Merge branch 'develop' into coretk-enhance/error-dialog

This commit is contained in:
Huy Pham 2020-02-05 15:56:15 -08:00
commit 80f47a5d4c
22 changed files with 599 additions and 343 deletions

View file

@ -527,6 +527,10 @@ class CoreHandler(socketserver.BaseRequestHandler):
"%s handling message:\n%s", threading.currentThread().getName(), message
)
# provide to sdt, if enabled
if self.session and self.session.sdt.is_enabled():
self.session.sdt.handle_distributed(message)
if message.message_type not in self.message_handlers:
logging.error("no handler for message type: %s", message.type_str())
return

View file

@ -1,6 +1,10 @@
from typing import Any, Dict
import netaddr
from core.config import Configuration
from core.configservice.base import ConfigService, ConfigServiceMode
from core.emulator.enumerations import ConfigDataTypes
GROUP_NAME = "Security"
@ -16,11 +20,30 @@ class VpnClient(ConfigService):
validate = ["pidof openvpn"]
shutdown = ["killall openvpn"]
validation_mode = ConfigServiceMode.BLOCKING
default_configs = []
default_configs = [
Configuration(
_id="keydir",
_type=ConfigDataTypes.STRING,
label="Key Dir",
default="/etc/core/keys",
),
Configuration(
_id="keyname",
_type=ConfigDataTypes.STRING,
label="Key Name",
default="client1",
),
Configuration(
_id="server",
_type=ConfigDataTypes.STRING,
label="Server",
default="10.0.2.10",
),
]
modes = {}
class VPNServer(ConfigService):
class VpnServer(ConfigService):
name = "VPNServer"
group = GROUP_NAME
directories = []
@ -31,9 +54,39 @@ class VPNServer(ConfigService):
validate = ["pidof openvpn"]
shutdown = ["killall openvpn"]
validation_mode = ConfigServiceMode.BLOCKING
default_configs = []
default_configs = [
Configuration(
_id="keydir",
_type=ConfigDataTypes.STRING,
label="Key Dir",
default="/etc/core/keys",
),
Configuration(
_id="keyname",
_type=ConfigDataTypes.STRING,
label="Key Name",
default="server",
),
Configuration(
_id="subnet",
_type=ConfigDataTypes.STRING,
label="Subnet",
default="10.0.200.0",
),
]
modes = {}
def data(self) -> Dict[str, Any]:
address = None
for ifc in self.node.netifs():
if getattr(ifc, "control", False):
continue
for x in ifc.addrlist:
addr = x.split("/")[0]
if netaddr.valid_ipv4(addr):
address = addr
return dict(address=address)
class IPsec(ConfigService):
name = "IPsec"

View file

@ -4,16 +4,16 @@
# OpenVPN software and a virtual TUN/TAP device.
# directory containing the certificate and key described below
keydir=/etc/core/keys
keydir=${config["keydir"]}
# the name used for a "$keyname.crt" certificate and "$keyname.key" private key.
keyname=client1
keyname=${config["keyname"]}
# the public IP address of the VPN server this client should connect with
vpnserver="10.0.2.10"
vpnserver=${config["server"]}
# optional next hop for adding a static route to reach the VPN server
nexthop="10.0.1.1"
#nexthop="10.0.1.1"
# --------- END CUSTOMIZATION --------

View file

@ -7,29 +7,29 @@
# directory containing the certificate and key described below, in addition to
# a CA certificate and DH key
keydir=/etc/core/keys
keydir=${config["keydir"]}
# the name used for a "$keyname.crt" certificate and "$keyname.key" private key.
keyname=server2
keyname=${config["keyname"]}
# the VPN subnet address from which the client VPN IP (for the TUN/TAP)
# will be allocated
vpnsubnet=10.0.200.0
vpnsubnet=${config["subnet"]}
# public IP address of this vpn server (same as VPNClient vpnserver= setting)
vpnserver=10.0.2.10
vpnserver=${address}
# optional list of private subnets reachable behind this VPN server
# each subnet and next hop is separated by a space
# "<subnet1>,<nexthop1> <subnet2>,<nexthop2> ..."
privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1"
#privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1"
# optional list of VPN clients, for statically assigning IP addresses to
# clients; also, an optional client subnet can be specified for adding static
# routes via the client
# Note: VPN addresses x.x.x.0-3 are reserved
# "<keyname>,<vpnIP>,<subnetIP> <keyname>,<vpnIP>,<subnetIP> ..."
vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,,"
#vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,,"
# NOTE: you may need to enable the StaticRoutes service on nodes within the
# private subnet, in order to have routes back to the client.
@ -73,7 +73,7 @@ cat << EOF
# openvpn server config
local $vpnserver
server $vpnsubnet 255.255.255.0
push redirect-gateway def1
push "redirect-gateway def1"
EOF
)> $PWD/server.conf

View file

@ -94,6 +94,7 @@ def check_directory():
},
"servers": [{"name": "example", "address": "127.0.0.1", "port": 50051}],
"nodes": [],
"recentfiles": [],
"observers": [{"name": "hello", "cmd": "echo hello"}],
}
save(config)

