Showing posts sorted by relevance for query vlan. Sort by date Show all posts
Showing posts sorted by relevance for query vlan. Sort by date Show all posts

Virtual Interfaces, vlan tags, Ethernet bridging, spanning tree, and openvpn on linux.

This post is just a collection of rough code snips and URL's to jog my memory on a few concepts in the future. It is NOT a how to and will probably not be useful to anyone else but you never know. The /etc/network/interfaces snip below was part of a creative workaround for an unreliable and out dated wide area Ethernet network I had to deal with that had no money or desire for repair or upgrade. It has now been removed from service but at the time the main network would go down for extended periods in the winter when the rural Utah mountain tops were expensive to reach by helicopter or snow cat. Using free Linux tools I could create virtual interfaces, bridge them together with spanning tree and openvpn and route the low volume critical traffic over two low cost DSL connections to restore connectivity around the broken parts.


#/etc/network/interfaces
#Note that MTU must be reduced to 1496 due to 4 byte VLAN tag.  Some ethernet drivers do not handel this automatically.
#http://www.linuxjournal.com/node/7268/print
#As mentioned earlier, 802.1q works by tagging each frame with a 4-byte VLAN identifier. However, some Ethernet drivers assume the maximum frame size is 1,500 bytes. The addition of the 4-byte tag does not leave as much room for data. Thus, although small packets are sent and received correctly, large packets fail. The solution is either to drop the MTU of the VLAN device or to correct the assumptions of the driver.
#Patches are available on the Linux VLAN Web site for a variety of cards (see Resources). Several drivers work correctly out of the box (or tar.gz, as the case may be), including the e100 driver for Intel-based cards.
#

#root@ubuntu:~# ping -M do -s 1472 -c 1 google.com
#root@ubuntu:~# ping -M do -s 1473 -c 1 google.com
#PING google.com (74.125.225.199) 1473(1501) bytes of data.
#From yourhost.com (192.168.1.1) icmp_seq=1 Frag needed and DF set (mtu = 1500)

auto ppp0
iface ppp0 inet ppp
pre-up ifconfig eth0 0.0.0.0
pre-up ifconfig eth1 0.0.0.0
pre-up vconfig set_name_type DEV_PLUS_VID_NO_PAD
pre-up vconfig add eth0 1
pre-up vconfig add eth0 3751
pre-up vconfig add eth0 3757
pre-up vconfig add eth1 1
pre-up vconfig add eth1 3751
pre-up vconfig add eth1 3757
pre-up ifconfig eth0.1 0.0.0.0
pre-up ifconfig eth1.1 0.0.0.0
pre-up ifconfig eth0.3751 0.0.0.0
pre-up ifconfig eth1.3751 0.0.0.0
pre-up ifconfig eth0.3757 0.0.0.0
pre-up ifconfig eth1.3757 0.0.0.0
pre-up brctl addbr br1
pre-up brctl addbr br3751
pre-up brctl addbr br3757
pre-up brctl stp br1 on
pre-up brctl stp br3751 on
pre-up brctl stp br3757 on
pre-up brctl setbridgeprio br1 0
pre-up brctl setbridgeprio br3751 0
pre-up brctl setbridgeprio br3757 0
pre-up brctl addif br1 eth0.1
pre-up brctl addif br1 eth1.1
pre-up brctl addif br3751 eth0.3751
pre-up brctl addif br3751 eth1.3751
pre-up brctl addif br3757 eth0.3757
pre-up brctl addif br3757 eth1.3757
pre-up ifconfig br1 172.31.141.126
pre-up ifconfig br1 broadcast 172.31.141.127 netmask 255.255.255.240
pre-up ifconfig br1 mtu 1496
pre-up ifconfig br3751 192.168.141.126
pre-up ifconfig br3751 broadcast 192.168.143.255 netmask 255.255.252.0
pre-up ifconfig br3751 mtu 1496
pre-up ifconfig br3757 192.168.0.2
pre-up ifconfig br3757 broadcast 192.168.0.255 netmask 255.255.255.0
pre-up ifconfig br3757 mtu 1496
pre-up sleep 45s
post-down ifconfig br3757 mtu 1500
post-down ifconfig br3757 0.0.0.0
post-down ifconfig br3757 down
post-down ifconfig br3751 mtu 1500
post-down ifconfig br3751 0.0.0.0
post-down ifconfig br3751 down
post-down ifconfig br1 mtu 1500
post-down ifconfig br1 0.0.0.0
post-down ifconfig br1 down
post-down brctl delif br3757 eth1.3757
post-down brctl delif br3757 eth0.3757
post-down brctl delif br3751 eth1.3751
post-down brctl delif br3751 eth0.3751
post-down brctl delif br1 eth1.1
post-down brctl delif br1 eth0.1
post-down brctl setbridgeprio br3757 100
post-down brctl setbridgeprio br3751 100
post-down brctl setbridgeprio br1 100
post-down brctl stp br3757 off
post-down brctl stp br3751 off
post-down brctl stp br1 off
post-down brctl delbr br3757
post-down brctl delbr br3751
post-down brctl delbr br1
post-down ifconfig eth1.3757 down
post-down ifconfig eth0.3757 down
post-down ifconfig eth1.3751 down
post-down ifconfig eth0.3751 down
post-down ifconfig eth1.1 down
post-down ifconfig eth0.1 down
post-down vconfig rem eth1.3757
post-down vconfig rem eth1.3751
post-down vconfig rem eth1.1
post-down vconfig rem eth0.3757
post-down vconfig rem eth0.3751
post-down vconfig rem eth0.1
post-down vconfig set_name_type VLAN_PLUS_VID_NO_PAD
post-down ifconfig eth1 down
post-down ifconfig eth0 down
provider dsl-qwest



