Re: [Govpn-devel] build from last tarball

public inbox for govpn-devel@lists.cypherpunks.ru
Atom feed

From: Alan Holt <berber.it@gmail•com>
To: govpn-devel@lists.cypherpunks.ru, Alan Holt <berber.it@gmail•com>
Subject: Re: [Govpn-devel] build from last tarball
Date: Thu, 28 Jan 2016 12:26:35 +0200	[thread overview]
Message-ID: <CAKw30nrz01MsYrbptfCGfB+gwpn9j3sHkufJ=H31WNPFhV9A+w@mail.gmail.com> (raw)
In-Reply-To: <20160121094335.L4LM4iD8f%stargrave@stargrave.org>

[-- Attachment #1: Type: text/plain, Size: 5495 bytes --]

Hello Sergey,

thank you for this notes and sorry for long answer.
Yesterday evening we did check GoVPN(*5.3 tarball*) server in the field.

*We did test it in our local network (~100Mb) between two VMs.*
1 vm - Ubuntu14.04
1 vm - Arch
1 vm - Centos 7 as server in Amsterdam

After I got notes from you about configuring server and client, to get
tunnel running was really simple.

*My peers.yaml looks like:*
alan:
    iface: tap10
    verifier:
$argon2d$m=4096,t=128,p=1$Xng0noZZC9v34Ehg7RFSRQ$tIAu7jX57mDll2hmK/xjoLyKJfozQivTvupmftT7VYY

*Can I add another client in the same file, like:*
alex:
    iface: tap10
    verifier:
$argon2d$m=4096,t=128,p=1$Xng0noZZC9v34Ehg7RFSRQ$tIAu7jX57mDll2hmK/xjoLyKJfozQivTvupmftT7VYY

*My server run: *
# ./govpn-server -bind 172.25.60.72:1194
2016/01/28 11:24:58.152692 main.go:46: GoVPN version  built with go1.5.3
2016/01/28 11:24:58.153323 identify.go:70: Adding key
5e78349e86590bdbf7e04860ed115245
2016/01/28 11:24:58.153797 udp.go:51: Listening on UDP:172.25.60.72:1194
2016/01/28 11:24:58.154457 main.go:85: Server started

*My client run:*
# govpn-client -verifier '$argon2d$m=4096,t=128,p=1$Xng0noZZC9v34Ehg7RFSRQ'
-remote=172.25.60.72:1194 -iface tap10

*Tests that we performed: *
*Ping in local network:*
# ping 172.16.0.2
PING 172.16.0.2 (172.16.0.2) 56(84) bytes of data.
64 bytes from 172.16.0.2: icmp_seq=1 ttl=64 time=*2.03 *ms
64 bytes from 172.16.0.2: icmp_seq=2 ttl=64 time=*10.0* ms
64 bytes from 172.16.0.2: icmp_seq=3 ttl=64 time=*5.04* ms
64 bytes from 172.16.0.2: icmp_seq=4 ttl=64 time=*10.0* ms
64 bytes from 172.16.0.2: icmp_seq=5 ttl=64 time=*11.3* ms
64 bytes from 172.16.0.2: icmp_seq=6 ttl=64 time=*6.18* ms
64 bytes from 172.16.0.2: icmp_seq=7 ttl=64 time=*12.2* ms

*iperf test in local network:*
puppet root ~ # iperf -c 172.16.0.2
------------------------------------------------------------
Client connecting to 172.16.0.2, TCP port 5001
TCP window size: 45.0 KByte (default)
------------------------------------------------------------
[  3] local 172.16.0.1 port 55274 connected with 172.16.0.2 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   105 MBytes  *87.7* Mbits/sec

*Ping test VPN over Internet (Netherlands, Amsterdam<-> Israel, Tel-Aviv)
is good in SINGLE mode:*
# ping 172.16.0.1
PING 172.16.0.1 (172.16.0.1) 56(84) bytes of data.
64 bytes from 172.16.0.1: icmp_seq=1 ttl=64 time=1174 ms
64 bytes from 172.16.0.1: icmp_seq=3 ttl=64 time=81.8 ms
64 bytes from 172.16.0.1: icmp_seq=5 ttl=64 time=79.4 ms
64 bytes from 172.16.0.1: icmp_seq=7 ttl=64 time=83.0 ms
64 bytes from 172.16.0.1: icmp_seq=8 ttl=64 time=88.9 ms
64 bytes from 172.16.0.1: icmp_seq=9 ttl=64 time=79.2 ms
64 bytes from 172.16.0.1: icmp_seq=10 ttl=64 time=87.7 ms
64 bytes from 172.16.0.1: icmp_seq=12 ttl=64 time=144 ms
64 bytes from 172.16.0.1: icmp_seq=13 ttl=64 time=98.0 ms

