Hi Joseph
It is a pleasure to help you. Find answers inline
On 18/12/15 00:48, Jose Collin wrote:
Thanks so much for the answers. and thanks for the EID prefix.
I have other questions
1-LISP for openwrt is available for AA 12.09 in particular to
tl-wr740n and tl-mr3420 both are atheros a7xxx I check with opkg
update for lispd and it appears to be version 3.xxx
Packages are updated with OpenWrt releases. When OpenWrt 12.09 was
released, the version of LISPmob was 3.x. If you want to have the last
version of LISPmob in your OpenWrt router is better to use the ipk
packages provided in our web side.
2- how about security ? it is secure the communications ?
The communication is not encrypted. If you want to have your data
encrypted you will have to offload this task to the clients of the
router. It is possible that in a future the encryption of data will be
implemented but not in a short term. In general, LISP is as secure as
the current Internet and does not have any impact on its current
security level.
3- I usually use in my openwrt DnsCRYPT (dnscrypt-proxy) can exists
with LISP ?
We haven't tried but if DnsCRYPT uses normal IP packets then it should work.
4-with my new EID prefix can have and use my 3 wan interfaces ? you
said at some point that withou EID it would be used only one interface
and other would behave as backup interfaces ( i would like to use all
my interfaces WANS to do multihoming
Maybe I explained myself wrong. You can only use traffic aggregation if
you have a *public IP* assigned to each of the WAN interfaces. If you
have NAT (i.e. private IP) in one or more of the WAN interface, then you
have to enable NAT traversal functionality ( available in LISPmob 0.4
but not in version 0.5). With NAT traversal enabled, LISPmob only uses
one interface at the same time so you can't use traffic aggregation on a
NATed scenario.
5- it is possible to use at full all wan interfaces with a weight of
100 each at same time ? or should be the totals wans 100 and from
there make like wan1 weight 70 wan2 weigh 20 and wan3 weight 10 ?
The weight is used to know how traffic flows will be spread through
interfaces. Flows are distributed proportionally to the addition of all
weights.
For instance:
Iface 1: w=100 ---> 100/400 -> 25% of the flows will use
this interface
Iface 2: w=100 ---> 100/400 -> 25% of the flows will use
this interface
Iface 3: w=200 ---> 200/400 -> 50% of the flows will use
this interface
total w = 400
6-what could be the consequences using version 5.xx LISP without NAT.
i asked because I have connected to openwrt a PBX (freeSwitch) local
and my phones are local. plus I have 2 ip cameras ( my external wan
ip for all wans are dynamic )
If the dynamic IPs assigned to your WANs are public then you should not
have any problem.
7- LISP make my openwrt and clients faster, and more fail tolerance ?
I suppouse for example if I have connection to a TV stream and the wan
that is used at that moment lose connection... then with LISP
automatic will still using the connection with the other wans ? and no
break of internet link with tv stream ? ZERO down time ?
Not zero, but better. You may experience a downtime of a few seconds:
4-6 seconds more or less of the already established connections. When a
flow is assigned to an interface, and this interface goes down, LISPmob
needs a few seconds to notify the other peers that they should use the
other interface to reach you.
8- LISP can help to connect to my cameras by remote android phone with
dynamic IP updater like no-ip.org <http://no-ip.org> ?
With LISP, the clients are assigned within one EID prefix. These EIDs
are static IPs that will not change even the WAN interface address
changes. You will be able to access your cameras without problem.
9- I suppouse that EID-Prefix IP is hosted in LISPmod Servers, this
make faster and avoid down time ? security ?
could you tell some of the advantages with this ?
The EID prefix we have provided belongs to a pilot network called LISP
Beta Network witch is distributed around the world and have multiple
participants <http://www.lisp4.net/beta-network/participants/> . This
network is a best effort network where the participants provide
resources selflessly.
The advantages apart from the ones you have mention could be:
* mobility: you can move wherever you want and you will always have
assigned the same EID (IP).
* IPv4/IPv6 transitions. You can have an IPv6 address even your
network provider only give you IPv4 connectivity.
10- thanks thanks so much for your fast answers, and your attentions.
you are very kind
It is a pleasure for us to help LISPmob users. Please, feel free to ask
whenever you want.
Best regards
Albert
thanks
inquba
On Tue, Dec 15, 2015 at 2:36 PM, Jose Collin <[email protected]
<mailto:[email protected]>> wrote:
HI. I want to try LISPd in my openwrt router CC chaos calmer 15.05
I have Buffallo WZR-1750DHP router with openwrt, I install LISPD
by opkg update, opkg install lispd
my openwrt router is not atheros ar71x but (BCM4708) kernel
version 3.18.20
I would like to use LISPD as I want MULTIHOMING I have 3 wan
phisical interfaces in router isolated as vlans
so I have some questions and hope you can help me..
1- LISPD multihoming add bandwidth from all my wans? ex wan=
12mbpsDOWN/2mbpsUP
wan2 = 7mbpsDown/3mbpsUP wan3 = 10mbpsDown/4mpbsUP so these 3
would add the bandwidth like bonding and have 29mbpsDown/9mpsUP ???
2-I install the version 4.1 of LISPD in openwrt that was in the
update software so with this version I would have multihoming enable ?
3- per automatic config is recomended to put this
add the following lines to `/etc/sysctl.conf`. Remember to
reboot your system after adding these lines.
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
but my openwrt LISPD version is diferent here how it is NOTE that
it is not rp_filter=0 but arp_ignore=1 and what should I put here
0 or 1 ? default is 1
and note2 instead of all.rp_filter=0 it said all.arp_ignore=1
kernel.panic=3
net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.all.arp_ignore=1
net.ipv4.ip_forward=1
net.ipv4.icmp_echo_ignore_broadcasts=1
net.ipv4.icmp_ignore_bogus_error_responses=1
net.ipv4.igmp_max_memberships=100
net.ipv4.tcp_ecn=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_keepalive_time=120
net.ipv4.tcp_syncookies=1
net.ipv4.tcp_timestamps=1
net.ipv4.tcp_sack=1
net.ipv4.tcp_dsack=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
net.netfilter.nf_conntrack_acct=1
4- It said that I should add all my interfaces before activating,
so my question is how I put the interfaces and how to set routes ?
could you set this for me.. since I am very newbie with this ...
here my data for interfaces
NOTE: wan's are in order of importance for the metrics... wan is
the most important then wan2 and less important is wan3
LAN= eth0.1 =ip 192.168.10.1
WAN= eth0.2 =ip is DHCP in 192.168.2.192/24 <http://192.168.2.192/24>
WAN2= eth0.200 =ip is DHCP in 192.168.11.192/24
<http://192.168.11.192/24>
WAN3= eth0.300 =ip is DHCP in 192.168.8.50/24 <http://192.168.8.50/24>
once made this the system would work out of the box ? or need
something ?
5- I have use mwan3 and multiwan but it seems it only do load
balancing but not add the bandwidth of all wans.... what would be
the advantages of multihoming vs mwan3 and multiwan if any ?
thanks so much in advance
Joseph Colin
--
--
---------
Jose A Colin G
--
Albert López
CCABA System Administrator
Universitat Politècnica de Catalunya
Telf: 93 4017182