View file

@ -24,6 +24,8 @@ from core.gui.dialogs.sessions import SessionsDialog
from core.gui.dialogs.throughput import ThroughputDialog
from core.gui.task import BackgroundTask
MAX_FILES = 3
if TYPE_CHECKING:
from core.gui.app import Application
@ -86,6 +88,7 @@ class MenuAction:
defaultextension=".xml",
)
if file_path:
self.add_recent_file_to_gui_config(file_path)
self.app.core.save_xml(file_path)
def file_open_xml(self, event: tk.Event = None):
@ -101,6 +104,7 @@ class MenuAction:
def open_xml_task(self, filename):
if filename:
self.add_recent_file_to_gui_config(filename)
self.app.core.xml_file = filename
self.app.core.xml_dir = str(os.path.dirname(filename))
self.prompt_save_running_session()
@ -170,3 +174,21 @@ class MenuAction:
def config_throughput(self):
dialog = ThroughputDialog(self.app, self.app)
dialog.show()
def add_recent_file_to_gui_config(self, file_path):
recent_files = self.app.guiconfig["recentfiles"]
num_files = len(recent_files)
if num_files == 0:
recent_files.insert(0, file_path)
elif 0 < num_files <= MAX_FILES:
if file_path in recent_files:
recent_files.remove(file_path)
recent_files.insert(0, file_path)
else:
if num_files == MAX_FILES:
recent_files.pop()
recent_files.insert(0, file_path)
else:
logging.error("unexpected number of recent files")
self.app.save_config()
self.app.menubar.update_recent_files()

View file

@ -24,6 +24,7 @@ class Menubar(tk.Menu):
self.master.config(menu=self)
self.app = app
self.menuaction = action.MenuAction(app, master)
self.recent_menu = None
self.draw()
def draw(self):
@ -58,9 +59,12 @@ class Menubar(tk.Menu):
menu.add_command(label="Reload", underline=0, state=tk.DISABLED)
self.app.bind_all("<Control-s>", self.save)
# some hard code values for testing
recent = tk.Menu(menu)
menu.add_cascade(label="Recent files", menu=recent)
self.recent_menu = tk.Menu(menu)
for i in self.app.guiconfig["recentfiles"]:
self.recent_menu.add_command(
label=i, command=partial(self.open_recent_files, i)
)
menu.add_cascade(label="Recent files", menu=self.recent_menu)
menu.add_separator()
menu.add_command(label="Export Python script...", state=tk.DISABLED)
menu.add_command(label="Execute XML or Python script...", state=tk.DISABLED)
@ -422,7 +426,14 @@ class Menubar(tk.Menu):
else:
logging.warning("File does not exist %s", filename)
def save(self):
def update_recent_files(self):
self.recent_menu.delete(0, tk.END)
for i in self.app.guiconfig["recentfiles"]:
self.recent_menu.add_command(
label=i, command=partial(self.open_recent_files, i)
)
def save(self, event=None):
xml_file = self.app.core.xml_file
if xml_file:
self.app.core.save_xml(xml_file)

View file

@ -242,8 +242,8 @@ class Sdt:
if self.sock is None:
return False
try:
logging.info("sdt: %s", cmdstr)
self.sock.sendall(f"{cmdstr}\n")
cmd = f"{cmdstr}\n".encode()
self.sock.sendall(cmd)
return True
except IOError:
logging.exception("SDT connection error")

View file

@ -13,13 +13,13 @@ keyname=client1
vpnserver="10.0.2.10"
# optional next hop for adding a static route to reach the VPN server
nexthop="10.0.1.1"
#nexthop="10.0.1.1"
# --------- END CUSTOMIZATION --------
# validate addresses
if [ "$(dpkg -l | grep " sipcalc ")" = "" ]; then
echo "WARNING: ip validation disabled because package sipcalc not installed
echo "WARNING: ip validation disabled because package sipcalc not installed
" > $PWD/vpnclient.log
else
if [ "$(sipcalc "$vpnserver" "$nexthop" | grep ERR)" != "" ]; then
@ -59,5 +59,5 @@ verb 4
daemon
EOF
) > client.conf
openvpn --config client.conf

View file

@ -12,7 +12,7 @@ keydir=/etc/core/keys
# the name used for a "$keyname.crt" certificate and "$keyname.key" private key.
keyname=server2
# the VPN subnet address from which the client VPN IP (for the TUN/TAP)
# the VPN subnet address from which the client VPN IP (for the TUN/TAP)
# will be allocated
vpnsubnet=10.0.200.0
@ -22,18 +22,18 @@ vpnserver=10.0.2.10
# optional list of private subnets reachable behind this VPN server
# each subnet and next hop is separated by a space
# "<subnet1>,<nexthop1> <subnet2>,<nexthop2> ..."
privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1"
#privatenets="10.0.11.0,10.0.10.1 10.0.12.0,10.0.10.1"
# optional list of VPN clients, for statically assigning IP addresses to
# clients; also, an optional client subnet can be specified for adding static
# routes via the client
# Note: VPN addresses x.x.x.0-3 are reserved
# "<keyname>,<vpnIP>,<subnetIP> <keyname>,<vpnIP>,<subnetIP> ..."
vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,,"
#vpnclients="client1KeyFilename,10.0.200.5,10.0.0.0 client2KeyFilename,,"
# NOTE: you may need to enable the StaticRoutes service on nodes within the
# private subnet, in order to have routes back to the client.
# /sbin/ip ro add <vpnsubnet>/24 via <vpnServerRemoteInterface>
# /sbin/ip ro add <vpnsubnet>/24 via <vpnServerRemoteInterface>
# /sbin/ip ro add <vpnClientSubnet>/24 via <vpnServerRemoteInterface>
# -------- END CUSTOMIZATION --------
@ -60,7 +60,7 @@ else
$vpnsubnet or $vpnserver " >> $PWD/vpnserver.log
fi
fi
# create client vpn ip pool file
(
cat << EOF
@ -73,7 +73,7 @@ cat << EOF
# openvpn server config
local $vpnserver
server $vpnsubnet 255.255.255.0
push redirect-gateway def1
push "redirect-gateway def1"
EOF
)> $PWD/server.conf