*In this case 2 clients from Tel-Aviv connected to the same server in
Amsterdam, one of users get disconnected:*

2016/01/28 10:14:16.503875 main.go:111: *Deleting peer*
71ec89cac70333cbeb37f5234bf847f9:93.157.86.36:45087

2016/01/28 10:14:16.527846 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:16.527921 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:17.528000 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:17.528077 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:18.528820 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:19.541059 udp.go:173: Unknown identity from:
93.157.86.36:45087
2016/01/28 10:14:20.530810 udp.go:173: Unknown identity from:
93.157.86.36:45087

*So how I do one server serf multiple clients?*
*Is it possible? *


On Thu, Jan 21, 2016 at 11:43 AM, <stargrave@stargrave•org> wrote:

> *** Alan Holt <berber.it@gmail•com> [Wed, 20 Jan 2016 00:58:49 +0200]:
> >root@alan-XPS:~/govpn-5.2# cat peers.yaml
> >alan:
> >    up: /path/to/up.sh
> >    iface: tap10
> >    verifier: $argon2d$m=4096,t=128,p=1$J2g7mlL33KHw34qDq0L5Eg
> >    Passphrase:
>
> >$argon2d$m=4096,t=128,p=1$J2g7mlL33KHw34qDq0L5Eg$NsW5CVpiU14e1c12S8GKEqSeHVeAZ5h+gVrVq4s7u3U
>
> I fixed the issue that "Passphrase:" does not appear after newclient.sh
> call and is included in example YAML output in 5.3 release.
>
> Now the output is as expected:
>
>     % ./utils/newclient.sh foobar
>     Passphrase:[hello]
>
>     Your client verifier is:
> $argon2d$m=4096,t=128,p=1$ijktkRI+NRG9VHETCywgzg
>
>     Place the following YAML configuration entry on the server's side:
>
>         foobar:
>             up: /path/to/up.sh
>             iface: or TAP interface name
>             verifier:
> $argon2d$m=4096,t=128,p=1$ijktkRI+NRG9VHETCywgzg$W4hAiwvOKWcE/U3dVujbdTeFUA3klmjG4joLR8CdMAY
>     % ./govpn-verifier -verifier
> '$argon2d$m=4096,t=128,p=1$ijktkRI+NRG9VHETCywgzg$W4hAiwvOKWcE/U3dVujbdTeFUA3klmjG4joLR8CdMAY'
>     Passphrase:
>     true
>
> Thanks again for showing this issue!
>
> --
> Happy hacking, Sergey Matveev
>



-- 
*בברכה, *
*אלכס ברבר*
*PGP Public Key
<https://pgp.mit.edu/pks/lookup?op=get&search=0xF0508EB3F7C241E1>*
*www.linuxspace.org* <http://www.linuxspace.org>
*--*
*Best regards.*
*Alex Berber*
*PGP Public Key
<https://pgp.mit.edu/pks/lookup?op=get&search=0xF0508EB3F7C241E1>*
*www.linuxspace.org* <http://www.linuxspace.org/>

[-- Attachment #2: Type: text/html, Size: 9083 bytes --]

next prev parent reply	other threads:[~2016-01-28 10:26 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-13  7:59 [Govpn-devel] build from last tarball Alan Holt
2015-05-13  8:47 ` stargrave
2015-05-13  9:00   ` Alan Holt
2015-05-13  9:36     ` stargrave
2015-05-13 10:01       ` Alan Holt
2015-05-13 10:14         ` stargrave
2015-05-13 10:52           ` Alan Holt
2015-05-13 11:41             ` stargrave
2015-05-13 13:31               ` Alan Holt
2015-05-13 13:47                 ` Alan Holt
2015-05-13 14:09                   ` stargrave
2015-05-13 14:55                     ` Alan Holt
2015-05-13 16:52                       ` stargrave
2015-05-14  8:30                         ` Alan Holt
2015-05-14  9:22                           ` Alan Holt
2015-05-14 12:34                             ` stargrave
2015-05-14 13:25                           ` stargrave
2015-05-14 13:32                             ` Alan Holt
2015-05-14 14:11                               ` stargrave
2016-01-19 19:04                                 ` Alan Holt
2016-01-19 22:08                                   ` stargrave
2016-01-19 22:58                                     ` Alan Holt
2016-01-20  7:53                                       ` stargrave
2016-01-21  9:43                                       ` stargrave
2016-01-28 10:26                                         ` Alan Holt [this message]
2016-01-28 10:46                                           ` stargrave
2016-01-28 13:39                                             ` Alan Holt
2016-01-28 14:20                                               ` stargrave
2015-05-13 14:06                 ` stargrave