enoch/n2n
1
0
Fork 0
mirror of https://github.com/ntop/n2n.git synced 2024-09-19 16:41:11 +02:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

added support for N2N_FEDERATION environment variable (#820)

Browse Source
This commit is contained in:
Logan oos Even 2021-09-26 04:32:12 +05:45 committed by GitHub
parent 56a81f02b8
commit cc2b0b6b6b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Authentication.md
View File

@ -61,7 +61,7 @@ If a user chooses a new password or needs to be excluded from accessing the comm
When using this feature federation-wide, i.e. across several supernodes, please make sure to keep all supernodes' `community.list` files in sync. So, if you delete or change a user one supernode (or add it), you need to do it at all supernodes. There is no built-in sync for the `community.list` files across the federation. External tools such as _Syncthing_ or your very own script-driven scp-based-file-distribution might be of assistance. Also, with every change, you need to restart the supernode or issue the `reload_communites` command to the management port as outlined above. When using this feature federation-wide, i.e. across several supernodes, please make sure to keep all supernodes' `community.list` files in sync. So, if you delete or change a user one supernode (or add it), you need to do it at all supernodes. There is no built-in sync for the `community.list` files across the federation. External tools such as _Syncthing_ or your very own script-driven scp-based-file-distribution might be of assistance. Also, with every change, you need to restart the supernode or issue the `reload_communites` command to the management port as outlined above.
With a view to the detailed explanations below, your supernode(s) should have a non-default federation name given by the `-F <federation name>` command line parameter, e.g. `-F secretFed`. It is used to derive a private key at the supernode side and is only to be shared among supernodes. With a view to the detailed explanations below, your supernode(s) should have a non-default federation name given by the `-F <federation name>` command line parameter, e.g. `-F secretFed`. Alternatively, it can be passed through the environment variable `N2N_FEDERATION`. It is used to derive a private key at the supernode side and is only to be shared among supernodes.
#### Edge #### Edge

2
doc/Federation.md
View File

@ -24,7 +24,7 @@ Optionally, more anchor supernodes of the same federation can be provided to an
Supernodes should be able to communicate among each other as regular edges already do. For this purpose, a special community called federation was introduced. Federation provides mechanisms to connect the supernodes of the network, and enhance backup, fail-over and load-sharing, without any visible behavioral change. Supernodes should be able to communicate among each other as regular edges already do. For this purpose, a special community called federation was introduced. Federation provides mechanisms to connect the supernodes of the network, and enhance backup, fail-over and load-sharing, without any visible behavioral change.
The default name for the federation is `*Federation`. Internally, a madnatory special character is prepended to the name: that way, an edge won't be able to provide a regular community with the same name of the federation. Optionally, a user can choose a federation name (same on all supernodes) and provide it via `-F mySecretFed` option to the supernode. The default name for the federation is `*Federation`. Internally, a madnatory special character is prepended to the name: that way, an edge won't be able to provide a regular community with the same name of the federation. Optionally, a user can choose a federation name (same on all supernodes) and provide it via `-F mySecretFed` option to the supernode. Alternatively, the federation name can be passed through the environment variable `N2N_FEDERATION`.
Federated supernodes register to each other using REGISTER_SUPER message type. The answer, REGISTER_SUPER_ACK, contains a payload with informations about other supernodes in the network. Federated supernodes register to each other using REGISTER_SUPER message type. The answer, REGISTER_SUPER_ACK, contains a payload with informations about other supernodes in the network.

7
src/sn_utils.c
View File

@ -751,11 +751,14 @@ int sn_init_defaults (n2n_sn_t *sss) {
sss->max_auto_ip_net.net_addr = inet_addr(N2N_SN_MAX_AUTO_IP_NET_DEFAULT); sss->max_auto_ip_net.net_addr = inet_addr(N2N_SN_MAX_AUTO_IP_NET_DEFAULT);
sss->max_auto_ip_net.net_addr = ntohl(sss->max_auto_ip_net.net_addr); sss->max_auto_ip_net.net_addr = ntohl(sss->max_auto_ip_net.net_addr);
sss->max_auto_ip_net.net_bitlen = N2N_SN_AUTO_IP_NET_BIT_DEFAULT; sss->max_auto_ip_net.net_bitlen = N2N_SN_AUTO_IP_NET_BIT_DEFAULT;
sss->federation = (struct sn_community *)calloc(1, sizeof(struct sn_community));
sss->federation = (struct sn_community *)calloc(1, sizeof(struct sn_community));
/* Initialize the federation */ /* Initialize the federation */
if(sss->federation) { if(sss->federation) {
strncpy(sss->federation->community, (char*)FEDERATION_NAME, N2N_COMMUNITY_SIZE); if(getenv("N2N_FEDERATION"))
snprintf(sss->federation->community, N2N_COMMUNITY_SIZE - 1 ,"*%s", getenv("N2N_FEDERATION"));
else
strncpy(sss->federation->community, (char*)FEDERATION_NAME, N2N_COMMUNITY_SIZE);
sss->federation->community[N2N_COMMUNITY_SIZE - 1] = '\0'; sss->federation->community[N2N_COMMUNITY_SIZE - 1] = '\0';
/* enable the flag for federation */ /* enable the flag for federation */
sss->federation->is_federation = IS_FEDERATION; sss->federation->is_federation = IS_FEDERATION;

6
supernode.1
View File

@ -30,7 +30,7 @@ An equal sign ('=') should be used between key and value. Example: -p=7777
listen on this fixed local UDP port, defaults to 7654 listen on this fixed local UDP port, defaults to 7654
.TP .TP
\fB\-F \fR<\fIfed_name\fR> \fB\-F \fR<\fIfed_name\fR>
name of the supernode's federation, defaults to '*Federation' name of the supernode's federation, defaults to '*Federation' (see also N2N_FEDERATION in ENVIRONMENT)
.TP .TP
\fB\-l \fR<\fIhost:port\fR> \fB\-l \fR<\fIhost:port\fR>
ip address or name, and port of known supernode ip address or name, and port of known supernode
@ -101,6 +101,10 @@ netleo
.fi .fi
.PP .PP
More details on creating the allowed communities file are found in the Communities.md and Authentication.md documentation included with this package. More details on creating the allowed communities file are found in the Communities.md and Authentication.md documentation included with this package.
.SH ENVIRONMENT
.TP
.B N2N_FEDERATION
set the federation name so it is not visible at the command line
.SH EXAMPLES .SH EXAMPLES
.TP .TP
.B supernode -p 7654 -v .B supernode -p 7654 -v