View file

@ -25,7 +25,7 @@ the core-daemon for development based on Ubuntu 18.04.
### Install Dependencies
```shell
sudo apt install -y automake pkg-config gcc libev-dev ebtables gawk \
sudo apt install -y automake pkg-config gcc libev-dev ebtables gawk \
python3.6 python3.6-dev python3-pip python3-tk tk libtk-img ethtool libtool libreadline-dev autoconf
```
@ -82,10 +82,10 @@ To leverage the dev environment you need python 3.6+.
cd $REPO/daemon
# install pipenv
sudo pip3 install pipenv
sudo python3 -m pip install pipenv
# setup a virtual environment and install all required development dependencies
pipenv install --dev
python3 -m pipenv install --dev
```
### Setup pre-commit
@ -95,7 +95,7 @@ python utilities will be ran to check validity of code, potentially failing and
one to review changes being made by tools ro the fix the issue noted. Then add the changes and commit again.
```shell
pipenv run pre-commit install
python3 -m pipenv run pre-commit install
```
### Adding EMANE to Pipenv
@ -118,7 +118,7 @@ make -j8
# install emane binding in pipenv
# NOTE: this will mody pipenv Pipfiles and we do not want that, use git checkout -- Pipfile*, to remove changes
pipenv install $EMANEREPO/src/python
python3 -m pipenv pip install $EMANEREPO/src/python
```
### Running CORE
@ -127,13 +127,13 @@ This will run the core-daemon server using the configuration files within the re
```shell
# runs for daemon
sudo pipenv run core
sudo python3 -m pipenv run core
# runs coretk gui
pipenv run coretk
python3 -m pipenv run coretk
# runs mocked unit tests
pipenv run test-mock
python3 -m pipenv run test-mock
```
## Linux Network Namespace Commands

