Friday, 27 March 2015
Saturday, 21 March 2015
Stage 4: Connecting nodes with GVPN
This is stage 4:
Till now, we successfully connected 2 endpoints (Alice and Bob) over the internet using IPOP and SVPN controller.
But there are some disadvantages of SVPN, for example:
- What if there many many participants, it will be inpractical for each node to add every other node as friend on the XMPP server.
- Also, SVPN cannot be used directly for something like LAN gaming, this is because it employs network translation(to maintain friend relationships). This means for Bob Alice's IP is different from Alice's self IP. Or in other words the VPN is very personal and IP mapping is different for every person.
To avoid this we are gonna use GroupVPN.
 |
| All to All connectivity in GroupVPN |
Step 1: Creating configuration file
This will be somewhat similar to config file from SVPN. But We are going to use ONLY ONE XMPP ID. This will solve our first problem (adding each node as friend).
For this task you can go through stage 2 and create a new XMPP jabber ID specifically for this purpose, or we can use Alice's JID.
I created a new XMPP JID called 'group_sushant@xmpp.jp'
Next create a config.json file in IPOP directory with the following contents for each of the participating nodes:
For Node 1
{
"xmpp_username": "group_sushant@xmpp.jp",
"xmpp_password": "****",
"xmpp_host": "xmpp.jp",
"ip4": "192.168.5.1",
"ip4_mask": 24,
"stat_report": true,
"tincan_logging": 0,
"controller_logging": "DEBUG"
}
For Node 2, same config file but {"ip4":"192.168.5.2"}
For Node 3, same config file but {"ip4":"192.168.5.3"}
and so on...
Remember, XMPP ID and Password should stay the same across all nodes.
Step 2 : Running IPoP
Run this on all the participating nodes
sudo sh -c './ipop-tincan-x86_64 1> out.log 2> err.log &'
Note: use "ipop-tincan-x86" in place of "ipop-tincan-x86_64" for 32-bit Ubuntu machine.
then
./gvpn_controller.py -c config.json &> log.txt &
Step 3: Check if connected
Run on any of the node to see the status of the network.
echo -e '\x02\x01{"m":"get_state"}' | netcat -q 1 -u 127.0.0.1 5800
If any of the nodes did not start GVPN controller than those nodes won't be visible.
But if they start, then their nodes are visible but 'Offline'
To bring them online, or to complete the connection run
$ ping 192.168.5.2 <ip of that node>
(wait for some time, when reply comes you can stop pinging with ctr+C)
Now run 'echo -e '\x02\x01{"m":"get_state"}' | netcat -q 1 -u 127.0.0.1 5800' again.
If you are getting something like this
then congratulations you have successfully created a GroupVPN.
You can see in the image that your IP is 192.168.5.2, and your peers IP is 192.168.5.1,( which in the case of SVPN , your IP was always 172.31.0.100)
You can see in the image that your IP is 192.168.5.2, and your peers IP is 192.168.5.1,( which in the case of SVPN , your IP was always 172.31.0.100)
Step 4: How to avoid pinging step
IPOP doesn't establish links right away, it checks whether that link is required (or someone is trying to communicate through that link). That's why when we ping, a link is established , and the node appears online.
This is very important in case of grid computers or clusters, where if a node is not required , the system should avoid the complexity of considering that node everytime.
But for applications LAN gaming we don't expect many nodes, therefore we can instruct IPOP to form the links right away, without us having to ping each link everytime.
To do this, its very simple just include the following in the configuration file:
{"on-demand_connection" : false,}
To stop the vpn run:
pkill ipop-tincan-x86_64
ps aux | grep gvpn_controller.py
kill <pid-of-gvpn-controller.py>
Friday, 20 March 2015
Stage 3: Remote access with SSH
Welcome to stage 3 :
Hi all, till now we have successfully established a VPN using IPoP.
Lets setup SSH so that Bob can remotely access Alice's computer!
Hi all, till now we have successfully established a VPN using IPoP.
Lets setup SSH so that Bob can remotely access Alice's computer!
Step 1 :Install SSH server
For those who don't know SSH (Secure Shell Script) allows you to access a system running a SSH server over a network. Say if Bob wants to remotely use Alice's computer, then Alice should start a SSH server. Alice will install ssh server by
$sudo apt-get install openssh-server
and check if it is running (this should result in a process id)
$pgrep sshd
Step 2: Bob logs in on Alice's computer
From stage 3, we know that for Bob, Alice's IP is 172.31.0.101
Bob log's in by using following command
$ssh 172.31.0.101
and enter Alice's password.
Bob log's in by using following command
$ssh 172.31.0.101
and enter Alice's password.
The result is Bob has successfully logged in Alice's computer over the internet.
To exit back to local session run
exit
Transferring Files
Bob can download files present on SSH server(Alice) to his local system by doing
$scp user@172.31.0.101:/path/to/localfile /path/to/Destinationfile
$scp user@172.31.0.101:/path/to/localfile /path/to/Destinationfile
Stage 2: Connecting Bob And Carol with SVPN
This is stage 3 :
Previously..(with '24' soundtrack)
-IPoP was Installed
-Alice and Bob registered on XMPP server
-Alice and Bob are friends.
