20200113_jeffrey - silenceuncrio/diary GitHub Wiki

0910

review

keepalive 研究期間所寫的 code 不適合 commit

但總要有個地方把足跡留下來

利用 gist 好了

2020_grek_Makefile
- 參考的 Makefile
2020_grek_gre_keepalive_00.c
- raw socket sento 的 hello world; 送給 192.168.1.13
2020_grek_gre_keepalive_01.c
- base on gre_keepalive_00.c, protocol 指名 IPPROTO_GRE 並自行定義 struct gre_hdr
2020_grek_gre_keepalive_02.c
- base on gre_keepalive_01.c, 但送給 10.0.0.13 - 這是 gre 的 tunnel end point - 可同時觀察到兩個 gre header
2020_grek_gre_keepalive_03.c
- base on gre_keepalive_02.c, 利用 gre header 的 flags 送出最短的 gre_hdr
2020_grek_gre_keepalive_04.c
- base on gre_keepalive_03.c, 送給 192.168.1.13, 自行指定 ip header - 需搭配 IP_HDRINCL 這個 socket option
- 20200102_jeffrey
2020_grek_gre_keepalive_05.c
- 準備好 outer gre header, inner ip header 和 inner gre heaser, 讓 kernel 幫忙 outer ip header
- inner ip header 的 checksum 計算要注意
- 20200102_jeffrey
2020_grek_gre_keepalive_06.c
- base on gre_keepalive_05.c
- 搭配 POSIX Interval Timers - 參考 The Linux Programming Interface 的 Chapter 23
- 固定時間送出 keepalive request 給 gre 對端的 physical interface
- 得到 keepalive response
- 20200106_jeffrey
2020_grek_gre_keepalive_07.c
- base on gre_keepalive_06.c
- 搭配 libpcap 抓取特定的 packet - keepalive response
- 關鍵在於 filter 的 expression - "src host 192.168.1.13 && ip proto gre && ip[22:2] = 0"
- 20200107_jeffrey
2020_grek_gre_keepalive_08.c
- base on gre_keepalive_07.c
- 搭配 getopt 實作出 command line options
- 20200107_jeffrey
2020_grek_tlpi_getopt_t_getopt.c
- The Linux Programming Interface 的範例
- Appendix B - Parsing Command-Line Options
- 可利用 2020_grek_Makefile 編譯後在 m330 上執行
2020_grek_tlpi_timers_real_timer.c
- The Linux Programming Interface 的範例
- Chapter 23 - Timers and Sleeping
  - 23.1 Interval Timers
- 可利用 2020_grek_Makefile 編譯後在 m330 上執行
2020_grek_tlpi_timers_ptmr_sigev_signal.c
- The Linux Programming Interface 的範例
- Chapter 23 - Timers and Sleeping
  - 23.6 POSIX Interval Timers
- 可利用 2020_grek_Makefile 編譯後在 m330 上執行

整理完就把這些 study 的檔案刪掉吧

1055

待會 1115 跟錠嵂保險經紀人李慧婕約在公司附近的 7-11

有一些文件需樣簽名

1145

後續因為甲狀腺乳突癌的門診

目前已之可以獲得的理賠有 - 一次

南山人壽 - 門診醫療保險金 - 2000
國泰人壽(公司團保) - 癌症門診 - 1000

最好的方式為每個月回診一次拿甲狀腺素

這樣一年的門診數為 12 次

南山人壽 - 2000 * 12 = 24000
國泰人壽(公司團保) - 1000 * 12 = 12000

1155

今年給自己的目標- 也是座右銘

超越自己
不要怕麻煩
充足的睡眠
更健康

1300

build 個最新的 m330[release/v0.08]

Vendor/Products = GENERIC/0_GENERIC

gre tunnel keepalive 測試的環境如下

+-------+                                               +-------+
|       |                   lan                         |       |
| m330  +-------------------+---------------------------+ m330  |
|       | 192.168.1.11      |             192.168.1.13  |       |
+-------+                   |                           +-------+
                            |
                        +---+-------+                   +---------------+
                        |           |     192.168.1.200 |               |
                        | switch    +-------------------+ CISCO 2811    |
                        |           |  fastEthernet 0/0 |               |
                        +-----------+                   +---------------+