http://openvpn.net/index.php/open-source/documentation/install.html?start=1
http://library.linode.com/networking/openvpn/ubuntu-10.04-lucid
https://help.ubuntu.com/10.10/serverguide/C/openvpn.html
http://openvpn.net/index.php/open-source/documentation/howto.html#startup

On Windows run as admin or it service. Otherwise, it cannot apply forced route data.
http://openvpn.se/files/howto/openvpn-howto_run_openvpn_as_nonadmin.html
HKEY_LOCAL_MACHINE\SOFTWARE\OpenVPN-GUI\allow_service

Create new host key:
cd /etc/openvpn/easy-rsa
source vars
./pkitool new-host-name

Revoke old host key:

cd /etc/openvpn/easy-rsa
source vars
./revoke-full old-host-name

PCAP over IP to NetworkMiner

Most are familiar with WireShark and how to use dumpcap to remotely create a pcap file. Below, see a remote dumpcap session streaming via NetCat to NetworkMiner packet analyzer by netresec.com. NetworkMiner is a forensics tool that decodes the real time pcap stream and displays the images, videos, files, sessions, and DNS traffic that it contains.

On NetworkMiner:
File > Receive Pcap over IP > Start

On your router:
dumpcap -i eth0 -P -w - -f "ether host 90:b6:86:24:61:86" | nc 10.0.5.2 57012
Where:
eth0 = The interface.vlan you want to capture. Leave the vlan off to capture all vlans and the vlan tags.
eth0.4 = Capture vlan 4 on the first physical ethernet interface.
90:b6:86:24:61:86 = The MAC address of the device you want
10.0.5.2 = The host running NetworkMiner (Do Not capture the traffic you are streaming. Loop)
57012 = the port NetworkMiner is listening on.

Ubuntu 12.04 VLAN trunk to OpenWRT 10.03.1 router

sudo su
apt-get install vlan
vconfig add eth0 2
vconfig add eth0 3
vconfig add eth0 4
ifconfig eth0 0.0.0.0
ifconfig eth0 mtu 1504
dhclient eth0.2
ifconfig eth0.2 mtu 1500
dhclient eth0.3
ifconfig eth0.3 mtu 1500
dhclient eth0.4
ifconfig eth0.4 mtu 1500
echo "nameserver 8.8.8.8" > /etc/resolv.conf
ping -M do -s 1472 -c 1 google.com
ifconfig


uname -a
Linux ubuntu 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

lspci
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168B PCI Express Gigabit Ethernet controller (rev 06)
lspci -n
02:00.0 0200: 10ec:8168 (rev 06)