In this tutorial I am going to connect Alice and Bob through IPoP's SocialVPN controller. SocialVPN helps in creation of virtual private networks connecting an Internet users to their friend’s devices. It derives friend relationship from XMPP servers( That is why we added Alice and Bob as friends in the previous stage). Each user is in control of who their VPN connects to(for example Alice is friends with Bob and Carol, but Bob and Carol are not friends, in that case there will not be a VPN link between Bob and Carol).
Well, my GSoC project will be related to this, IFFFFFFFF (thats a very big IF) I get selected (fingers crossed).
Alice and Bob create 'config.json' file and store it in their respective IPOP directory (remember 'home/ipop-15.01.0_ubuntu14? If not go back to stage 2)
The contents of Alice's Config file will be... (xmpp_host depends on the server you used)
{
"xmpp_username": "alice_sushant@xmpp.jp",
"xmpp_password": "****(Yah, right!)",
"xmpp_host": "xmpp.jp",
"ip4": "172.31.0.100",
"ip4_mask": 24,
"stat_report": true,
"tincan_logging": 0,
"controller_logging": "DEBUG"
}
Similarily Bob's config file (just change (username, password) , everything else stays the same(ip4,ip4_mask...))
Run this on both, Alice and Bob
Run (on Alice):
Previously..(with '24' soundtrack)
-IPoP was Installed
-Alice and Bob registered on XMPP server
-Alice and Bob are friends.
Social VPN
 |
| Alice friends with Bob and Carol, but Bob and Carol are not friends. |
In this tutorial I am going to connect Alice and Bob through IPoP's SocialVPN controller. SocialVPN helps in creation of virtual private networks connecting an Internet users to their friend’s devices. It derives friend relationship from XMPP servers( That is why we added Alice and Bob as friends in the previous stage). Each user is in control of who their VPN connects to(for example Alice is friends with Bob and Carol, but Bob and Carol are not friends, in that case there will not be a VPN link between Bob and Carol).
Step 1: Creating configuration file
Well, my GSoC project will be related to this, IFFFFFFFF (thats a very big IF) I get selected (fingers crossed).
Alice and Bob create 'config.json' file and store it in their respective IPOP directory (remember 'home/ipop-15.01.0_ubuntu14? If not go back to stage 2)
The contents of Alice's Config file will be... (xmpp_host depends on the server you used)
{
"xmpp_username": "alice_sushant@xmpp.jp",
"xmpp_password": "****(Yah, right!)",
"xmpp_host": "xmpp.jp",
"ip4": "172.31.0.100",
"ip4_mask": 24,
"stat_report": true,
"tincan_logging": 0,
"controller_logging": "DEBUG"
}
Similarily Bob's config file (just change (username, password) , everything else stays the same(ip4,ip4_mask...))
Step 2 : Running IPoP
Run this on both, Alice and Bob
Start IPOP:
$ sudo sh -c './ipop-tincan-x86_64 1> out.log 2> err.log &'
Note: use "ipop-tincan-x86" in place of "ipop-tincan-x86_64" for 32-bit Ubuntu machine.
$ sudo sh -c './ipop-tincan-x86_64 1> out.log 2> err.log &'
Note: use "ipop-tincan-x86" in place of "ipop-tincan-x86_64" for 32-bit Ubuntu machine.
then
Start SVPN controller:
./svpn_controller.py -c config.json &> log.txt &
./svpn_controller.py -c config.json &> log.txt &
Step 3: Checking if connected
Run (on Alice):
echo -e '\x02\x01{"m":"get_state"}' | netcat -q 1 -u 127.0.0.1 5800
See the above image, if Bob didnot start SVPN controller than his node won't be visible.
But if starts, then his node is visible but 'Offline'
To bring him online, or to complete the connection, ping him
See the above image, if Bob didnot start SVPN controller than his node won't be visible.
But if starts, then his node is visible but 'Offline'
To bring him online, or to complete the connection, ping him
$ ping 172.31.0.101
(wait for some time, when reply comes you can stop pinging with ctr+C)
Now run 'echo -e '\x02\x01{"m":"get_state"}' | netcat -q 1 -u 127.0.0.1 5800' again.
(wait for some time, when reply comes you can stop pinging with ctr+C)
Now run 'echo -e '\x02\x01{"m":"get_state"}' | netcat -q 1 -u 127.0.0.1 5800' again.
If you are getting something like this..
than congratulations you have successfully created a VPN.
You can see in the image that your IP is 172.31.0.100, and your peer's IP is 172.31.0.101
You can see in the image that your IP is 172.31.0.100, and your peer's IP is 172.31.0.101
To stop the vpn run:
Run:
pkill ipop-tincan-x86_64
ps aux | grep svpn_controller.py
kill <pid-of-svpn-controller.py>
ps aux | grep svpn_controller.py
kill <pid-of-svpn-controller.py>
Thursday, 19 March 2015
Stage 1: Installing IPOP
Install IP over P2P
I will call you and your friend, Alice and Bob. Alice and Bob want to form a VPN with IPOP, for that they'll have to install IPOP first...