View file

@ -15,16 +15,30 @@ set of default services. Each service defines the per-node directories,
configuration files, startup index, starting commands, validation commands,
shutdown commands, and meta-data associated with a node.
**NOTE:**
Network namespace nodes do not undergo the normal Linux boot process
> :warning: **Network namespace nodes do not undergo the normal Linux boot process**
using the **init**, **upstart**, or **systemd** frameworks. These
lightweight nodes use configured CORE *services*.
## Default Services and Node Types
## Available Services
| Service Group | Services |
|---|---|
|[BIRD](services/bird.md)|BGP, OSPF, RADV, RIP, Static|
|[Docker](services/docker.md)|Docker|
|[EMANE](services/emane.md)|Transport Service|
|[FRR](services/frr.md)|BABEL, BGP, OSPFv2, OSPFv3, PIMD, RIP, RIPNG, Zebra|
|[NRL](services/nrl.md)|arouted, MGEN Sink, MGEN Actor, NHDP, OLSR, OLSRORG, OLSRv2, SMF|
|[Quagga](services/quagga.md)|BABEL, BGP, OSPFv2, OSPFv3, OSPFv3 MDR, RIP, RIPNG, XPIMD, Zebra|
|[SDN](services/sdn.md)|OVS, RYU|
|[Security](services/security.md)|Firewall, IPsec, NAT, VPN Client, VPN Server|
|[Utility](services/utility.md)|ATD, Routing Utils, DHCP, FTP, IP Forward, PCAP, RADVD, SSF, UCARP|
|[XORP](services/xorp.md)|BGP, OLSR, OSPFv2, OSPFv3, PIMSM4, PIMSM6, RIP, RIPNG, Router Manager|
## Node Types and Default Services
Here are the default node types and their services:
| Node type | Services |
| Node Type | Services |
|---|---|
| *router* | zebra, OSFPv2, OSPFv3, and IPForward services for IGP link-state routing. |
| *host* | DefaultRoute and SSH services, representing an SSH server having a default route when connected directly to a router. |
@ -133,7 +147,7 @@ is by using the **UserDefined** service. This is a blank service where any
aspect may be customized. The UserDefined service is convenient for testing
ideas for a service before adding a new service type.
### Creating New Service
### Creating New Services
1. Modify the [Example Service File](../daemon/examples/myservices/sample.py)
to do what you want. It could generate config/script files, mount per-node
@ -148,7 +162,7 @@ ideas for a service before adding a new service type.
3. Add a **custom_services_dir = /home/username/.core/myservices** entry to the
/etc/core/core.conf file.
**NOTE:**
The directory name used in **custom_services_dir** should be unique and
should not correspond to
@ -164,303 +178,3 @@ ideas for a service before adding a new service type.
If you have created a new service type that may be useful to others, please
consider contributing it to the CORE project.
## Available Services
### BIRD Internet Routing Daemon
The [BIRD Internet Routing Daemon](https://bird.network.cz/) is a routing daemon; i.e., a software responsible for managing kernel packet forwarding tables. It aims to develop a dynamic IP routing daemon with full support of all modern routing protocols, easy to use configuration interface and powerful route filtering language, primarily targeted on (but not limited to) Linux and other UNIX-like systems and distributed under the GNU General Public License. BIRD has a free implementation of several well known and common routing and router-supplemental protocols, namely RIP, RIPng, OSPFv2, OSPFv3, BGP, BFD, and NDP/RA. BIRD supports IPv4 and IPv6 address families, Linux kernel and several BSD variants (tested on FreeBSD, NetBSD and OpenBSD). BIRD consists of bird daemon and birdc interactive CLI client used for supervision.
In order to be able to use the BIRD Internet Routing Protocol, you must first install the project on your machine.
#### BIRD Package Install
```shell
sudo apt-get install bird
```
#### BIRD Source Code Install
You can download BIRD source code from it's [official repository.](https://gitlab.labs.nic.cz/labs/bird/)
```shell
./configure
make
su
make install
vi /etc/bird/bird.conf
```
The installation will place the bird directory inside */etc* where you will also find its config file.
In order to be able to do use the Bird Internet Routing Protocol, you must modify *bird.conf* due to the fact that the given configuration file is not configured beyond allowing the bird daemon to start, which means that nothing else will happen if you run it. Keeran Marquis has a very detailed example on [Configuring BGP using Bird on Ubuntu](https://blog.marquis.co/configuring-bgp-using-bird-on-ubuntu-14-04lts/) which can be used as a building block to implement your custom routing daemon.
### FRRouting
FRRouting is a routing software package that provides TCP/IP based routing services with routing protocols support such as BGP, RIP, OSPF, IS-IS and more. FRR also supports special BGP Route Reflector and Route Server behavior. In addition to traditional IPv4 routing protocols, FRR also supports IPv6 routing protocols. With an SNMP daemon that supports the AgentX protocol, FRR provides routing protocol MIB read-only access (SNMP Support).
FRR (as of v7.2) currently supports the following protocols:
* BGPv4
* OSPFv2
* OSPFv3
* RIPv1/v2/ng
* IS-IS
* PIM-SM/MSDP/BSM(AutoRP)
* LDP
* BFD
* Babel
* PBR
* OpenFabric
* VRRPv2/v3
* EIGRP (alpha)
* NHRP (alpha)
#### FRRouting Package Install
Ubuntu 19.10 and later
```shell
sudo apt update && sudo apt install frr
```
Ubuntu 16.04 and Ubuntu 18.04
```shell
sudo apt install curl
curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
FRRVER="frr-stable"
echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
sudo apt update && sudo apt install frr frr-pythontools
```
Fedora 31
```shell
sudo dnf update && sudo dnf install frr
```
#### FRRouting Source Code Install
Building FRR from source is the best way to ensure you have the latest features and bug fixes. Details for each supported platform, including dependency package listings, permissions, and other gotchas, are in the developers documentation.
FRRs source is available on the project [GitHub page](https://github.com/FRRouting/frr).
```shell
git clone https://github.com/FRRouting/frr.git
```
Change into your FRR source directory and issue:
```shell
./bootstrap.sh
```
Then, choose the configuration options that you wish to use for the installation. You can find these options on FRR's [official webpage](http://docs.frrouting.org/en/latest/installation.html). Once you have chosen your configure options, run the configure script and pass the options you chose:
```shell
./configure \
--prefix=/usr \
--enable-exampledir=/usr/share/doc/frr/examples/ \
--localstatedir=/var/run/frr \
--sbindir=/usr/lib/frr \
--sysconfdir=/etc/frr \
--enable-pimd \
--enable-watchfrr \
...
```
After configuring the software, you are ready to build and install it in your system.
```shell
make && sudo make install
```
If everything finishes successfully, FRR should be installed.
### Docker
Docker service allows running docker containers within CORE nodes.
The running of Docker within a CORE node allows for additional extensibility to
the CORE services. This allows network applications and protocols to be easily
packaged and run on any node.
This service will add a new group to the services list. This will have a service called Docker which will just start the docker service within the node but not run anything. It will also scan all docker images on the host machine. If any are tagged with 'core' then they will be added as a service to the Docker group. The image will then be auto run if that service is selected.
This requires a recent version of Docker. This was tested using a PPA on Ubuntu with version 1.2.0. The version in the standard Ubuntu repo is to old for this purpose (we need --net host).
#### Docker Installation
To use Docker services, you must first install the Docker python image. This is used to interface with Docker from the python service.
```shell
sudo apt-get install docker.io
sudo apt-get install python-pip
pip install docker-py
```
Once everything runs successfully, a Docker group under services will appear. An example use case is to pull an image from [Docker](https://hub.docker.com/). A test image has been uploaded for this purpose:
```shell
sudo docker pull stuartmarsden/multicastping
```
This downloads an image which is based on Ubuntu 14.04 with python and twisted. It runs a simple program that sends a multicast ping and listens and records any it receives. In order for this to appear as a docker service it must be tagged with core.
Find out the id by running 'sudo docker images'. You should see all installed images and the one you want looks like this:
```shell
stuartmarsden/multicastping latest 4833487e66d2 20 hours
ago 487 MB
```
The id will be different on your machine so use it in the following command:
