piconet in your own computer

pan · Post by **pan** » Tue Sep 21, 2021 11:39 am

no tech support as those in ecs360. use at your own risk you need a (minimized) ubuntu server (no desktop/gui needed) virtual machine or docker container

Code: Select all

# delete h1 h2 r if any
ip netns del h1
ip netns del h2
ip netns del r

# create linux network namespaces (netns)
ip netns add h1
ip netns add h2
ip netns add r

# see the created namespaces
ip netns

# create virtual ethernet (veth) links
ip link add h1-eth0 type veth peer name r-eth0
ip link add h2-eth0 type veth peer name r-eth1

# see the created virtual links
ip link

# set each link in its network namespace
ip link set h1-eth0 netns h1
ip link set h2-eth0 netns h2
ip link set r-eth0 netns r
ip link set r-eth1 netns r

# configure each network interface with ip address by running ip address (a) in their namespace (netns exec)
ip netns exec h1 ip a add 192.168.1.100/24 dev h1-eth0
ip netns exec r ip a add 192.168.1.1/24 dev r-eth0
ip netns exec r ip a add 10.10.1.1/24 dev r-eth1
ip netns exec h2 ip a add 10.10.1.100/24 dev h2-eth0

# bring up each configured interface by ip link
ip netns exec h1 ip link set h1-eth0 up
ip netns exec r ip link set r-eth0 up
ip netns exec r ip link set r-eth1 up
ip netns exec h2 ip link set h2-eth0 up

# test each link for connectivity
ip netns exec h1 ping -c 5 192.168.1.1
ip netns exec h2 ping -c 5 10.10.1.1

# set routing on h1 and h2 properly by ip route
ip netns exec h1 ip route add default via 192.168.1.1
ip netns exec h2 ip route add default via 10.10.1.1

# test the entire path for connectivity
ip netns exec h1 ping -c 5 10.10.1.100

# traceroute the entire path
ip netns exec h1 traceroute -n 10.10.1.100

make sure /proc/sys/net/ipv4/ip_forward is set to 1, so r can invoke forwarding after the routing decision

pan · Post by **pan** » Wed Sep 22, 2021 8:49 am

pan wrote:
make sure /proc/sys/net/ipv4/ip_forward is set to 1, so r can invoke forwarding after the routing decision

expected output

Code: Select all

# sh piconet.sh                                                                                               

h1                                                                                                                          

h2                                                                                                                          

r                                                                                                                           

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1                       

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00                                                                   

2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1                                      

    link/sit 0.0.0.0 brd 0.0.0.0                                                                                            

19: r-eth0@h1-eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000        

    link/ether 92:f9:80:ba:d6:ed brd ff:ff:ff:ff:ff:ff                                                                      

20: h1-eth0@r-eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000        

    link/ether 32:f9:d4:16:6e:c5 brd ff:ff:ff:ff:ff:ff                                                                      

21: r-eth1@h2-eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000        

    link/ether 42:4c:eb:3a:19:4c brd ff:ff:ff:ff:ff:ff                                                                      

22: h2-eth0@r-eth1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000        

    link/ether 22:03:36:d1:5a:50 brd ff:ff:ff:ff:ff:ff                                                                      

35: eth0@if36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default                 

    link/ether 02:42:ac:11:00:04 brd ff:ff:ff:ff:ff:ff link-netnsid 0                                                       

PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.                                                                        

64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.090 ms                                                                  

64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.106 ms                                                                  

64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.062 ms                                                                  

64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=0.109 ms                                                                  

64 bytes from 192.168.1.1: icmp_seq=5 ttl=64 time=0.065 ms                                                                  
                                                                                                                            

--- 192.168.1.1 ping statistics ---                                                                                         

5 packets transmitted, 5 received, 0% packet loss, time 4000ms                                                              

rtt min/avg/max/mdev = 0.062/0.086/0.109/0.021 ms                                                                           

PING 10.10.1.1 (10.10.1.1) 56(84) bytes of data.                                                                            

64 bytes from 10.10.1.1: icmp_seq=1 ttl=64 time=0.092 ms                                                                    

64 bytes from 10.10.1.1: icmp_seq=2 ttl=64 time=0.104 ms                                                                    

64 bytes from 10.10.1.1: icmp_seq=3 ttl=64 time=0.063 ms                                                                    

64 bytes from 10.10.1.1: icmp_seq=4 ttl=64 time=0.167 ms                                                                    

64 bytes from 10.10.1.1: icmp_seq=5 ttl=64 time=0.066 ms                                                                    
                                                                                                                            

--- 10.10.1.1 ping statistics ---                                                                                           

5 packets transmitted, 5 received, 0% packet loss, time 4000ms                                                              

rtt min/avg/max/mdev = 0.063/0.098/0.167/0.038 ms                                                                           

PING 10.10.1.100 (10.10.1.100) 56(84) bytes of data.                                                                        