So Alice and Bob should run this commands on their system (in this tuts, Ubuntu 14.04)
If you want, you can also compile the code from Source Code.
Great now you have installed IPOP successfully!
There are many such servers available here ( you can also use Facebook or Google Hangout for this).
I tried it with one of the servers called https://www.xmpp.jp
Now Alice and Bob should signup for XMPP server here .
Done? Great!
(I created something like..
alice_sushant@xmpp.jp
bob_sushant@xmpp.jp)
Now login here (https://www.xmpp.jp/client/)
Next, next, save, cancel, close (no need to add any personal data!)
Remember, you only need this for establishing connections with peers in IPOP, once that is done, these servers will no longer be needed for data communication.
On the left side click on add friend.
Bob adds Alice's account and presses Enter. Alice accepts Bobs request.
Done!! Alice and Bob are now friends.
Congratulations you have completed the first stage.
Note: there are many XMPP servers available, you can select any one, But make sure Alice and Bob are friends! This is very important because IPOP derives this info from the server.
So Alice and Bob should run this commands on their system (in this tuts, Ubuntu 14.04)
$ wget -O ipop-15.01.0_ubuntu14.tar.gz http://goo.gl/iBRgx1$ tar xvzf ipop-15.01.0_ubuntu14.tar.gz$ cd ipop-15.01.0_ubuntu14
more details are available here.
If you want, you can also compile the code from Source Code.
Great now you have installed IPOP successfully!
Creating XMPP account
Next you are gonna need a XMPP server login and password..There are many such servers available here ( you can also use Facebook or Google Hangout for this).
I tried it with one of the servers called https://www.xmpp.jp
Now Alice and Bob should signup for XMPP server here .
Done? Great!
(I created something like..
alice_sushant@xmpp.jp
bob_sushant@xmpp.jp)
Now login here (https://www.xmpp.jp/client/)
Next, next, save, cancel, close (no need to add any personal data!)
Remember, you only need this for establishing connections with peers in IPOP, once that is done, these servers will no longer be needed for data communication.
Adding each other as friends
I guess this will be already done in Hangouts or Facebook.
 |
| Click on 'Add a friend' in the left panel |
Bob adds Alice's account and presses Enter. Alice accepts Bobs request.
 |
| Bob enters Alice's account and Alice accepts Bob's request. |
Congratulations you have completed the first stage.
Note: there are many XMPP servers available, you can select any one, But make sure Alice and Bob are friends! This is very important because IPOP derives this info from the server.
About IPOP
Hello Future Sushant! or anyone else reading this.. So I am gonna start writing a new series of blogs
to keep track of my contribution to the organization IP over P2P.
I will approach this as if I am the new kid on the block, with zero idea whats going on!
So there is this project called IPoP which I found on GSoC Melange, which allows users to create their own VPN.
you have a friend abroad and you are at home, VPN can allow you to be in the same local network, he can be 192.168.1.2 and you can be 192.168.1.1 as if you are in the same room)!. You can login to his computer, and vice-versa , play LAN games , share files and what not , cool right?
peers. Because user to user communication goes through a centralized backend (e.g. Facebook) it leads to privacy issues (your messages can be monitored), performance limitations (more users, less service to each one) and Fault tolerance (server crashes). IPoP is user defined, Self configuring and it
doesn't depend on external virtual routing infrastructures on the internet. It doesn't go through
centralized infrastructure like typical VPN softwares, so your data is safe!
to keep track of my contribution to the organization IP over P2P.
I will approach this as if I am the new kid on the block, with zero idea whats going on!
So there is this project called IPoP which I found on GSoC Melange, which allows users to create their own VPN.
What is VPN?
According to my understanding it allows you to create a local (private) network over the internet (sayyou have a friend abroad and you are at home, VPN can allow you to be in the same local network, he can be 192.168.1.2 and you can be 192.168.1.1 as if you are in the same room)!. You can login to his computer, and vice-versa , play LAN games , share files and what not , cool right?
Whats the big deal in that?
You see, currently transition to IPV6 is ongoing. And most of the computer around the world still use IPV4. Unlike IPV6, IPV4 has limited address spaces. And we can't afford to have separate IP addresses for all internet connected devices(Laptops, Mobile Phones, Tablets etc. and Now even smartwatches!). Thats where NAT comes in. Just think of it as something which Maps multiple IP addresses to single IP address. If you want to connect to someone outside your local network, there are very high chances that they are using NAT (or firewalls). So in short, you cannot uniquely identify the other person on the internet.Why use IPoP?
Centralized services such as online social networks (OSNs) allow users to communicate with theirpeers. Because user to user communication goes through a centralized backend (e.g. Facebook) it leads to privacy issues (your messages can be monitored), performance limitations (more users, less service to each one) and Fault tolerance (server crashes). IPoP is user defined, Self configuring and it
doesn't depend on external virtual routing infrastructures on the internet. It doesn't go through
centralized infrastructure like typical VPN softwares, so your data is safe!
Subscribe to:
Comments (Atom)