routing to the table:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>ip route add default dev tun1 table vpn1 </span></span></code></pre></div><p>Check:</p> Network based message collector with socat https://www.ScienceChronicle.org/en/article/network-based-message-collector-with-socat/ Thu, 30 May 2024 11:52:37 +0000 https://www.ScienceChronicle.org/en/article/network-based-message-collector-with-socat/ <h2 id="overview">Overview</h2> <p>The simplest message collector code can be implemented with <code>socat</code>:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#282a36;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>socat -u TCP4-LISTEN:4444,reuseaddr,fork OPEN:/tmp/log.txt,creat,append </span></span></code></pre></div><p>It will listen on tcp port 4444, it can accept multiple simultaneous connections which guarantees no connection is refused and it will write the data recieved on the port to <code>/tmp/log.txt</code>, appending to the file if it already exists or creating a new if it does not.</p> <p>The sender can be implemented in many ways, for example:</p>