mirror of
https://github.com/ntop/n2n.git
synced 2024-09-19 16:41:11 +02:00
Updated formatting
This commit is contained in:
parent
c43c929080
commit
cca6f1068c
33
README.md
33
README.md
|
@ -1,5 +1,6 @@
|
|||
|
||||
|
||||
|
||||
Edge node
|
||||
---------
|
||||
|
||||
|
@ -9,24 +10,26 @@ community.
|
|||
0. become root
|
||||
|
||||
1. create tun device
|
||||
$ tunctl -t tun0
|
||||
`$ tunctl -t tun0`
|
||||
|
||||
3. enable the edge process
|
||||
$ ./edge -d n2n0 -c mynetwork -k encryptme -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw
|
||||
2. enable the edge process
|
||||
`$ ./edge -d n2n0 -c mynetwork -k encryptme -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw`
|
||||
or
|
||||
$ N2N_KEY=encryptme ./edge -d n2n0 -c mynetwork -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw
|
||||
`$ N2N_KEY=encryptme ./edge -d n2n0 -c mynetwork -u 99 -g 99 -m 3C:A0:12:34:56:78 -a 1.2.3.4 -l a.b.c.d:xyw`
|
||||
|
||||
Once you have this worked out, you can add the "-f" option to make edge detach
|
||||
Once you have this worked out, you can add the `-f` option to make edge detach
|
||||
and run as a daemon.
|
||||
|
||||
Note that -u, -g and -f options are not available for Windows.
|
||||
Note that `-u`, `-g` and `-f` options are not available for Windows.
|
||||
|
||||
|
||||
Supernode
|
||||
--------
|
||||
|
||||
You need to start the supernode once
|
||||
|
||||
1. ./supernode -l 1234 -v
|
||||
1. `./supernode -l 1234 -v`
|
||||
|
||||
|
||||
|
||||
Dropping Root Privileges and SUID-Root Executables (UNIX)
|
||||
|
@ -36,14 +39,14 @@ The edge node uses superuser privileges to create a TAP network interface
|
|||
device. Once this is created root privileges are not required and can constitute
|
||||
a security hazard if there is some way for an attacker to take control of an
|
||||
edge process while it is running. Edge will drop to a non-privileged user if you
|
||||
specify the -u <uid> and -g <gid> options. These are numeric IDs. Consult
|
||||
/etc/passwd.
|
||||
specify the `-u <uid>` and `-g <gid>` options. These are numeric IDs. Consult
|
||||
`/etc/passwd`.
|
||||
|
||||
You may choose to install edge SUID-root to do this:
|
||||
|
||||
1. Become root
|
||||
2. chown root:root edge
|
||||
3. chmod +s edge
|
||||
2. `chown root:root edge`
|
||||
3. `chmod +s edge`
|
||||
done
|
||||
|
||||
Any user can now run edge. You may not want this, but it may be convenient and
|
||||
|
@ -53,7 +56,7 @@ safe if your host has only one login user.
|
|||
Running As a Daemon (UNIX)
|
||||
-------------------
|
||||
|
||||
Unless given "-f" as a command line option, edge will call daemon(3) after
|
||||
Unless given `-f` as a command line option, edge will call daemon(3) after
|
||||
successful setup. This causes the process to fork a child which closes stdin,
|
||||
stdout and stderr then sets itself as process group leader. When this is done,
|
||||
the edge command returns immediately and you will only see the edge process in
|
||||
|
@ -77,10 +80,10 @@ the edge command line.
|
|||
eg. under linux:
|
||||
|
||||
on hostA:
|
||||
[hostA] $ /sbin/ip -6 addr add fc00:abcd:1234::7/48 dev n2n0
|
||||
`[hostA] $ /sbin/ip -6 addr add fc00:abcd:1234::7/48 dev n2n0`
|
||||
|
||||
on hostB:
|
||||
[hostB] $ /sbin/ip -6 addr add fc00:abcd:1234::6/48 dev n2n0
|
||||
`[hostB] $ /sbin/ip -6 addr add fc00:abcd:1234::6/48 dev n2n0`
|
||||
|
||||
You may find it useful to make use of tunctl from the uml-utilities
|
||||
package. Tunctl allow you to bring up a TAP interface and configure addressing
|
||||
|
@ -97,7 +100,7 @@ Performance Notes
|
|||
|
||||
The time taken to perform a ping test for various ciphers is given below:
|
||||
|
||||
Test: ping -f -l 8 -s 800 -c 10000 <far_edge>
|
||||
Test: `ping -f -l 8 -s 800 -c 10000 <far_edge>`
|
||||
|
||||
AES (-O0) 11820
|
||||
TF (-O0) 25761
|
||||
|
|
Loading…
Reference in New Issue
Block a user