```shell
sudo docker tag 4833487e66d2 stuartmarsden/multicastping:core
```
This image will be listed in the services after we restart the core-daemon:
```shell
sudo service core-daemon restart
```
### NRL Services
The Protean Protocol Prototyping Library (ProtoLib) is a cross-platform library that allows applications to be built while supporting a variety of platforms including Linux, Windows, WinCE/PocketPC, MacOS, FreeBSD, Solaris, etc as well as the simulation environments of NS2 and Opnet. The goal of the Protolib is to provide a set of simple, cross-platform C++ classes that allow development of network protocols and applications that can run on different platforms and in network simulation environments. While Protolib provides an overall framework for developing working protocol implementations, applications, and simulation modules, the individual classes are designed for use as stand-alone components when possible. Although Protolib is principally for research purposes, the code has been constructed to provide robust, efficient performance and adaptability to real applications. In some cases, the code consists of data structures, etc useful in protocol implementations and, in other cases, provides common, cross-platform interfaces to system services and functions (e.g., sockets, timers, routing tables, etc).
Currently the Naval Research Laboratory uses this library to develop a wide variety of protocols.The NRL Protolib currently supports the following protocols:
* MGEN_Sink
* NHDP
* SMF
* OLSR
* OLSRv2
* OLSRORG
* MgenActor
* arouted
#### NRL Installation
In order to be able to use the different protocols that NRL offers, you must first download the support library itself. You can get the source code from their [NRL Protolib Repo](https://github.com/USNavalResearchLaboratory/protolib).
#### Multi-Generator (MGEN)
Download MGEN from the [NRL MGEN Repo](https://github.com/USNavalResearchLaboratory/mgen), unpack it and copy the protolib library into the main folder *mgen*. Execute the following commands to build the protocol.
```shell
cd mgen/makefiles
make -f Makefile.{os} mgen
```
#### Neighborhood Discovery Protocol (NHDP)
Download NHDP from the [NRL NHDP Repo](https://github.com/USNavalResearchLaboratory/NCS-Downloads/tree/master/nhdp).
```shell
sudo apt-get install libpcap-dev libboost-all-dev
wget https://github.com/protocolbuffers/protobuf/releases/download/v3.8.0/protoc-3.8.0-linux-x86_64.zip
unzip protoc-3.8.0-linux-x86_64.zip
```
Then place the binaries in your $PATH. To know your paths you can issue the following command
```shell
echo $PATH
```
Go to the downloaded *NHDP* tarball, unpack it and place the protolib library inside the NHDP main folder. Now, compile the NHDP Protocol.
```shell
cd nhdp/unix
make -f Makefile.{os}
```
#### Simplified Multicast Forwarding (SMF)
Download SMF from the [NRL SMF Repo](https://github.com/USNavalResearchLaboratory/nrlsmf) , unpack it and place the protolib library inside the *smf* main folder.
```shell
cd mgen/makefiles
make -f Makefile.{os}
```
#### Optimized Link State Routing Protocol (OLSR)
To install the OLSR protocol, download their source code from their [NRL OLSR Repo](https://github.com/USNavalResearchLaboratory/nrlolsr). Unpack it and place the previously downloaded protolib library inside the *nrlolsr* main directory. Then execute the following commands:
```shell
cd ./unix
make -f Makefile.{os}
```
### Quagga Routing Suite
Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms, particularly FreeBSD, Linux, Solaris and NetBSD. Quagga is a fork of GNU Zebra which was developed by Kunihiro Ishiguro.
The Quagga architecture consists of a core daemon, zebra, which acts as an abstraction layer to the underlying Unix kernel and presents the Zserv API over a Unix or TCP stream to Quagga clients. It is these Zserv clients which typically implement a routing protocol and communicate routing updates to the zebra daemon.
#### Quagga Package Install
```shell
sudo apt-get install quagga
```
#### Quagga Source Install
First, download the source code from their [official webpage](https://www.quagga.net/).
```shell
sudo apt-get install gawk
```
Extract the tarball, go to the directory of your currently extracted code and issue the following commands.
```shell
./configure
make
sudo make install
```
### Software Defined Networking
Ryu is a component-based software defined networking framework. Ryu provides software components with well defined API that make it easy for developers to create new network management and control applications. Ryu supports various protocols for managing network devices, such as OpenFlow, Netconf, OF-config, etc. About OpenFlow, Ryu supports fully 1.0, 1.2, 1.3, 1.4, 1.5 and Nicira Extensions. All of the code is freely available under the Apache 2.0 license.
```shell
```
#### Installation
##### Prerequisites
```shell
sudo apt-get install gcc python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev zlib1g-dev
```
##### Ryu Package Install
```shell
pip install ryu
```
##### Ryu Source Install
```shell
git clone git://github.com/osrg/ryu.git
cd ryu; pip install .
```
### Security Services
The security services offer a wide variety of protocols capable of satisfying the most use cases available. Security services such as IP security protocols, for providing security at the IP layer, as well as the suite of protocols designed to provide that security, through authentication and encryption of IP network packets. Virtual Private Networks (VPNs) and Firewalls are also available for use to the user.
#### Installation
```shell
sudo apt-get install ipsec-tools racoon openvpn
```
### UCARP
UCARP allows a couple of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent-free Common Address Redundancy Protocol (CARP, OpenBSD's alternative to the patents-bloated VRRP).
Strong points of the CARP protocol are: very low overhead, cryptographically signed messages, interoperability between different operating systems and no need for any dedicated extra network link between redundant hosts.
#### Installation
```shell
sudo apt-get install ucarp
```
### Utilities Services
The following services are provided as utilities:
* Default Routing
* Default Muticast Routing
* Static Routing
* SSH
* DHCP
* DHCP Client
* FTP
* HTTP
* PCAP
* RADVD
* ATD
#### Installation
To install the functionality of the previously metioned services you can run the following command:
```shell
sudo apt-get install isc-dhcp-server apache2 libpcap-dev radvd at
```
### XORP routing suite
XORP is an open networking platform that supports OSPF, RIP, BGP, OLSR, VRRP, PIM, IGMP (Multicast) and other routing protocols. Most protocols support IPv4 and IPv6 where applicable. It is known to work on various Linux distributions and flavors of BSD.
XORP started life as a project at the ICSI Center for Open Networking (ICON) at the International Computer Science Institute in Berkeley, California, USA, and spent some time with the team at XORP, Inc. It is now maintained and improved on a volunteer basis by a core of long-term XORP developers and some newer contributors.
XORP's primary goal is to be an open platform for networking protocol implementations and an alternative to proprietary and closed networking products in the marketplace today. It is the only open source platform to offer integrated multicast capability.
XORP design philosophy is:
* modularity
* extensibility
* performance
* robustness
This is achieved by carefully separating functionalities into independent modules, and by providing an API for each module.
XORP divides into two subsystems. The higher-level ("user-level") subsystem consists of the routing protocols. The lower-level ("kernel") manages the forwarding path, and provides APIs for the higher-level to access.
User-level XORP uses multi-process architecture with one process per routing protocol, and a novel inter-process communication mechanism called XRL (XORP Resource Locator).
The lower-level subsystem can use traditional UNIX kernel forwarding, or Click modular router. The modularity and independency of the lower-level from the user-level subsystem allows for its easily replacement with other solutions including high-end hardware-based forwarding engines.
#### Installation
In order to be able to install the XORP Routing Suite, you must first install scons in order to compile it.
```shell
sudo apt-get install scons
```
Then, download XORP from its official [release web page](http://www.xorp.org/releases/current/).
```shell
http://www.xorp.org/releases/current/
cd xorp
sudo apt-get install libssl-dev ncurses-dev
scons
scons install
```

