Networking

Mesh

Build - 802.11s

https://en.wikipedia.org/wiki/IEEE_802.11s extends the IEEE 802.11 MAC standard
https://en.wikipedia.org/wiki/Hybrid_Wireless_Mesh_Protocol Hybrid Wireless Mesh Protocol (HWMP) defined in IEEE 802.11s, is a basic routing protocol for a wireless mesh network.

Roaming - 802.11k/r/v

  • 802.11r - Fast Basic Service Set Transition (FT) to authenticate PSK/802.1X more quickly
  • 802.11k - search APs; creating an optimized list of channels
  • 802.11v - exchange network topology
    • BSS transition management + Disassociation Imminent => influence client roaming behavior by providing it the load information of nearby access points.
    • Directed Multicast Service (DMS): optimizes multicast
    • BSS Max Idle Service: how long to remain associated when no traffic

Open Source Software for Routing

BGP

https://github.com/Exa-Networks/exabgp implement SDN by transforming BGP messages into friendly plain text or JSON
https://github.com/openstack/networking-bagpipe BGP-based VPNs as a backend for Neutron

Private AS

  • 64512 - 65534
  • 4200000000 - 4294967294

Virtual networking modes

Tools for Windows

Tools for All platforms

Router OSes

NAT Hairpin + DDNS

Mikrotik

1
dst-address-type=local and also dst-address=!192.168.0.0/16
Copied!

OSPF

Mikrotik

1
/routing ospf instance
2
set [ find default=yes ] redistribute-connected=as-type-1
3
/routing ospf network
4
add area=backbone network=192.168.1.0/24
Copied!

MPLS

Mikrotik

https://wiki.mikrotik.com/wiki/Manual:MPLSVPLS Targeted LDP session is session that is established between two routers that are not direct neighbors.
https://tools.ietf.org/html/rfc3031 Multiprotocol Label Switching Architecture https://tools.ietf.org/html/rfc5036 / Obsoletes: 3036 LDP Specification

VPLS

Mikrotik

https://tools.ietf.org/html/rfc4761 VPLS Using BGP for Auto-Discovery and Signaling https://tools.ietf.org/html/rfc4762 VPLS Using LDP Signaling https://tools.ietf.org/html/rfc4447 (cisco-style Signaling) https://tools.ietf.org/html/rfc4623 PWE3 Fragmentation and Reassembly

OpenBSD

1
RFC4447:
2
- Section 6.2: control word negotiation
3
- Section 5.4.3: pseudowire status negotiation
4
- PWid group wildcard
Copied!

Linux

L7 filters

Subnet Helper

MAC addresss <-> Vender

Tuning

TCP congestion control

BBR

Introspectable tunnels to localhost

1
./npc nat # p2p will not work if server/client both Symmetric Nat
2
3
source /dev/stdin ehang-io/nps <<< "$(curl -fsSL https://raw.githubusercontent.com/fzinfz/scripts/master/github--repo.sh)" | grep linux | grep amd64
4
5
openssl genrsa -out server.key 2048
6
openssl rsa -in server.key -outform PEM -pubout -out server.pem
Copied!
https://github.com/fatedier/frp ( Jan 12 2020: p2p/xtcp under dev)

Multi WAN

Load Balancing

1
Reverse proxying (AKA Layer-7 switching)
2
Varnish Cache
3
Nginx
4
Squid
5
Apache mod_proxy
6
Relayd
7
TCP connection redirection (AKA Layer-4 switching)
8
IPVS, part of the LVS suite
9
Ha-proxy
10
Relayd
Copied!

Transparent Proxy

mitmproxy

V2Ray - Go

1
"inboundDetour": [ {
2
"protocol": "dokodemo-door",
3
"port": 20088,
4
"settings": {
5
"network": "tcp,udp", // TPROXY required for UDP
6
"timeout": 10,
7
"followRedirect": true // Linux support only
8
}
9
} ],
Copied!

redsocks - C

https://github.com/darkk/redsocks Linux/iptables, OpenBSD/pf and FreeBSD/ipfw are supported.

Tinyproxy - C

moproxy - Rust

Any Proxy - Go

1
./any_proxy -l :7777 -p "proxy_ip:1080"
Copied!

avege - Go port of redsocks

NetFlow Software

IPV6

Guide