miegl/glorytun
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

error handling

ITz
2019-12-24 11:07:03 +03:00
parent b0f808a6d8
commit a9b9ca0e7f
1 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
How-to-use-glorytun-with-2-isp-(draft).md

@@ -1,28 +1,29 @@
# Example for using Glorytun with dual ISP client configuration (draft) # Example for using Glorytun with dual ISP client configuration for fault tolerance and performance connectivity (draft)
In this article, i will not touch on many issues on client/server optimization, security, i will write only the basic and most necessary (important) instructions for create a tunnel connection with glorytun with two ISP at the same time and checking its performance. In this article, i will not touch on many issues on client/server optimization, security, i will write only the basic and most necessary (important) instructions for create a tunnel connection with Glorytun with 2 ISP at the same time, nevertheless, i will describe the main points for troubleshooting and checking its performance.
## **Prepare** ## **Prepare**
Client (Router) and Server (VPS) using Ubuntu LTE 18.04 x64, you may use other linux distro's Client (Router) and Server (VPS) both using Ubuntu LTE 18.04 x64, you may use other linux distro's
**Client hardware configuration:** 3 NIC, 512 Ram, 2 Ghz cpu, 32gb usb flash drive for install os, you may use old pc.. **Client hardware configuration:** 3 NIC, 512 Ram, 2 Ghz cpu, 32gb usb flash drive for install os, you may use old pc..
* 1 nic enp2s0 with ip 10.10.10.1 connected to lan/router * 1 nic enp2s0 with ip 10.10.10.1 connected to lan/router
* 2 nic enp6s0 192.168.1.1 and 3 nic enp6s1 192.168.2.1 connected with ISP cable from isp router * 2 nic enp6s0 192.168.1.1 and 3 nic enp6s1 192.168.2.1 connected with ISP cable from isp router, also it's may be modems with ethernet interfaces
for best results, both of your connections with your Internet service providers should be as similar as possible, on technical characteristics like ping, bandwidth, upload/download (rx/tx) and etc, it is very important! for best results, both of your connections with your Internet service providers should be as similar as possible, on technical characteristics like ping, bandwidth, upload/download (rx/tx) and etc, it is very important!
**Server hardware configuration:** 1 Gigabit NIC with ONE IPv4 address, 512 Ram, 1-2 Ghz cpu, 10gb ssd **Server hardware configuration:** 1 Gigabit NIC with 1 IPv4 address, 512 Ram, 1-2 Ghz cpu, 10gb ssd, based on kvm or xen or solusvm virtualizator
* 1 nic eth0 with ip 195.245.103.245 connected to internet * 1 nic eth0 with ip 195.245.103.245 connected to internet
for best results, both of your connections with your Internet service providers should have minimal ping to your server, this is very important! for best results, both of your connections with your Internet service providers should have minimal ping to your server, this is very important!
**Installation** **Installation**
I assume that you have already installed the Ubuntu OS on the client and buy & prepare VPS server, configured ssh access to your client and server and we proceed to the direct installation and configuration of Glorytun
We be use pre-compiled version of glorytun 0.2.2, for client and server, all commands need to run from root user I assume that you have already installed the Ubuntu OS on the client and buy & prepare VPS server, configured ssh access to your client and server, if your workplace from Windows OS, better use [Bitvise SSH Client](https://www.bitvise.com/ssh-client-download) for work with ssh, and we will proceed to installation and configure Glorytun
We be use pre-compiled version of glorytun 0.2.2, for client and server, all commands need to run directly from ssh with **root** user rights
## **Server side:** ## **Server side:**
@@ -43,25 +44,27 @@ make executable
first create encryption key first create encryption key
`./glorytun keygen > gt.key` `./glorytun keygen > gt.key`
run glorytun with bind server ip 195.245.103.245 and port 55055 and tun0 interface (if need), i use chacha encryption, aes my client is not support, you may don't indicate port and tun interface.. run glorytun with bind server ip 195.245.103.245 and port 55055 and tun0 interface (if need), i use chacha encryption, aes my client is not support, you may don't indicate port and tun interface:
`./glorytun bind 195.245.103.245 55055 dev tun0 keyfile gt.key chacha` `./glorytun bind 195.245.103.245 55055 dev tun0 keyfile gt.key chacha &`
after running this command, press the "**Enter**" key again, so that the Glorytun continues to run in the background-process
now adding ip v4 address to tun0 interface: now adding ip v4 address to tun0 interface:
`ifconfig tun0 10.0.1.1 pointopoint 10.0.1.2 up` `ifconfig tun0 10.0.1.1 pointopoint 10.0.1.2 up`
also we need route traffic from glorytun tunnel (tun0) to internet (eth0): **also we need route traffic from glorytun tunnel (tun0) to internet (eth0):**
masqarade traffic from glorytun tunnel network to internet: masqarade traffic from glorytun tunnel network to internet:
`iptables -t nat -I POSTROUTING -s 10.0.1.0/24 -o eth0 -j MASQUERADE` `iptables -t nat -I POSTROUTING -s 10.0.1.0/24 -o eth0 -j MASQUERADE`
accept input traffic from tun0 interface: accept by server input traffic from tun0(glorytun) interface:
`iptables -I INPUT -i tun0 -j ACCEPT` `iptables -I INPUT -i tun0 -j ACCEPT`
enable forward traffic between tun0 (glorytun) and eth0(internet) interfaces: enable forwarding traffic between tun0 (glorytun) and eth0 (internet) interfaces:
``` ```
iptables -I FORWARD -i eth0 -o tun0 -j ACCEPT iptables -I FORWARD -i eth0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o eth0 -j ACCEPT iptables -I FORWARD -i tun0 -o eth0 -j ACCEPT