64 bytes from 10.10.1.100: icmp_seq=1 ttl=63 time=0.083 ms                                                                  

64 bytes from 10.10.1.100: icmp_seq=2 ttl=63 time=0.174 ms                                                                  

64 bytes from 10.10.1.100: icmp_seq=3 ttl=63 time=0.121 ms                                                                  

64 bytes from 10.10.1.100: icmp_seq=4 ttl=63 time=0.147 ms                                                                  

64 bytes from 10.10.1.100: icmp_seq=5 ttl=63 time=0.128 ms                                                                  
                                                                                                                            

--- 10.10.1.100 ping statistics ---                                                                                         

5 packets transmitted, 5 received, 0% packet loss, time 3999ms                                                              

rtt min/avg/max/mdev = 0.083/0.130/0.174/0.032 ms                                                                           

traceroute to 10.10.1.100 (10.10.1.100), 30 hops max, 60 byte packets                                                       

 1  192.168.1.1  0.098 ms  0.013 ms  0.014 ms                                                                               

 2  10.10.1.100  0.052 ms  0.074 ms  0.019 ms

pan · Post by **pan** » Wed Sep 22, 2021 12:54 pm

next we will link the r namespace to the piconet "host", and put nat for host-nat traffic, so r can reach the piconet host and also the internet and back too

Code: Select all

# create the virtual link to connect r and host, bring up the interfaces and assign ip addresses accordingly, with nat
ip link add host-nat type veth peer name r-eth2
ip link set r-eth2 netns r
ip netns exec r ip link set r-eth2 up
ip netns exec r ip a add 172.16.1.1/24 dev r-eth2
ip netns exec r ip r add default via 172.16.1.2
ip link set host-nat up
ip a add 172.16.1.2/24 dev host-nat
iptables -t nat -D POSTROUTING -j MASQUERADE -s 172.16.1.0/24 -o eth0
iptables -t nat -A POSTROUTING -j MASQUERADE -s 172.16.1.0/24 -o eth0

# test the connectivity between r and the piconet host, and the internet
ip netns exec r ping -c 5 172.16.1.2
ip netns exec r traceroute -n 8.8.8.8

pan · Post by **pan** » Wed Sep 22, 2021 1:08 pm

expected output

Code: Select all

PING 172.16.1.2 (172.16.1.2) 56(84) bytes of data.                                                                          

64 bytes from 172.16.1.2: icmp_seq=1 ttl=64 time=0.084 ms                                                                   

64 bytes from 172.16.1.2: icmp_seq=2 ttl=64 time=0.105 ms                                                                   

64 bytes from 172.16.1.2: icmp_seq=3 ttl=64 time=0.106 ms                                                                   

64 bytes from 172.16.1.2: icmp_seq=4 ttl=64 time=0.106 ms                                                                   

64 bytes from 172.16.1.2: icmp_seq=5 ttl=64 time=0.109 ms                                                                   
                                                                                                                            

--- 172.16.1.2 ping statistics ---                                                                                          

5 packets transmitted, 5 received, 0% packet loss, time 3999ms                                                              

rtt min/avg/max/mdev = 0.084/0.102/0.109/0.009 ms                                                                           

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets                                                               

 1  172.16.1.2  0.062 ms  0.014 ms  0.012 ms                                                                                

 2  172.17.0.1  0.048 ms  0.024 ms  0.024 ms                                                                                

 3  142.104.68.1  0.381 ms  0.470 ms  0.551 ms                                                                              

 4  192.168.9.5  0.642 ms  0.619 ms  0.597 ms                                                                               

 5  192.168.10.1  0.777 ms  0.747 ms  0.834 ms                                                                              

 6  192.168.8.6  0.813 ms  0.716 ms  0.791 ms                                                                               

 7  142.104.100.149  0.661 ms  0.524 ms  0.501 ms                                                                           

 8  142.104.100.97  1.070 ms  1.019 ms  1.080 ms                                                                            

 9  * * *                                                                                                                   

10  * * *                                                                                                                   

11  * * *                                                                                                                   

12  * * *                                                                                                                   

13  * * 74.125.243.193  3.450 ms                                                                                            

14  * 142.251.55.197  3.547 ms 142.251.55.201  3.559 ms                                                                     

15  8.8.8.8  66.540 ms  65.099 ms  64.908 ms

pan · Post by **pan** » Wed Sep 22, 2021 1:21 pm

how to get ubuntu virtual machine on your macos or windows https://multipass.run/

Get an instant Ubuntu VM with a single command. Multipass can launch and run virtual machines and configure them with cloud-init like a public cloud. Prototype your cloud launches locally for free.

use 18.04 bionic

to save your cpu and ram resources, docker is recommended. to run ubuntu container on your macos or windows, first get docker https://docs.docker.com/get-docker/ (supporting apple silicon m1 chip https://doesitarm.com/formula/docker/) and then get ubuntu docker image from https://hub.docker.com/_/ubuntu

pan · Post by **pan** » Wed Sep 29, 2021 2:16 pm

Code: Select all

# now we will install a recursive dns server (deadwood) and client-side tools (nslookup) in r
apt-get install maradns-deadwood dnsutils

