Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
docs:techref:unetd [2023/12/21 23:15] – [Example setup] systemcrashdocs:techref:unetd [2023/12/22 01:17] (current) – [Example setup] systemcrash
Line 40: Line 40:
 ===== Example setup ===== ===== Example setup =====
  
-This set of example commands assumes two OpenWrt routers with the IP addresses ''192.168.1.13'' and ''192.168.1.15'' which have **not** been configured for unetd yet.+=== Preparation ===
  
-This creates a new JSON file test.json and also generates a signing key as test.json.key (if it doesn't exist already):+This set of example commands assumes two OpenWRT routers with the IP addresses ''192.168.1.13'' and ''192.168.1.15'' which have **not** been configured for unetd yet, each has ''unetd'', ''unet-cli'' and ''unet-tool'' installed. ''vxlan'' (and its implied ''kmod-vxlan'') are also installed. The assumption here is that the local host, here say ''192.168.1.2'' has these installed, and also forms a unet node. 
 + 
 +Note: ''unetd'' is not yet capable of installing these prerequisites above via ''opkg''.  
 + 
 +=== Example === 
 + 
 + 
 +This creates a new JSON file ''test.json'' locally and also generates a signing key in ''test.json.key'' locally (if it doesn't exist already):
   # unet-cli test.json create   # unet-cli test.json create
  
-This creates a VXLAN tunnel definition and adds all hosts that are members of the ''ap'' group:+Result: 
 +<code>test.json: 
 +
 + "config":
 + "port": 51830, 
 + "keepalive": 10, 
 + "peer-exchange-port": 51831 
 + }, 
 + "hosts":
 + }, 
 + "services":
 +
 +
 +</code> 
 + 
 + 
 +This creates a VXLAN tunnel definition in ''test.json'' and predicates hosts that are to be members of it via the ''ap'' group:
   # unet-cli test.json add-service l2-tunnel type=vxlan members=@ap   # unet-cli test.json add-service l2-tunnel type=vxlan members=@ap
  
-This connects to 192.168.1.13 over SSH, generates an unetd interface named ''unet'', along with new host keys, puts in the signing key and also tells it to create the ''vx0'' VXLAN device connected to the ''l2-tunnel'' service description we created in the last command, storing the public keys in test.json, along with the endpoint address ''192.168.1.13'':+Result: 
 +<code>test.json: 
 +
 + ... 
 + "services":
 + "l2-tunnel":
 + "config":
 + }, 
 + "members":
 + "@ap" 
 + ], 
 + "type": "vxlan" 
 +
 +
 +
 +</code> 
 + 
 +This connects to 192.168.1.13 over SSH, and on 192.168.1.13, generates an unetd interface named ''unet'', along with new host keys, puts in the signing key and also tells it to create the ''vx0'' VXLAN device connected to the ''l2-tunnel'' service description we created in the last command, storing its public key in the local ''test.json'', along with its endpoint address ''192.168.1.13'':
   # unet-cli test.json add-ssh-host ap1 root@192.168.1.13 endpoint=192.168.1.13 tunnels=vx0:l2-tunnel groups=ap   # unet-cli test.json add-ssh-host ap1 root@192.168.1.13 endpoint=192.168.1.13 tunnels=vx0:l2-tunnel groups=ap
 +
 +Note: you will authenticate via SSH, either user:pass or key based, if that was set up in advance.
 +
 +Result:
 +<code>test.json:
 +{
 + ...
 + "hosts": {
 + "ap1": {
 + "key": "....=",
 + "endpoint": "192.168.1.13",
 + "groups": [
 + "ap"
 + ]
 + }
 + },
 + ...
 +}</code>
  
 This does the same for the other host: This does the same for the other host:
   # unet-cli test.json add-ssh-host ap2 root@192.168.1.15 endpoint=192.168.1.15 tunnels=vx0:l2-tunnel groups=ap   # unet-cli test.json add-ssh-host ap2 root@192.168.1.15 endpoint=192.168.1.15 tunnels=vx0:l2-tunnel groups=ap
 +
 +Result:
 +<code>test.json:
 +{
 + ...
 + "hosts": {
 + ...
 + "ap2": {
 + "key": "...=",
 + "endpoint": "192.168.178.1",
 + "groups": [
 + "ap"
 + ]
 + }
 + },
 + ...
 +}</code>
  
 This signs the network data and uploads it to unetd running on 192.168.1.13: This signs the network data and uploads it to unetd running on 192.168.1.13:
   # unet-cli test.json sign upload=192.168.1.13   # unet-cli test.json sign upload=192.168.1.13
      
-Please note that in this case, uploading the data to one of the two hosts is enough, because once it (the first of two hosts) has processed the update, it will find the endpoint address of the other host and sync the network data with it automatically. After that last command, the unetd network should be up on both sides and the VXLAN tunnel created as well.+By now, uploading the data to one of the two hosts is enough, because once it (192.168.1.13) has processed the update, it (192.168.1.13) will find the endpoint address of the other host (192.168.1.15) and sync the network data with it automatically. After that last command, the unetd network should be up on both sidesand the VXLAN tunnel created as well.
  
 ===== Configuration ===== ===== Configuration =====
  • Last modified: 2023/12/21 23:15
  • by systemcrash