=============================================================================== X-BONE 3.2 README http://www.isi.edu/xbone/ xbone@isi.edu $Revision: 1.1 $ $Date: 2006/05/13 06:26:46 $ =============================================================================== Index: X-BONE Project Overview X-BONE Components Overlay Manager Resource Daemon Apache-SSL based GUI Global X-Bone Backward Compatibility Files included in this installation What's NOT included in this installation, and why Information and Bug Report =============================================================================== >>> X-BONE Project Overview The X-Bone dynamically deploys and manages Internet overlays to reduce their configuration effort and increase network component sharing. X-Bone discovers, configures, and monitors network resources to create overlays over existing IP networks. Overlay networks are useful for deploying overlapping virtual networks on shared infrastructure and for virtualizing and simplifying network topology. The following is a list of key features of X-Bone: > dynamic resource discovery with S/MIME-authenticated multicast > automatic overlay deployment > web GUI for easy overlay management > simultaneous participation in multiple overlays > two-layer IP in IP encapsulation > supports existing applications and unmodified routing, multicast, and DNS services in unmodified operating systems > supports recursive overlays > supports secure overlays through IPsec >>> X-BONE Components >>> Node Daemon (ND) The Node Daemon is a unified daemon that can be configured to perform certain roles including Overlay Manager and Resource Daemon. (see http://www.isi.edu/xbone for definition), The Overlay Manager (OM) coodinates and deploys overlays on behalf of user requests. Users access the OM via the GUI, and the OM contacts RDs on various hosts to request and configure the components. An X-Bone system requires at least one (currently usually only one) Node Daemon configured as an OM (use "daemon_type = meta" in the configuration file). The RD coordinates configuration of a single physical host to serve in one of three roles in the overlay that include "host", "router" and "node" (use "daemon_type = X" in the configuration file where X is host, router or node). "Host" and "router" roles are well defined. In the "node" role, the RD can configure the physical host to act as a "host" or a "router" depending on need. Note that the role, once configured, remains the same across all overlays that the physical host participates in. Typically, at least one router, and one or more hosts are required to deploy 'interesting' topologies. The Node Daemon has the built-in capability to recurse. However, this functionality is not yet available through the API. >>> Apache-SSL based GUI (GUI) The user controls the X-Bone via a web-based interface, currently available only in Apache-SSL. The X-Bone installation configures an Apache-SSL server, and provides the appropriate X-Bone configuration web pages and scripts. At least one GUI is required per X-Bone system. *** NOTE - the Node Daemon and GUI can run on the same machine if *** desired. >>> Global X-Bone Global X-Bone Testbed is a shared world wide testbed that integrates isolated X-Bone deployments across the world. The integration is through a shared database of information that allows global discovery (global registry), communication (multiple certificate authorities), and access/resource control (shared ACLs). The Global X-Bone release of the X-Bone software includes support for a shared database based on LDAP replication that combines fine grained control over participation in the Global X-Bone network with ease of use. Global X-Bone is described in detail in Tridentcom 2005 Paper. http://www.isi.edu/touch/pubs/tridentcom2005/ Installation procedure is described in INSTALL >>> Backward Compatibility >>> XBone 3.0 is incompatible with any previous XBone releases >>> because of different message formats and newly added X-Bone >>> API support. >>> Files included in this installation: (${PREFIX}=/usr/local by default) >>> X-Bone executable files & library modules: The X-Bone is written completely in Perl (5.8.0 and above). X-Bone files will be installed under ${PREFIX}/xbone by default, and the primary executables will also be linked in ${PREFIX}/bin. >>> Host configuration file for xb-node-daemon (RD): ${PREFIX}/etc/xbone/xbone.conf >>> Host persistent state file for xb-node-daemon: /var/xbone/xbone.state This file will be generated automatically by Node Daemon during runtime, and will be used for crash recovery. >>> Man pages for X-Bone: A set of man pages will be installed under ${PREFIX}/man. >>> X-Bone GUI: (XML files & CGI scripts) The web pages and CGI scripts of the X-Bone GUI will be installed under ${PREFIX}/www/xbone by default. Note that Apache-SSL server is required, but not included with X-Bone distribution. An example of Apache-SSL configuration file (httpd.conf or httpsd.conf) is provided in ${PREFIX}/etc/xbone/apache-conf. Modify your existing httpsd.conf according to the example. Pay special attentions to the "XBone Section" at the end of the file. >>> DNS Server/Client Configuration files for X-Bone: Examples of forward & reverse zone files are provided as well as named.conf and resolv.conf in ${PREFIX}/etc/xbone/named-conf. You need to modify named.conf on the DNS server according to the example and your local DNS setup, and copy the zone files to the corresponding location. On the client side (RDs), you only need to add the line shown in the given resolv.conf example to the beginning of the "nameserver" section of your /etc/resolv.conf. >>> Certificate Authority (CA) certificate: The CA certificate is installed automatically for both the Apache-SSL server and the X-Bone. But you do need to obtain host & user certificates manually after the installation to run X-Bone. We recommend placing these certificates in /usr/local/etc/xbone/cert. Specify these paths when prompted during installation. >>> What's NOT included in this installation, and why: >>> Required ports, packages, and RPMs X-Bone requires a few other software packages. While all of these components are run as-is, some require specific configuration options. See INSTALL and FAQ for details. When in doubt, contact the maintainers of the package that fails before contacting us. >>> Modified / patched versions of network tools That's because the X-Bone doesn't require such modifications. Unlike other VPN or overlay network solutions, the X-Bone is completely compatible with existing ping, traceroute, etc. >>> Host and User Certificates The X-Bone project maintains a Certification Authority (CA) that issues and signs X.509 certificates ONLY for collaborator of our project. If this is an independent installation, you will need to either setup your own certificatation authority (CA) (see the instructions in the OpenSSL package. (http://www.openssl.org)) or use a commercial service (e.g., Verisign). >>> INFORMATION & BUG REPORT >>> Copyright Information: Please see COPYRIGHT or the copyright information at the beginning of any of the X-Bone program files. >>> Problems & Bug Report Please submit your problem or bug report to . >>> Other Information: For more information on the X-Bone programs, please read the man pages and other documentation of the X-Bone; or look directly at the Perl code of X-Bone. For more information of the X-Bone project, please visit our web site at http://www.isi.edu/xbone/ or email your question to .