=============================================================================== Embedded X-BONE 1.0 README http://www.isi.edu/xbone/ xbone@isi.edu $Revision: 1.3 $ $Date: 2006/04/26 22:04:43 $ =============================================================================== Index: X-BONE Project Overview X-BONE Components Overlay Manager Resource Daemon Apache-SSL based GUI Global X-Bone Embedded X-Bone Distribution: 1.0 Features Configuration Future work Install RESTORE BUILD Post-Install Configuration Debugging Customization FAQ Information and Bug Report =============================================================================== >>> X-BONE Project Overview The X-Bone dynamically deploys and manages Internet overlays to reduce their configuration effort and increase network component sharing. X-Bone discovers, configures, and monitors network resources to create overlays over existing IP networks. Overlay networks are useful for deploying overlapping virtual networks on shared infrastructure and for virtualizing and simplifying network topology. The following is a list of key features of X-Bone: > dynamic resource discovery with S/MIME-authenticated multicast > automatic overlay deployment > web GUI for easy overlay management > simultaneous participation in multiple overlays > two-layer IP in IP encapsulation > supports existing applications and unmodified routing, multicast, and DNS services in unmodified operating systems > supports recursive overlays > supports secure overlays through IPsec >>> X-BONE Components >>> Node Daemon (ND) The Node Daemon is a unified daemon that can be configured to perform certain roles including Overlay Manager and Resource Daemon. (see http://www.isi.edu/xbone for definition), The Overlay Manager (OM) coodinates and deploys overlays on behalf of user requests. Users access the OM via the GUI, and the OM contacts RDs on various hosts to request and configure the components. An X-Bone system requires at least one (currently usually only one) Node Daemon configured as an OM (use "daemon_type = meta" in the configuration file). The RD coordinates configuration of a single physical host to serve in one of three roles in the overlay that include "host", "router" and "node" (use "daemon_type = X" in the configuration file where X is host, router or node). "Host" and "router" roles are well defined. In the "node" role, the RD can configure the physical host to act as a "host" or a "router" depending on need. Note that the role, once configured, remains the same across all overlays that the physical host participates in. Typically, at least one router, and one or more hosts are required to deploy 'interesting' topologies. The Node Daemon has the built-in capability to recurse. However, this functionality is not yet available through the API. >>> Apache-SSL based GUI (GUI) The user controls the X-Bone via a web-based interface, currently available only in Apache-SSL. The X-Bone installation configures an Apache-SSL server, and provides the appropriate X-Bone configuration web pages and scripts. At least one GUI is required per X-Bone system. *** NOTE - the Node Daemon and GUI can run on the same machine if *** desired. >>> Global X-Bone Global X-Bone Testbed is a shared world wide testbed that integrates isolated X-Bone deployments across the world. The integration is through a shared database of information that allows global discovery (global registry), communication (multiple certificate authorities), and access/resource control (shared ACLs). The Global X-Bone release of the X-Bone software includes support for a shared database based on LDAP replication that combines fine grained control over participation in the Global X-Bone network with ease of use. Global X-Bone is described in detail in Tridentcom 2005 Paper. http://www.isi.edu/touch/pubs/tridentcom2005/ >>> Embedded X-Bone 1.0 Release X-Bone functionality depends on the correct configuration of several dependent software modules such as DNS, routing, web server etc. This is both non-trivial and increases the time required for deployment. The Embedded X-Bone is a distribution of whole operating system that is designed to be up and running with the minimum possible intervention from the user. The Embedded X-Bone system includes the FreeBSD operating system and multiple software modules including X-Bone Server, X-Bone GUI, LDAP server, and DNS server. >>> Development platform: Hardware: http://www.soekris.com/net4801.htm Soekris 4801 Geode SC1100, 233 MHz i486, 128MB Ram Three ethernet interfaces Compact flash: Lexar 512MB Smartdisk (Model 2260, Rev A) Software: OS: FreeBSD 4.9 Apache : 2.0.50 ModPerl: 1.99r16 OpenSSL: 0.9.7d OpenLDAP: 2.2.15 Bind: 9.3 X-Bone: 3.2 >>> Features X-Bone: Support for version 3.2 Overlay Manager, Node Daemon, GUI Support for IPv6, LDAP, DNS, IPSec, QoS Support for GX-Bone Configuration Interface: Web-based X-Bone Node Daemon and GUI DNS Server LDAP Server >>> Future work OS: Port to newer FreeBSD version/use of PicoBSD or make a bootable CD distribution of the OS Routing: Dynamic routing support ModPerl: Move to 2.0. This should be done in conjunction with changes to X-Bone. GUI: Add a restore to original button. Ports: Upgrade to the latest version of each port Performance: The hardware platform chosen is not enough for optimal performance of the operating system. Future work will explore ways to reducing computational requirements of the distribution. >>> Install There are two basic options: Build from source or restore from a dump of already packaged distribution. >>> RESTORE To simply *restore* a precompiled distribution (available as an file system dump) to a Compact Flash Card, do the following: 1. Obtain a complete dump from the xbone@isi.edu. This dump tends to be large (200+ MB). 2. Plug in the card in the card-reader and note the device name. Syslog typically has an entry like this. umass0: LEXAR MEDIA CF CARD , rev 1.10/0.01, addr 2 da3 at umass-sim0 bus 0 target 0 lun 0 da3: Removable Direct Access SCSI-CCS device da3: 650KB/s transfers da3: 489MB (1001952 512 byte sectors: 64H 32S/T 489C) 3. Format the card with ufs (using sysinstall) and mount it. $ sysinstall $ mkdir -p /cf $ mount /dev/ /cf 4. Restore the dump cd /cf && restore rf rm -f restoresymtable umount -f /cf >>> BUILD Follow the steps to *build* the distribution (as opposed to simple restore). 