documentation:examples:validating_openvpn_s_low-latency_servers_selection_patch
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
documentation:examples:validating_openvpn_s_low-latency_servers_selection_patch [2020/10/06 00:19] – [Router 3] olivier | documentation:examples:validating_openvpn_s_low-latency_servers_selection_patch [2020/10/06 00:55] – [R1: OpenVPN client] olivier | ||
---|---|---|---|
Line 97: | Line 97: | ||
< | < | ||
- | sysrc hostname=R3 | + | sysrc hostname=R3 |
ifconfig_vtnet4=" | ifconfig_vtnet4=" | ||
ifconfig_vtnet4_ipv6=" | ifconfig_vtnet4_ipv6=" | ||
Line 115: | Line 115: | ||
< | < | ||
- | sysrc hostname=R4 | + | sysrc hostname=R4 |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
defaultrouter=" | defaultrouter=" | ||
ipv6_defaultrouter=" | ipv6_defaultrouter=" | ||
- | ifconfig -l | grep -q vtnet && sed -i "" | + | service hostname restart |
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
Line 133: | Line 133: | ||
< | < | ||
- | sysrc hostname=R5 | + | sysrc hostname=R5 |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
firewall_enable=YES \ | firewall_enable=YES \ | ||
firewall_script="/ | firewall_script="/ | ||
- | ifconfig -l | grep -q vtnet && sed -i "" | ||
cat > / | cat > / | ||
#!/bin/sh | #!/bin/sh | ||
Line 156: | Line 155: | ||
\${fwcmd} pipe 53 config delay 50ms | \${fwcmd} pipe 53 config delay 50ms | ||
\${fwcmd} pipe 35 config delay 50ms | \${fwcmd} pipe 35 config delay 50ms | ||
- | \${fwcmd} add pipe 25 all from any to any in via em1 | + | \${fwcmd} add pipe 25 all from any to any in via vtnet1 |
- | \${fwcmd} add pipe 52 all from any to any out via em1 | + | \${fwcmd} add pipe 52 all from any to any out via vtnet1 |
- | \${fwcmd} add pipe 35 all from any to any in via em2 | + | \${fwcmd} add pipe 35 all from any to any in via vtnet2 |
- | \${fwcmd} add pipe 53 all from any to any out via em2 | + | \${fwcmd} add pipe 53 all from any to any out via vtnet2 |
#We don't want to block traffic, only shape some | #We don't want to block traffic, only shape some | ||
\${fwcmd} add allow ip from any to any | \${fwcmd} add allow ip from any to any | ||
EOF | EOF | ||
- | ifconfig -l | grep -q vtnet && sed -i "" | + | service hostname restart |
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
+ | service ipfw start | ||
config save | config save | ||
</ | </ | ||
Line 183: | Line 183: | ||
Initialize PKI and generate a DH: | Initialize PKI and generate a DH: | ||
< | < | ||
+ | cd / | ||
easyrsa init-pki | easyrsa init-pki | ||
easyrsa gen-dh | easyrsa gen-dh | ||
Line 257: | Line 258: | ||
Enable and start openvpn and sshd (we will get certificates files by SCP later): | Enable and start openvpn and sshd (we will get certificates files by SCP later): | ||
< | < | ||
- | sysrc sshd_enable=YES \ | + | service openvpn enable |
- | openvpn_enable=YES | + | |
service openvpn start | service openvpn start | ||
+ | service sshd enable | ||
service sshd start | service sshd start | ||
</ | </ | ||
Line 310: | Line 311: | ||
Enable and start openvpn: | Enable and start openvpn: | ||
< | < | ||
- | sysrc openvpn_enable=YES | + | service openvpn enable |
service openvpn start | service openvpn start | ||
</ | </ | ||
Line 356: | Line 357: | ||
Enable and start openvpn: | Enable and start openvpn: | ||
< | < | ||
- | sysrc openvpn_enable=YES | + | service openvpn enable |
service openvpn start | service openvpn start | ||
</ | </ | ||
Line 391: | Line 392: | ||
</ | </ | ||
+ | Check the latency of each servers (200ms, 100ms and less than 1 ms): | ||
+ | < | ||
+ | [root@R1]~# ping -c 2 192.168.25.2 | ||
+ | PING 192.168.25.2 (192.168.25.2): | ||
+ | 64 bytes from 192.168.25.2: | ||
+ | 64 bytes from 192.168.25.2: | ||
+ | |||
+ | --- 192.168.25.2 ping statistics --- | ||
+ | 2 packets transmitted, | ||
+ | round-trip min/ | ||
+ | |||
+ | [root@R1]~# ping -c 2 192.168.35.3 | ||
+ | PING 192.168.35.3 (192.168.35.3): | ||
+ | 64 bytes from 192.168.35.3: | ||
+ | 64 bytes from 192.168.35.3: | ||
+ | |||
+ | --- 192.168.35.3 ping statistics --- | ||
+ | 2 packets transmitted, | ||
+ | round-trip min/ | ||
+ | |||
+ | [root@R1]~# ping -c 2 192.168.45.4 | ||
+ | PING 192.168.45.4 (192.168.45.4): | ||
+ | 64 bytes from 192.168.45.4: | ||
+ | 64 bytes from 192.168.45.4: | ||
+ | |||
+ | --- 192.168.45.4 ping statistics --- | ||
+ | 2 packets transmitted, | ||
+ | round-trip min/ | ||
+ | </ | ||
Enable and start openvpn: | Enable and start openvpn: | ||
< | < | ||
- | sysrc openvpn_enable=YES | + | service openvpn enable |
service openvpn start | service openvpn start | ||
</ | </ |
documentation/examples/validating_openvpn_s_low-latency_servers_selection_patch.txt · Last modified: 2020/10/06 00:58 by olivier