基本配置

m330 - 192.168.1.11

set lan ip = 192.168.1.11

m330 - 192.168.1.13

set lan ip = 192.168.1.13

CISCO 2811 - 192.168.1.200

Router>enable
Router#configure ter
Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#inter
Router(config)#interface fas
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 192.168.1.200 255.255.255.0
Router(config-if)#exit
Router(config)#exit
Router#show inter
Router#show interfaces fa
Router#show interfaces fastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
  Hardware is MV96340 Ethernet, address is 0013.1aa4.64a8 (bia 0013.1aa4.64a8)
  Internet address is 192.168.1.200/24
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 100Mb/s, 100BaseTX/FX
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog
     0 input packets with dribble condition detected
     32 packets output, 3779 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier
     0 output buffer failures, 0 output buffers swapped out

利用 ping 來確認 CISCO - 192.168.1.200 與 m330 - 192.168.1.11 和 m330 - 192.168.1.13 之間的 connection

Router#ping 192.168.1.11

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.11, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms
Router#ping 192.168.1.13

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.13, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms

GRE 配置

m330 - 192.168.1.11

GRE Entry #1 - with m330 - 192.168.1.13

GRE Entry #2 - with CISCO 2811 - 192.168.1.200

m330 - 192.168.1.13

CISCO 2811 - 192.168.1.200

Router>enable
Router#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#no interface tunnel 0
Router(config)#interface tunnel 0
Router(config-if)#ip address 10.1.1.200 255.255.255.0
Router(config-if)#tunnel source fastEthernet 0/0
Router(config-if)#tunnel destination 192.168.1.11
Router(config-if)#keepalive 10
Router(config-if)#exit
Router(config)#exit
Router#show interfaces tunnel 0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 10.1.1.200/24
  MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive set (10 sec), retries 3
  Tunnel source 192.168.1.200 (FastEthernet0/0), destination 192.168.1.11
  ...

狀態

m330 - 192.168.1.11

m330 - 192.168.1.13

CISCO 2811 - 192.168.1.200

Router#show interfaces tunnel 0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 10.1.1.200/24
  MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive set (10 sec), retries 3
  Tunnel source 192.168.1.200 (FastEthernet0/0), destination 192.168.1.11
  Tunnel protocol/transport GRE/IP
    Key disabled, sequencing disabled
    Checksumming of packets disabled
  Tunnel TTL 255
  Fast tunneling enabled
  Tunnel transmit bandwidth 8000 (kbps)
  Tunnel receive bandwidth 8000 (kbps)
  Last input never, output 00:00:06, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     31 packets input, 1488 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     34 packets output, 1632 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 output buffer failures, 0 output buffers swapped out

斷開 m330 - 192.168.1.13 與 switch 之間的的連線

keepalive period * keepalive retries = 10 * 3 = 30 seconds

約莫 30 秒後 m330 - 192.168.1.11 的狀態

接回 m330 - 192.168.1.13 與 switch 之間的的連線

m330 - 192.168.1.11 一收到 keepalive 的回應立刻會將 gre interface 的狀態改成 UP

尷尬了... 有 bug...

利用 tcpdump 抓一下封包

m330 - 192.168.1.11

root@Cellular Router:~# tcpdump -i lan
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lan, link-type EN10MB (Ethernet), capture size 65535 bytes
...
06:07:26.008184 IP 192.168.1.13 > 192.168.1.11: GREv0, length 28: IP 192.168.1.11 > 192.168.1.13: GREv0, length 4: gre-proto-0x0
06:07:26.008326 IP 192.168.1.11 > 192.168.1.13: ICMP 192.168.1.11 protocol 47 port 2048 unreachable, length 56
...
06:07:28.129464 IP 192.168.1.200 > 192.168.1.11: GREv0, length 28: IP 192.168.1.11 > 192.168.1.200: GREv0, length 4: gre-proto-0x0
06:07:28.129577 IP 192.168.1.11 > 192.168.1.200: GREv0, length 4: gre-proto-0x0
06:07:28.947684 IP 192.168.1.11 > 192.168.1.200: GREv0, length 28: IP 192.168.1.200 > 192.168.1.11: GREv0, length 4: gre-proto-0x0
06:07:28.947924 IP 192.168.1.200 > 192.168.1.11: GREv0, length 4: gre-proto-0x0
06:07:28.962821 IP 192.168.1.11 > 192.168.1.13: GREv0, length 28: IP 192.168.1.13 > 192.168.1.11: GREv0, length 4: gre-proto-0x0
06:07:28.963199 IP 192.168.1.13 > 192.168.1.11: ICMP 192.168.1.13 protocol 47 port 2048 unreachable, length 56
...

