error handling
ITz
@@ -1,28 +1,29 @@
|
||||
# Example for using Glorytun with dual ISP client configuration (draft)
|
||||
# Example for using Glorytun with dual ISP client configuration for fault tolerance and performance connectivity (draft)
|
||||
|
||||
In this article, i will not touch on many issues on client/server optimization, security, i will write only the basic and most necessary (important) instructions for create a tunnel connection with glorytun with two ISP at the same time and checking its performance.
|
||||
In this article, i will not touch on many issues on client/server optimization, security, i will write only the basic and most necessary (important) instructions for create a tunnel connection with Glorytun with 2 ISP at the same time, nevertheless, i will describe the main points for troubleshooting and checking its performance.
|
||||
|
||||
## **Prepare**
|
||||
|
||||
Client (Router) and Server (VPS) using Ubuntu LTE 18.04 x64, you may use other linux distro's
|
||||
Client (Router) and Server (VPS) both using Ubuntu LTE 18.04 x64, you may use other linux distro's
|
||||
|
||||
**Client hardware configuration:** 3 NIC, 512 Ram, 2 Ghz cpu, 32gb usb flash drive for install os, you may use old pc..
|
||||
* 1 nic enp2s0 with ip 10.10.10.1 connected to lan/router
|
||||
* 2 nic enp6s0 192.168.1.1 and 3 nic enp6s1 192.168.2.1 connected with ISP cable from isp router
|
||||
* 2 nic enp6s0 192.168.1.1 and 3 nic enp6s1 192.168.2.1 connected with ISP cable from isp router, also it's may be modems with ethernet interfaces
|
||||
|
||||
for best results, both of your connections with your Internet service providers should be as similar as possible, on technical characteristics like ping, bandwidth, upload/download (rx/tx) and etc, it is very important!
|
||||
|
||||
|
||||
**Server hardware configuration:** 1 Gigabit NIC with ONE IPv4 address, 512 Ram, 1-2 Ghz cpu, 10gb ssd
|
||||
**Server hardware configuration:** 1 Gigabit NIC with 1 IPv4 address, 512 Ram, 1-2 Ghz cpu, 10gb ssd, based on kvm or xen or solusvm virtualizator
|
||||
* 1 nic eth0 with ip 195.245.103.245 connected to internet
|
||||
|
||||
for best results, both of your connections with your Internet service providers should have minimal ping to your server, this is very important!
|
||||
|
||||
|
||||
**Installation**
|
||||
I assume that you have already installed the Ubuntu OS on the client and buy & prepare VPS server, configured ssh access to your client and server and we proceed to the direct installation and configuration of Glorytun
|
||||
|
||||
We be use pre-compiled version of glorytun 0.2.2, for client and server, all commands need to run from root user
|
||||
I assume that you have already installed the Ubuntu OS on the client and buy & prepare VPS server, configured ssh access to your client and server, if your workplace from Windows OS, better use [Bitvise SSH Client](https://www.bitvise.com/ssh-client-download) for work with ssh, and we will proceed to installation and configure Glorytun
|
||||
|
||||
We be use pre-compiled version of glorytun 0.2.2, for client and server, all commands need to run directly from ssh with **root** user rights
|
||||
|
||||
## **Server side:**
|
||||
|
||||
@@ -43,25 +44,27 @@ make executable
|
||||
first create encryption key
|
||||
`./glorytun keygen > gt.key`
|
||||
|
||||
run glorytun with bind server ip 195.245.103.245 and port 55055 and tun0 interface (if need), i use chacha encryption, aes my client is not support, you may don't indicate port and tun interface..
|
||||
run glorytun with bind server ip 195.245.103.245 and port 55055 and tun0 interface (if need), i use chacha encryption, aes my client is not support, you may don't indicate port and tun interface:
|
||||
|
||||
`./glorytun bind 195.245.103.245 55055 dev tun0 keyfile gt.key chacha`
|
||||
`./glorytun bind 195.245.103.245 55055 dev tun0 keyfile gt.key chacha &`
|
||||
|
||||
after running this command, press the "**Enter**" key again, so that the Glorytun continues to run in the background-process
|
||||
|
||||
now adding ip v4 address to tun0 interface:
|
||||
|
||||
`ifconfig tun0 10.0.1.1 pointopoint 10.0.1.2 up`
|
||||
|
||||
also we need route traffic from glorytun tunnel (tun0) to internet (eth0):
|
||||
**also we need route traffic from glorytun tunnel (tun0) to internet (eth0):**
|
||||
|
||||
masqarade traffic from glorytun tunnel network to internet:
|
||||
|
||||
`iptables -t nat -I POSTROUTING -s 10.0.1.0/24 -o eth0 -j MASQUERADE`
|
||||
|
||||
accept input traffic from tun0 interface:
|
||||
accept by server input traffic from tun0(glorytun) interface:
|
||||
|
||||
`iptables -I INPUT -i tun0 -j ACCEPT`
|
||||
|
||||
enable forward traffic between tun0 (glorytun) and eth0(internet) interfaces:
|
||||
enable forwarding traffic between tun0 (glorytun) and eth0 (internet) interfaces:
|
||||
```
|
||||
iptables -I FORWARD -i eth0 -o tun0 -j ACCEPT
|
||||
iptables -I FORWARD -i tun0 -o eth0 -j ACCEPT
|
||||
|
||||
Reference in New Issue
Block a user