73 | | [http://groups.geni.net/geni/attachment/wiki/CmuLab/homenet_customisations.tar.bz2 Customisations made to a standard UBUNTU image needed to prepare them for being a homenet node, also customisations to Emulab to handle the configuration requests] [[BR]] |
74 | | [http://groups.geni.net/geni/attachment/wiki/CmuLab/design_concerns Design concerns] for MetaVPN, management software that creates/manages/destroys OpenVPN networks that serve as data planes within an experiment. [[BR]] |
| 73 | Customisations made to a standard UBUNTU image needed to prepare them for being a homenet node, also customisations to Emulab to handle the configuration requests. ([http://groups.geni.net/geni/attachment/wiki/CmuLab/homenet_customisations.tar.bz2 tarfile]) |
| 74 | |
| 75 | [http://groups.geni.net/geni/attachment/wiki/CmuLab/design_concerns Design concerns] for MetaVPN: management software that creates/manages/destroys OpenVPN networks that serve as data planes within an experiment. |
| 76 | |
| 77 | !HomeNet setup [http://moo.cmcl.cs.cmu.edu/wiki/index.php/HomenetSetup notes]. |
87 | | !HomeNet nodes will tunnel (IP-in-IP) to CMU Control using OpenVPN. The nodes will have addresses assigned by the user's ISP and may be assigned private addresses by !HomeNet. |
| 90 | The CMU Lab internal cluster and Wireless Emulator are NATted behind 128.2.222.223. |
| 91 | |
| 92 | The !HomeNet nodes themselves are located in residences, sometimes behind NATs and sometimes with direct IP connectivity. [[BR]] |
| 93 | ''Data plane:'' Several of the !HomeNet nodes are deployed behind either NATs or firewalls that block most non-TCP communication other than DNS. As a result, these nodes use OpenVPN tunnels to reach a tunnel endpoint node at CMU. This tunnel endpoint will have a globally-reachable IP address that can be used for GRE tunnels (and, perhaps an L2 tunnel if an economical L2 VLAN strategy can be found). [[BR]] |
| 94 | ''Control plane:'' To present a unified access mechanism for these nodes and to simplify the node management process, these nodes establish an SSL-based VLAN with the CMULab cluster control node (boss). The nodes use the open-source OpenVPN SSL/TLS-based VPN software to establish the Homenet control VPN. See also the attached file. |
| 95 | |
| 96 | The tunnel endpoint and any globally-reachable nodes installed later will connect to the ProtoGENI node on Internet2 using a GRE tunnel. CMU accesses the Internet via 3ROX operated by PSC using a link with over 500 Mbps spare capacity. 3ROX is not on I2's DCN. !HomeNet nodes will tunnel (IP-in-IP) to CMU Control using OpenVPN. The nodes will have addresses assigned by the user's ISP and may be assigned private addresses by !HomeNet. |