CRXN
/
docs
mirror of https://codeberg.org/CRXN/docs.git
1
0
Fork 0
Code Releases Activity

Merge https://codeberg.org/CRXN/docs into babeld_interface

This commit is contained in:
Marek Küthe 2023-01-08 15:00:27 +01:00
parent 5a6ef25644 08de6a67bb
commit 68f437c9cc
5 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/routing/babeld/babeld.md
View File

@ -145,6 +145,11 @@ babeld offers a local configuration interface. This can be activated with the fl
babeld -g 33123
```
If babeld is used with Systemd, you can change the arguments in the `/etc/default/babeld` file:
```
DAEMON_ARGS="-S /var/lib/babeld/state -g 33123"
```
The configuration interface can be used to find out various status information on the one hand and to configure babeld on the other. Furthermore, the configuration interface can be used by monitoring programs such as babelweb2.
To connect to the configuration interface, you can use telnet:
@ -186,3 +191,4 @@ The routes learned from the babel neighbors are displayed here. Here `<nid>` is
- [babeld FAQ](https://www.irif.fr/~jch/software/babel/faq.html)
- [babeld mailling list](https://alioth-lists.debian.net/pipermail/babel-users/)
- [babeld source code](https://github.com/jech/babeld)
- [Babel configuration by Réseau Libre](https://wiki.reseaulibre.ca/documentation/babel/)

6
docs/routing/babeld/maxlen-filter.md Normal file
View File

@ -0,0 +1,6 @@
# Implement max-len filter
To implement a max-length filter, we need a rule/policy/filter file that contains the corresponding prefixes with their maximum length. The entitydb contains a bash script `build_maxlen_filter.sh` for this purpose. If you run this script with the argument `babeld`, you will get a babeld-compatible list.
This list can now be inserted into the configuration file instead of `in ip fd00::/8 le 64 ge 44 allow`. It is recommended to automate this process.

5
docs/routing/bird/bird.md
View File

@ -300,7 +300,6 @@ Help can be obtained by typing the command and then a `?`.
Babel uses port 6696/udp and the multicast address `ff02::1:6`. Accordingly, port 6696/udp must be enabled locally.
## Old bird configurations
## Further links
Old configuration can be found [here](old-configuration).
Very old configuration can be found [here](very-old-configuration).
- [bird documentation](https://bird.network.cz/?get_doc&f=bird.html&v=20)

2
docs/routing/index.md
View File

@ -10,3 +10,5 @@
## babeld
- [Setting up Babeld](babeld/babeld)
- [max-len filter in babeld](babeld/maxlen-filter)
- [babelweb2](babeld/babelweb2)

15
docs/tunneling/fastd.md
View File

@ -31,6 +31,9 @@ mode multitap;
# The encryption method (don't change this unless you need to)
method "salsa2012+umac";
method "salsa2012+poly1305";
method "salsa20+umac";
method "salsa20+poly1305";
# Bind to and listen for incoming connections on this address and port
bind [::]:<port>;
@ -103,6 +106,17 @@ Now we need to fill in the peer details of the node you are connecting to:
Fastd can provide a tunnel with `multitap` mode on layer 2 or a tunnel with `tun` mode on layer 3. Note that the fatsd has 20 bytes less overhead when using tun.
### Methods
fastd supports various transmission encryptions. The encryption and authentication recommended by fastd is `salsa2012+umac`. If you specify multiple encryption methods, the first one specified is preferred. The others are used as fallbacks if the peer does not support the preferred one.
fastd has three groups of transmission ciphers:
- Encrypt and Authenticate
- Authenticate Only
- Transfer Only without Authentication
It should be noted that poly1305 is very slow on embedded systems and AES is very slow without OpenSSL.
When fastd is used without encryption or authentication, the data is authenticated only by the sender IP address. This authentication can be disabled with `float yes;`.
### MTU
The default MTU of a fastd tunnel is 1500 bytes. However, this can be problematic if the Internet uplink also has an MTU of 1500 or less. In this case IP fragmentation can occur. This is usually something you want to avoid.
@ -139,3 +153,4 @@ To enable the systemd unit on startup run `systemctl enable fastd@crxn`
- [fastd documentation](https://fastd.readthedocs.io/en/stable/)
- [fastd mtu documentation](https://fastd.readthedocs.io/en/stable/manual/mtu.html)
- [Encryption & authentication methods in fastd](https://fastd.readthedocs.io/en/stable/manual/methods.html)