enoch/n2n
1
0
Fork 0
mirror of https://github.com/ntop/n2n.git synced 2024-09-19 16:41:11 +02:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

added support for N2N_FEDERATION environment variable (#820)

Browse Source
This commit is contained in:
Logan oos Even 2021-09-26 04:32:12 +05:45 committed by GitHub
parent 56a81f02b8
commit cc2b0b6b6b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Authentication.md
View File

@ -61,7 +61,7 @@ If a user chooses a new password or needs to be excluded from accessing the comm
When using this feature federation-wide, i.e. across several supernodes, please make sure to keep all supernodes' `community.list` files in sync. So, if you delete or change a user one supernode (or add it), you need to do it at all supernodes. There is no built-in sync for the `community.list` files across the federation. External tools such as _Syncthing_ or your very own script-driven scp-based-file-distribution might be of assistance. Also, with every change, you need to restart the supernode or issue the `reload_communites` command to the management port as outlined above.
With a view to the detailed explanations below, your supernode(s) should have a non-default federation name given by the `-F <federation name>` command line parameter, e.g. `-F secretFed`. It is used to derive a private key at the supernode side and is only to be shared among supernodes.
With a view to the detailed explanations below, your supernode(s) should have a non-default federation name given by the `-F <federation name>` command line parameter, e.g. `-F secretFed`. Alternatively, it can be passed through the environment variable `N2N_FEDERATION`. It is used to derive a private key at the supernode side and is only to be shared among supernodes.
#### Edge

2
doc/Federation.md
View File

@ -24,7 +24,7 @@ Optionally, more anchor supernodes of the same federation can be provided to an
Supernodes should be able to communicate among each other as regular edges already do. For this purpose, a special community called federation was introduced. Federation provides mechanisms to connect the supernodes of the network, and enhance backup, fail-over and load-sharing, without any visible behavioral change.
The default name for the federation is `*Federation`. Internally, a madnatory special character is prepended to the name: that way, an edge won't be able to provide a regular community with the same name of the federation. Optionally, a user can choose a federation name (same on all supernodes) and provide it via `-F mySecretFed` option to the supernode.
The default name for the federation is `*Federation`. Internally, a madnatory special character is prepended to the name: that way, an edge won't be able to provide a regular community with the same name of the federation. Optionally, a user can choose a federation name (same on all supernodes) and provide it via `-F mySecretFed` option to the supernode. Alternatively, the federation name can be passed through the environment variable `N2N_FEDERATION`.
Federated supernodes register to each other using REGISTER_SUPER message type. The answer, REGISTER_SUPER_ACK, contains a payload with informations about other supernodes in the network.

7
src/sn_utils.c
View File

@ -751,11 +751,14 @@ int sn_init_defaults (n2n_sn_t *sss) {
sss->max_auto_ip_net.net_addr = inet_addr(N2N_SN_MAX_AUTO_IP_NET_DEFAULT);
sss->max_auto_ip_net.net_addr = ntohl(sss->max_auto_ip_net.net_addr);
sss->max_auto_ip_net.net_bitlen = N2N_SN_AUTO_IP_NET_BIT_DEFAULT;
sss->federation = (struct sn_community *)calloc(1, sizeof(struct sn_community));
sss->federation = (struct sn_community *)calloc(1, sizeof(struct sn_community));
/* Initialize the federation */
if(sss->federation) {
strncpy(sss->federation->community, (char*)FEDERATION_NAME, N2N_COMMUNITY_SIZE);
if(getenv("N2N_FEDERATION"))
snprintf(sss->federation->community, N2N_COMMUNITY_SIZE - 1 ,"*%s", getenv("N2N_FEDERATION"));
else
strncpy(sss->federation->community, (char*)FEDERATION_NAME, N2N_COMMUNITY_SIZE);
sss->federation->community[N2N_COMMUNITY_SIZE - 1] = '\0';
/* enable the flag for federation */
sss->federation->is_federation = IS_FEDERATION;

6
supernode.1
View File

@ -30,7 +30,7 @@ An equal sign ('=') should be used between key and value. Example: -p=7777
listen on this fixed local UDP port, defaults to 7654
.TP
\fB\-F \fR<\fIfed_name\fR>
name of the supernode's federation, defaults to '*Federation'
name of the supernode's federation, defaults to '*Federation' (see also N2N_FEDERATION in ENVIRONMENT)
.TP
\fB\-l \fR<\fIhost:port\fR>
ip address or name, and port of known supernode
@ -101,6 +101,10 @@ netleo
.fi
.PP
More details on creating the allowed communities file are found in the Communities.md and Authentication.md documentation included with this package.
.SH ENVIRONMENT
.TP
.B N2N_FEDERATION
set the federation name so it is not visible at the command line
.SH EXAMPLES
.TP
.B supernode -p 7654 -v