[Berlin-wireless] Ein Schritt entfernt?

demos demos
Mi Jul 22 14:56:15 CEST 2015


Hallo Freifunkas,

wer hat Lust sich mit zweien von uns in Berlin zu treffen.
GNUnet auf sein Openwrt zu tun und zu helfen, dass GNUnet in zwei Wochen
beim Battlemesh dabei sein kann?
Gerade sieht es so aus als wenn es nur ein Fehler ist der dem Modul
GNUnet-vpn innewohnt.

Der Plan: ein paar GNUnet-Knoten aufstellen, miteinander reden lassen
und schauen, wo der Fehler liegt.

Liebe Grüße
Demos

mehr Details:
super Readme wie man GNUnet auf OpenWRT tut:
https://github.com/dangowrt/gnunet-15.05
Wie man GNUnet auf Debian tut:
https://gnunet.org/build-instructions-debian-8

Status Quo:
> What has not been working out for us so far is to successfully connect
> to services offered at certain nodes. We asked Mr Grothoff whether we
> were doing things right and he suggested we need to wireshark/tcpdump
> the transactions to find out how something is going wrong - in other
> words, it doesn't seem to be a simple usage failure.

"configure VPN services as described, then allocate a
virtual ip to them and try to interact. That already fails, so if you
manage to fix this scenario you probably fixed the entire problem."

Zur Vorgehensweise:
3) To diagnose VPN issues, you should
a) run 'make check' in the src/pt/ directory. If that fails -- or if
   the tests don't actually run because of SUID/permissions missing,
   don't look further! Those tests DO pass if the installation is
   correct, and they do test running HTTP (curl) vpn-cadet-exit to
   an HTTPD (MHD-based).
b) make sure that the peers are connected at the CORE level
   (gnunet-core -m) -- and check if the connections stay up or
   flutter a lot. If they go up and down rapidly several times
   per minute, I'd look into that first. (that means going down
   to TRANSPORT and likely WLAN plugin)
c) make sure that the peers are able to establish a good end-to-end
   CADET connection (gnunet-cadet -h..., ask Bart or 'man' for help)
d) then try the VPN/exit, if necessary attaching 'wireshark' to the
   TUN interfaces can help see how far the data makes it.

Ein Hinweis von Christian Grothoff wie man das VPN testet:

sending a test packet (ICMP?) to the other peer. So you want to see the
say PING enter your
entry VPN interface, exit on the EXIT VPN interface, see a PONG be
generated and send to the EXIT, and then see the PONG a the entry VPN.

Same for TCP (SYN/ACK) or anything else you may test. And you should
also fortunately have no other traffic to distract you. ;)

-- 
Echt Dezentrales Netz - EDN:
The goal of EDN is to verify the applicability of existing technologies
and solutions,
and to integrate them in a comprehensive product.
More secure and private communication in and by Open Wireless Meshnets.
https://wiki.c3d2.de/Echt_Dezentrales_Netz/en

"There are many fights more important than the fight over how the
internet is
regulated. Equity in race, gender, sexual preference; the widening
wealth gap;
the climate crisis ? each one far more important than the fight over the
rules
for the net.
Except for one thing: the internet is how every one of these fights will
be won
or lost. Without a free, fair and open internet, proponents of urgent
struggles
for justice will be outmaneuvered and outpaced by their political opponents,
by the power-brokers and reactionaries of the status quo.
The internet isn?t the most important fight we have; but it?s the most
foundational."
Cory Doctorow
(http://www.theguardian.com/technology/2015/jun/15/internet-answer-questions-of-our-time)
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : 0xBF83D308.asc
Dateityp    : application/pgp-keys
Dateigröße  : 4737 bytes
Beschreibung: nicht verfügbar
URL         : <http://lists.berlin.freifunk.net/pipermail/berlin/attachments/20150722/185214b0/attachment.key>
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 819 bytes
Beschreibung: OpenPGP digital signature
URL         : <http://lists.berlin.freifunk.net/pipermail/berlin/attachments/20150722/185214b0/attachment.pgp>



Mehr Informationen über die Mailingliste Berlin