30
docs/services/bird.md Normal file
View file

@ -0,0 +1,30 @@
# BIRD Internet Routing Daemon
* Table of Contents
{:toc}
## Overview
The [BIRD Internet Routing Daemon](https://bird.network.cz/) is a routing daemon; i.e., a software responsible for managing kernel packet forwarding tables. It aims to develop a dynamic IP routing daemon with full support of all modern routing protocols, easy to use configuration interface and powerful route filtering language, primarily targeted on (but not limited to) Linux and other UNIX-like systems and distributed under the GNU General Public License. BIRD has a free implementation of several well known and common routing and router-supplemental protocols, namely RIP, RIPng, OSPFv2, OSPFv3, BGP, BFD, and NDP/RA. BIRD supports IPv4 and IPv6 address families, Linux kernel and several BSD variants (tested on FreeBSD, NetBSD and OpenBSD). BIRD consists of bird daemon and birdc interactive CLI client used for supervision.
In order to be able to use the BIRD Internet Routing Protocol, you must first install the project on your machine.
## BIRD Package Install
```shell
sudo apt-get install bird
```
## BIRD Source Code Install
You can download BIRD source code from it's [official repository.](https://gitlab.labs.nic.cz/labs/bird/)
```shell
./configure
make
su
make install
vi /etc/bird/bird.conf
```
The installation will place the bird directory inside */etc* where you will also find its config file.
In order to be able to do use the Bird Internet Routing Protocol, you must modify *bird.conf* due to the fact that the given configuration file is not configured beyond allowing the bird daemon to start, which means that nothing else will happen if you run it. Keeran Marquis has a very detailed example on [Configuring BGP using Bird on Ubuntu](https://blog.marquis.co/configuring-bgp-using-bird-on-ubuntu-14-04lts/) which can be used as a building block to implement your custom routing daemon.

43
docs/services/docker.md Normal file
View file

@ -0,0 +1,43 @@
# Docker
* Table of Contents
{:toc}
## Overview
Docker service allows running docker containers within CORE nodes.
The running of Docker within a CORE node allows for additional extensibility to
the CORE services. This allows network applications and protocols to be easily
packaged and run on any node.
This service will add a new group to the services list. This will have a service called Docker which will just start the docker service within the node but not run anything. It will also scan all docker images on the host machine. If any are tagged with 'core' then they will be added as a service to the Docker group. The image will then be auto run if that service is selected.
This requires a recent version of Docker. This was tested using a PPA on Ubuntu with version 1.2.0. The version in the standard Ubuntu repo is to old for this purpose (we need --net host).
## Docker Installation
To use Docker services, you must first install the Docker python image. This is used to interface with Docker from the python service.
```shell
sudo apt-get install docker.io
sudo apt-get install python-pip
pip install docker-py
```
Once everything runs successfully, a Docker group under services will appear. An example use case is to pull an image from [Docker](https://hub.docker.com/). A test image has been uploaded for this purpose:
```shell
sudo docker pull stuartmarsden/multicastping
```
This downloads an image which is based on Ubuntu 14.04 with python and twisted. It runs a simple program that sends a multicast ping and listens and records any it receives. In order for this to appear as a docker service it must be tagged with core.
Find out the id by running 'sudo docker images'. You should see all installed images and the one you want looks like this:
```shell
stuartmarsden/multicastping latest 4833487e66d2 20 hours
ago 487 MB
```
The id will be different on your machine so use it in the following command:
```shell
sudo docker tag 4833487e66d2 stuartmarsden/multicastping:core
```
This image will be listed in the services after we restart the core-daemon:
```shell
sudo service core-daemon restart
```

13
docs/services/emane.md Normal file
View file

@ -0,0 +1,13 @@
# EMANE Services
* Table of Contents
{:toc}
## Overview
EMANE related services for CORE.
## Transport Service
Helps with setting up EMANE for using an external transport.

75
docs/services/frr.md Normal file
View file

@ -0,0 +1,75 @@
# FRRouting
* Table of Contents
{:toc}
## Overview
FRRouting is a routing software package that provides TCP/IP based routing services with routing protocols support such as BGP, RIP, OSPF, IS-IS and more. FRR also supports special BGP Route Reflector and Route Server behavior. In addition to traditional IPv4 routing protocols, FRR also supports IPv6 routing protocols. With an SNMP daemon that supports the AgentX protocol, FRR provides routing protocol MIB read-only access (SNMP Support).
FRR (as of v7.2) currently supports the following protocols:
* BGPv4
* OSPFv2
* OSPFv3
* RIPv1/v2/ng
* IS-IS
* PIM-SM/MSDP/BSM(AutoRP)
* LDP
* BFD
* Babel
* PBR
* OpenFabric
* VRRPv2/v3
* EIGRP (alpha)
* NHRP (alpha)
## FRRouting Package Install
Ubuntu 19.10 and later
```shell
sudo apt update && sudo apt install frr
```
Ubuntu 16.04 and Ubuntu 18.04
```shell
sudo apt install curl
curl -s https://deb.frrouting.org/frr/keys.asc | sudo apt-key add -
FRRVER="frr-stable"
echo deb https://deb.frrouting.org/frr $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
sudo apt update && sudo apt install frr frr-pythontools
```
Fedora 31
```shell
sudo dnf update && sudo dnf install frr
```
## FRRouting Source Code Install
Building FRR from source is the best way to ensure you have the latest features and bug fixes. Details for each supported platform, including dependency package listings, permissions, and other gotchas, are in the developers documentation.
FRRs source is available on the project [GitHub page](https://github.com/FRRouting/frr).
```shell
git clone https://github.com/FRRouting/frr.git
```
Change into your FRR source directory and issue:
```shell
./bootstrap.sh
```
Then, choose the configuration options that you wish to use for the installation. You can find these options on FRR's [official webpage](http://docs.frrouting.org/en/latest/installation.html). Once you have chosen your configure options, run the configure script and pass the options you chose:
```shell
./configure \
--prefix=/usr \
--enable-exampledir=/usr/share/doc/frr/examples/ \
--localstatedir=/var/run/frr \
--sbindir=/usr/lib/frr \
--sysconfdir=/etc/frr \
--enable-pimd \
--enable-watchfrr \
...
```
After configuring the software, you are ready to build and install it in your system.
```shell
make && sudo make install
```
If everything finishes successfully, FRR should be installed.