1. Find a host that has the same operating system as that of embedded-xbone. This is FreeBSD 4.9 in the current distribution. This may work in case of other FreeBSD OS versions. The build process is more sensitive to ports and dependencies between them. 2. Obtain the embedded xbone port from the X-Bone webpage (http://www.isi.edu) and install the same. $ fetch http://www.isi.edu/xbone/embedded-xbone.port.tar.gz $ tar zxvf embedded-xbone.tar.gz $ cd embedded-xbone $ make install 3. Now the sources are all installed in /usr/local/embedded-xbone $ cd /usr/local/embedded-xbone 4. Obtain the 4.9 DUMP. This tends to be large (~128MB). $ fetch http://www.isi.edu/xbone/RELENG_4_9_0_RELEASE-MINIMAL.dump 5. Setup any host to export a directory. Note the hostname and directory name. 6. Plug in the card in the card-reader and note the device name. Syslog typically has an entry like this. umass0: LEXAR MEDIA CF CARD , rev 1.10/0.01, addr 2 da3 at umass-sim0 bus 0 target 0 lun 0 da3: Removable Direct Access SCSI-CCS device da3: 650KB/s transfers da3: 489MB (1001952 512 byte sectors: 64H 32S/T 489C) 7. Now install specifying all the parameters: $ make \ DEVICE=/dev/da3s1a \ DUMP= \ BUDDYHOST= \ BUDDYTOPDIR= [all|all-cvs] The all-cvs target will first download a ports and kernel source tree and then use it to build the distribution. As mod-perl, apache, etc. change, the build process might break. It might be necessary to use a relatively consistent and stable distribution. The "all" target assumes the ports and sources are located in: /usr/src --- for kernel source /usr/ports --- for ports >>> Customization It is possible that the hardware available is different from that assumed while developing this distribution. The hardware dependencies include: 1. Disk: Impacts Makefile Use a different disk will require a different partitioning scheme. First check if $ make USELABELFILE=no with automatic partitioning scheme works. If that doesnt, then you should look on the web to find a formatting command sequence that works. 2. Network interfaces(sis0, sis1): Impacts etc scripts Grep for sis0 and sis1, and replace them with appropriate interface names. A future release should make this easier. 3. Buddy hosts: Impacts Makefile A buddy host is requires which exports the kernel sources and ports tree. The local host or some other host can provide that space. There may be other ways to do this. The key issue is that the compilation is performed in a chrooted environment where the root of the file system is on the card. 4. Ports: Might break build process The ports system is in constant flux. The dependencies may may be wrong or there may be compiler and OS dependencies. A stable ports tree is necessary for repeated and consistent development. A little work here in selecting ports tree that works well will very likely save a lot of time. >>> Post-Install Configuration >>> Defaults used/set Default Certificate Authority: X-Bone CA Default passwords: Root Password: xboneadmin LDAP password for XBoneUser: oid="cn=XBoneUser,ou=Users,ou=local,ou=xbone" password="hello" LDAP password for Manager: oid="cn=Manager,ou=Users,ou=local,ou=xbone" password="xbonesecret" GX-Bone password: "hello" >>> Quick Instructions: 1. Make sure X-Bone host is powered down. 2. Plug network cable (to provider at remote location) into LAN (regular) port. 3. Obtain the X-Bone Host Certificate and key from X-Bone site (http://www.xbone.net) and store them on a client host. 4. Configure the client machine to use DHCP, then connect it to PVT (configuration) port via crossover cable, Ethernet switch/hub, or Wireless 802.11b NIC (only if wireless is enabled on the X-Bone host). 5. Connect power cable to X-Bone host. 6. Wait until Status LED starts blinking, then open a browser to access Any page or http://router.local.lan/ from client machine. 7. If location uses DHCP, go to step 8 below, otherwise: 1. Click LAN Setup button. 2. Change connection type to Static IP Address. 3. Enter IP address, network mask, default route, and DNS servers. 4. Click Configure LAN Port button and answer Yes to reboot. 5. Go back to Step 5 above. 8. Click X-Bone Setup button to load certificates and set various other parameters including hostname, addresses and ACLs. Configure Overlay Manager, Node daemon and GUI as required. 9. Click LDAP Setup button to initialize the LDAP database with X-Bone tree (if necessary). 10. Click Start/Stop button. Any configuration changes requires restarting the daemon. >>> Documentation Complete documentation of interfaces is available are: (1) X-Bone site (http://www.isi.edu/xbone) (2) In the source distribution (www/data/documentation.html) (3) Configuration page: http://router.local.lan The Makefile has more information on the build steps. >>> Debugging You can login to the host and look at file system content or you can use the status webpage to obtain as much information as possible. To communicate with the soekris box using a console interface, first add the following lines to /etc/remote: # Soekris scom1:dv=/dev/cuaa0:br#19200:pa=none: scom2:dv=/dev/cuaa1:br#19200:pa=none: scom3:dv=/dev/cuaa2:br#19200:pa=none: scom4:dv=/dev/cuaa3:br#19200:pa=none: Connect to the soekris box using a serial cable. We use Startech SCNM9FF. You can obtain the console interface using: $ tip scom1 In case a different com port is assigned by the kernel, try scom2, 3 and 4. Now power up the Soekris box, you will see boot process and console login. >>> INFORMATION & BUG REPORT >>> Copyright Information: Please see COPYRIGHT or the copyright information at the beginning of any of the X-Bone program files. >>> Problems & Bug Report Please submit your problem or bug report to . >>> Other Information: For more information on the X-Bone programs, please read the man pages and other documentation of the X-Bone; or look directly at the Perl code of X-Bone. For more information of the X-Bone project, please visit our web site at http://www.isi.edu/xbone/ or email your question to .