m330 - 192.168.1.13

root@Cellular Router:~# tcpdump -i lan
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lan, link-type EN10MB (Ethernet), capture size 65535 bytes
...
06:02:11.450495 IP 192.168.1.11 > 192.168.1.13: GREv0, length 28: IP 192.168.1.13 > 192.168.1.11: GREv0, length 4: gre-proto-0x0
06:02:11.450629 IP 192.168.1.13 > 192.168.1.11: ICMP 192.168.1.13 protocol 47 port 2048 unreachable, length 56
...
06:02:18.494489 IP 192.168.1.13 > 192.168.1.11: GREv0, length 28: IP 192.168.1.11 > 192.168.1.13: GREv0, length 4: gre-proto-0x0
06:02:18.494869 IP 192.168.1.11 > 192.168.1.13: ICMP 192.168.1.11 protocol 47 port 2048 unreachable, length 56
...

可以發現在 interface 為 down 的狀態下

m330 無法回應 gre keepalive request

怎麼辦呢?

不要去切換 interface up/down; 而是發 event 通知相關模組
自己利用 libpcap 收 gre keepalive request 然後給出回應

分別考慮

不要去切換 interface up/down; 而是發 event 通知相關模組

要讓相關模組負責人 implement 相關的 event handler
需要整合測試

自己利用 libpcap 收 gre keepalive request 然後給出回應

要能明確區分出 keepalive request 和 keepalive response

1440

自己是覺得 自己利用 libpcap 收 gre keepalive request 然後給出回應 這個 solution 比較單純

反正 pcap 是多 copy 一份

interface 在 up 的狀況下也許我自己 implement 的 keepalive response rx 會多回一份

accept local 讓 kernel 就自動做了回應

或許我可以自動在 interface 在 down 的狀況下啟動我自製的 keepalive responser

然後在 interface up 時再關掉它

1530

m330[release/v0.08] - correct the title of GRE edit web page

commit dfb07d6b22f9c98a9d320512c0896b2cc21785ea
Refs: [release/v0.08], {origin/release/v0.08}
Author: jeffrey <[email protected]>
Date:   Mon Jan 13 15:25:47 2020 +0800

    correct the title of GRE edit web page

 proscend/prosrc/www/app/feature/gre_3g.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

1605

單純的利用 m330 - 192.168.1.11 與 m330 - 192.168.1.13 做測試

先透過 web ui 把 gre mode off

自己手動作設定

m330 - 192.168.1.11

ip tunnel add gre1 mode gre remote 192.168.1.13 local 192.168.1.11 ttl 255 dev lan
ifconfig gre1 mtu 1400
ip link set gre1 up
ip addr add 10.0.0.11/24 dev gre1
echo 1 > /proc/sys/net/ipv4/conf/gre1/accept_local
grek -d lan -t gre1 -i 0 -l 192.168.1.11 -r 192.168.1.13 -p 10 -n 3

m330 - 192.168.1.13

ip tunnel add gre1 mode gre remote 192.168.1.11 local 192.168.1.13 ttl 255 dev lan
ifconfig gre1 mtu 1400
ip link set gre1 up
ip addr add 10.0.0.13/24 dev gre1
echo 1 > /proc/sys/net/ipv4/conf/gre1/accept_local
grek -d lan -t gre1 -i 0 -l 192.168.1.13 -r 192.168.1.11 -p 10 -n 3

1750

目前使用 pcap 抓封包是類似 複製&貼上 的行為

試著修改 filter expression 讓 pcap 可以抓取 keepalive request 和 keepalive response