# deadwood requires a resource configuration file, by default at /etc/maradns/deadwood/dwood3rc
echo "ipv4_bind_addresses = \"172.16.1.1\"" > /etc/maradns/deadwood/dwood3rc
echo "chroot_dir = \"/etc/maradns\"" >> /etc/maradns/deadwood/dwood3rc
echo "recursive_acl = \"172.16.1.0/24, 192.168.1.0/24, 10.10.1.0/24\"" >> /etc/maradns/deadwood/dwood3rc

# run deadwood on r
ip netns exec r deadwood

and expected output

Code: Select all

Deadwood version 3.2.09
Deadwood: A DNS UDP non-recursive cache (IPv6 supported)
We bound to 1 addresses
Using default ICANN root servers: 198.41.0.4,192.228.79.201,192.33.4.12,199.7.91.13,192.203.230.10,192.5.5.241,192.112.36.4,
128.63.2.53,192.36.148.17,192.58.128.30,193.0.14.129,199.7.83.42,202.12.27.33

to see the dns interaction between h1 and r

Code: Select all

# ip netns exec r tcpdump -l -n -i r-eth0 udp port 53

to see the dns interaction between r and external dns servers

Code: Select all

# tcpdump -n -l -i host-nat udp port 53

to trigger the dns interaction, use nslookup on h1

Code: Select all

# ip netns exec h1 nslookup www.cs.uvic.ca. 172.16.1.1

and expected output on h1

Code: Select all

Server:         172.16.1.1
Address:        172.16.1.1#53
                                                                                                                            

Non-authoritative answer:
www.cs.uvic.ca  canonical name = rweb.cs.uvic.ca.
Name:   rweb.cs.uvic.ca                                                             

Address: 142.104.71.16

on r

Code: Select all

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on r-eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548454 IP 192.168.1.100.42260 > 172.16.1.1.53: 6500+ A? www.cs.uvic.ca. (32)
20:51:43.647167 IP 172.16.1.1.53 > 192.168.1.100.42260: 6500 2/0/0 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (67)
20:51:43.647523 IP 192.168.1.100.41385 > 172.16.1.1.53: 8322+ AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702377 IP 172.16.1.1.53 > 192.168.1.100.41385: 8322 0/1/0 (86)

and on piconet

Code: Select all

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on host-nat, link-type EN10MB (Ethernet), capture size 262144 bytes
20:51:42.548553 IP 172.16.1.1.15625 > 192.203.230.10.53: 13771 A? www.cs.uvic.ca. (32)
20:51:42.552287 IP 192.203.230.10.53 > 172.16.1.1.15625: 13771- 0/4/8 (285)
20:51:42.552412 IP 172.16.1.1.15695 > 199.4.144.2.53: 7262 A? www.cs.uvic.ca. (32)
20:51:42.591183 IP 199.4.144.2.53 > 172.16.1.1.15695: 7262- 0/3/3 (143)
20:51:42.591337 IP 172.16.1.1.18745 > 216.171.224.23.53: 35109 A? www.cs.uvic.ca. (32)
20:51:43.646471 IP 172.16.1.1.17633 > 142.104.80.2.53: 11340 [b2&3=0x80] A? www.cs.uvic.ca. (32)
20:51:43.647072 IP 142.104.80.2.53 > 172.16.1.1.17633: 11340* 2/5/5 CNAME rweb.cs.uvic.ca., A 142.104.71.16 (248)
20:51:43.647594 IP 172.16.1.1.16239 > 216.171.224.23.53: 40863 AAAA? rweb.cs.uvic.ca. (33)
20:51:44.701501 IP 172.16.1.1.16366 > 142.104.80.2.53: 12437 [b2&3=0x80] AAAA? rweb.cs.uvic.ca. (33)
20:51:44.702292 IP 142.104.80.2.53 > 172.16.1.1.16366: 12437* 0/1/0 (86)

pan · Post by **pan** » Wed Jan 18, 2023 3:38 pm

pan wrote:
no tech support as those in ecs360. use at your own risk you need a (minimized) ubuntu server (no desktop/gui needed) virtual machine or docker container

you can

Code: Select all

ip netns exec h1 bash

to have a bash environment on h1, and type

Code: Select all

ping -c 5 10.10.1.100

directly to ping from h1 to h2 instead of prefixing the "ip netns exec h1" to it. in addition, you can change the bash prompt

Code: Select all

export PS1="\u@h1:\w# "

to be clear too

pan · Post by **pan** » Mon Jan 23, 2023 3:10 pm

Deadwood version 3.2.09

please be aware that for domains requires dnssec, deadwood does not work properly. similar to picolab, use bind9 instead

Panlab: Brewing IDEAS

piconet in your own computer

piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer

Re: piconet in your own computer