64
docs/services/nrl.md Normal file
View file

@ -0,0 +1,64 @@
# NRL Services
* Table of Contents
{:toc}
## Overview
The Protean Protocol Prototyping Library (ProtoLib) is a cross-platform library that allows applications to be built while supporting a variety of platforms including Linux, Windows, WinCE/PocketPC, MacOS, FreeBSD, Solaris, etc as well as the simulation environments of NS2 and Opnet. The goal of the Protolib is to provide a set of simple, cross-platform C++ classes that allow development of network protocols and applications that can run on different platforms and in network simulation environments. While Protolib provides an overall framework for developing working protocol implementations, applications, and simulation modules, the individual classes are designed for use as stand-alone components when possible. Although Protolib is principally for research purposes, the code has been constructed to provide robust, efficient performance and adaptability to real applications. In some cases, the code consists of data structures, etc useful in protocol implementations and, in other cases, provides common, cross-platform interfaces to system services and functions (e.g., sockets, timers, routing tables, etc).
Currently the Naval Research Laboratory uses this library to develop a wide variety of protocols.The NRL Protolib currently supports the following protocols:
* MGEN_Sink
* NHDP
* SMF
* OLSR
* OLSRv2
* OLSRORG
* MgenActor
* arouted
## NRL Installation
In order to be able to use the different protocols that NRL offers, you must first download the support library itself. You can get the source code from their [NRL Protolib Repo](https://github.com/USNavalResearchLaboratory/protolib).
## Multi-Generator (MGEN)
Download MGEN from the [NRL MGEN Repo](https://github.com/USNavalResearchLaboratory/mgen), unpack it and copy the protolib library into the main folder *mgen*. Execute the following commands to build the protocol.
```shell
cd mgen/makefiles
make -f Makefile.{os} mgen
```
## Neighborhood Discovery Protocol (NHDP)
Download NHDP from the [NRL NHDP Repo](https://github.com/USNavalResearchLaboratory/NCS-Downloads/tree/master/nhdp).
```shell
sudo apt-get install libpcap-dev libboost-all-dev
wget https://github.com/protocolbuffers/protobuf/releases/download/v3.8.0/protoc-3.8.0-linux-x86_64.zip
unzip protoc-3.8.0-linux-x86_64.zip
```
Then place the binaries in your $PATH. To know your paths you can issue the following command
```shell
echo $PATH
```
Go to the downloaded *NHDP* tarball, unpack it and place the protolib library inside the NHDP main folder. Now, compile the NHDP Protocol.
```shell
cd nhdp/unix
make -f Makefile.{os}
```
## Simplified Multicast Forwarding (SMF)
Download SMF from the [NRL SMF Repo](https://github.com/USNavalResearchLaboratory/nrlsmf) , unpack it and place the protolib library inside the *smf* main folder.
```shell
cd mgen/makefiles
make -f Makefile.{os}
```
## Optimized Link State Routing Protocol (OLSR)
To install the OLSR protocol, download their source code from their [NRL OLSR Repo](https://github.com/USNavalResearchLaboratory/nrlolsr). Unpack it and place the previously downloaded protolib library inside the *nrlolsr* main directory. Then execute the following commands:
```shell
cd ./unix
make -f Makefile.{os}
```

28
docs/services/quagga.md Normal file
View file

@ -0,0 +1,28 @@
# Quagga Routing Suite
* Table of Contents
{:toc}
## Overview
Quagga is a routing software suite, providing implementations of OSPFv2, OSPFv3, RIP v1 and v2, RIPng and BGP-4 for Unix platforms, particularly FreeBSD, Linux, Solaris and NetBSD. Quagga is a fork of GNU Zebra which was developed by Kunihiro Ishiguro.
The Quagga architecture consists of a core daemon, zebra, which acts as an abstraction layer to the underlying Unix kernel and presents the Zserv API over a Unix or TCP stream to Quagga clients. It is these Zserv clients which typically implement a routing protocol and communicate routing updates to the zebra daemon.
## Quagga Package Install
```shell
sudo apt-get install quagga
```
## Quagga Source Install
First, download the source code from their [official webpage](https://www.quagga.net/).
```shell
sudo apt-get install gawk
```
Extract the tarball, go to the directory of your currently extracted code and issue the following commands.
```shell
./configure
make
sudo make install
```

30
docs/services/sdn.md Normal file
View file

@ -0,0 +1,30 @@
# Software Defined Networking
* Table of Contents
{:toc}
## Overview
Ryu is a component-based software defined networking framework. Ryu provides software components with well defined API that make it easy for developers to create new network management and control applications. Ryu supports various protocols for managing network devices, such as OpenFlow, Netconf, OF-config, etc. About OpenFlow, Ryu supports fully 1.0, 1.2, 1.3, 1.4, 1.5 and Nicira Extensions. All of the code is freely available under the Apache 2.0 license.
## Installation
### Prerequisites
```shell
sudo apt-get install gcc python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev zlib1g-dev
```
### Ryu Package Install
```shell
pip install ryu
```
### Ryu Source Install
```shell
git clone git://github.com/osrg/ryu.git
cd ryu
pip install .
```

86
docs/services/security.md Normal file
View file

@ -0,0 +1,86 @@
# Security Services
* Table of Contents
{:toc}
## Overview
The security services offer a wide variety of protocols capable of satisfying the most use cases available. Security services such as IP security protocols, for providing security at the IP layer, as well as the suite of protocols designed to provide that security, through authentication and encryption of IP network packets. Virtual Private Networks (VPNs) and Firewalls are also available for use to the user.
## Installation
Libraries needed for some of the security services.
```shell
sudo apt-get install ipsec-tools racoon
```
## OpenVPN
Below is a set of instruction for running a very simple OpenVPN client/server scenario.
### Installation
```shell
# install openvpn
sudo apt install openvpn
# retrieve easyrsa3 for key/cert generation
git clone https://github.com/OpenVPN/easy-rsa
```
### Generating Keys/Certs
```shell
# navigate into easyrsa3 repo subdirectory that contains built binary
cd easy-rsa/easyrsa3
# initalize pki
./easyrsa init-pki
# build ca
./easyrsa build-ca
# generate and sign server keypair(s)
SERVER_NAME=server1
./easyrsa get-req $SERVER_NAME nopass
./easyrsa sign-req server $SERVER_NAME
# generate and sign client keypair(s)
CLIENT_NAME=client1
./easyrsa get-req $CLIENT_NAME nopass
./easyrsa sign-req client $CLIENT_NAME
# DH generation
./easyrsa gen-dh
# create directory for keys for CORE to use
# NOTE: the default is set to a directory that requires using sudo, but can be
# anywhere and not require sudo at all
KEYDIR=/etc/core/keys
sudo mkdir $KEYDIR
# move keys to directory
sudo cp pki/ca.crt $KEYDIR
sudo cp pki/issued/*.crt $KEYDIR
sudo cp pki/private/*.key $KEYDIR
sudo cp pki/dh.pem $KEYDIR/dh1024.pem
```
### Configure Server Nodes
Add VPNServer service to nodes desired for running an OpenVPN server.
Modify [sampleVPNServer](../../daemon/examples/services/sampleVPNServer) for the following
* Edit keydir key/cert directory
* Edit keyname to use generated server name above
* Edit vpnserver to match an address that the server node will have
### Configure Client Nodes
Add VPNClient service to nodes desired for acting as an OpenVPN client.
Modify [sampleVPNClient](../../daemon/examples/services/sampleVPNClient) for the following
* Edit keydir key/cert directory
* Edit keyname to use generated client name above
* Edit vpnserver to match the address a server was configured to use

42
docs/services/utility.md Normal file
View file

@ -0,0 +1,42 @@
# Utility Services
* Table of Contents
{:toc}
# Overview
Variety of convenience services for carrying out common networking changes.
The following services are provided as utilities:
* UCARP
* IP Forward
* Default Routing
* Default Muticast Routing
* Static Routing
* SSH
* DHCP
* DHCP Client
* FTP
* HTTP
* PCAP
* RADVD
* ATD
## Installation
To install the functionality of the previously metioned services you can run the following command:
```shell
sudo apt-get install isc-dhcp-server apache2 libpcap-dev radvd at
```
## UCARP
UCARP allows a couple of hosts to share common virtual IP addresses in order to provide automatic failover. It is a portable userland implementation of the secure and patent-free Common Address Redundancy Protocol (CARP, OpenBSD's alternative to the patents-bloated VRRP).
Strong points of the CARP protocol are: very low overhead, cryptographically signed messages, interoperability between different operating systems and no need for any dedicated extra network link between redundant hosts.
### Installation
```shell
sudo apt-get install ucarp
```

40
docs/services/xorp.md Normal file
View file

@ -0,0 +1,40 @@
# XORP routing suite
* Table of Contents
{:toc}
## Overview
XORP is an open networking platform that supports OSPF, RIP, BGP, OLSR, VRRP, PIM, IGMP (Multicast) and other routing protocols. Most protocols support IPv4 and IPv6 where applicable. It is known to work on various Linux distributions and flavors of BSD.
XORP started life as a project at the ICSI Center for Open Networking (ICON) at the International Computer Science Institute in Berkeley, California, USA, and spent some time with the team at XORP, Inc. It is now maintained and improved on a volunteer basis by a core of long-term XORP developers and some newer contributors.
XORP's primary goal is to be an open platform for networking protocol implementations and an alternative to proprietary and closed networking products in the marketplace today. It is the only open source platform to offer integrated multicast capability.
XORP design philosophy is:
* modularity
* extensibility
* performance
* robustness
This is achieved by carefully separating functionalities into independent modules, and by providing an API for each module.
XORP divides into two subsystems. The higher-level ("user-level") subsystem consists of the routing protocols. The lower-level ("kernel") manages the forwarding path, and provides APIs for the higher-level to access.
User-level XORP uses multi-process architecture with one process per routing protocol, and a novel inter-process communication mechanism called XRL (XORP Resource Locator).
The lower-level subsystem can use traditional UNIX kernel forwarding, or Click modular router. The modularity and independency of the lower-level from the user-level subsystem allows for its easily replacement with other solutions including high-end hardware-based forwarding engines.
## Installation
In order to be able to install the XORP Routing Suite, you must first install scons in order to compile it.
```shell
sudo apt-get install scons
```
Then, download XORP from its official [release web page](http://www.xorp.org/releases/current/).
```shell
http://www.xorp.org/releases/current/
cd xorp
sudo apt-get install libssl-dev ncurses-dev
scons
scons install
```