lixonet-ee/README.md

# Lixonet Enterprise Edition (LIXONET 3)

This is the semi-official, testing Lixonet EE repository.

Custom configurations should be supplied in a `lixonet.conf` file in the `name=value` format, such as your subnet.  Additionally, a tinc keypair is also be required.

**Generating keypairs for tinc (`tinc.key`)**:

Source: https://www.tinc-vpn.org/documentation/Generating-keypairs.html

Run: `tincd -n lixonet -K`

**Configuration options**

All options are supplied in the `name=value` format on individual lines, i.e. `name=test_name_lixo`

 * `name` - The global neighbor name.  Tinc and Bird use this to identify a peer in the network, and to exclude your own pre-packed config automagically from Tinc and BIRD dialing out so you don't connect to yourself over and over again.
 * `address` - The *router* address to use.  This is your Lixonet routing layer address: 172.xxx.0.xxx
 * `asn` - The BGP ASN to use.  We usually follow the format `4206969XXX` where _XXX_ is the last octet of your `address`, zero-padded (i.e. 008 or 212)
 * `netmask` - The routing layer netmask to use.  This should be `255.255.255.0` in most cases as our routing layer has always been a ``/24` subnet.  Used by Tinc and BIRD for the L2 mesh and route security ingress filtering respectively.
 * `tinc_bind_address` - OPTIONAL: The address that Tinc should bind to to _listen_ for incoming WAN-sided connections (i.e. 10.0.0.1).  This is _not_ the tunnel IP.
 * `tinc_connect_to` - OPTIONAL: A comma-separated list of well-known/pre-defined hosts to connect to (i.e. `denco_mane_lixo`).  If not supplied, this is automatically set to all core routers that aren't yourself (`name`).

**Setup**

Prerequisites:
1. Docker is installed
2. `eth0` is the **LAN** or **WAN** interface supporting external routing, DNS, etc.
3. `eth1` is the **birdged** interface to a router that will statically route the entire network subnet
4. `tun` and `tap` are in `/etc/modules` to load at boot (https://www.cyberciti.biz/faq/linux-how-to-load-a-kernel-module-automatically-at-boot-time/)

Install:
1. Clone this repository: `git clone`
2. `mkdir /etc/lixonet/`
3. Fill out `/etc/lixonet/lixonet.conf` (see: **Configuration options**)
4. Supply `/etc/lixonet/tinc.key`
5. Run `chmod +x build.sh && ./build.sh` to deploy the stack on Docker.
Update README.md 2020-04-28 05:23:25 +00:00			`# Lixonet Enterprise Edition (LIXONET 3)`
Initial commit 2020-04-27 17:30:30 +00:00
Gitignore for a couple private items I bet we'll have to set up. 2020-04-27 18:13:14 +00:00			`This is the semi-official, testing Lixonet EE repository.`

Update README.md 2020-04-27 22:18:08 +00:00			Custom configurations should be supplied in a `lixonet.conf` file in the `name=value` format, such as your subnet. Additionally, a tinc keypair is also be required.
Gitignore for a couple private items I bet we'll have to set up. 2020-04-27 18:13:14 +00:00
Update tinc/lixonet/hosts/test_mane_lixo, README.md files 2020-04-27 22:32:03 +00:00			Generating keypairs for tinc (`tinc.key`):

			`Source: https://www.tinc-vpn.org/documentation/Generating-keypairs.html`

			Run: `tincd -n lixonet -K`

Update README.md 2020-04-27 22:18:08 +00:00			`Configuration options`

			All options are supplied in the `name=value` format on individual lines, i.e. `name=test_name_lixo`

Update README.md 2020-04-28 05:23:00 +00:00			* `name` - The global neighbor name. Tinc and Bird use this to identify a peer in the network, and to exclude your own pre-packed config automagically from Tinc and BIRD dialing out so you don't connect to yourself over and over again.
Update README.md 2020-04-28 05:21:15 +00:00			* `address` - The router address to use. This is your Lixonet routing layer address: 172.xxx.0.xxx
			* `asn` - The BGP ASN to use. We usually follow the format `4206969XXX` where _XXX_ is the last octet of your `address`, zero-padded (i.e. 008 or 212)
			* `netmask` - The routing layer netmask to use. This should be `255.255.255.0` in most cases as our routing layer has always been a ``/24` subnet. Used by Tinc and BIRD for the L2 mesh and route security ingress filtering respectively.
			* `tinc_bind_address` - OPTIONAL: The address that Tinc should bind to to _listen_ for incoming WAN-sided connections (i.e. 10.0.0.1). This is _not_ the tunnel IP.
Update README.md 2020-04-28 05:22:36 +00:00			* `tinc_connect_to` - OPTIONAL: A comma-separated list of well-known/pre-defined hosts to connect to (i.e. `denco_mane_lixo`). If not supplied, this is automatically set to all core routers that aren't yourself (`name`).
Update README.md 2020-04-27 22:18:08 +00:00
			`Setup`

Update README.md 2020-04-27 22:57:28 +00:00			`Prerequisites:`
Update README.md 2020-04-27 22:18:08 +00:00			`1. Docker is installed`
			2. `eth0` is the LAN or WAN interface supporting external routing, DNS, etc.
			3. `eth1` is the birdged interface to a router that will statically route the entire network subnet
Update README.md 2020-04-27 22:57:28 +00:00			4. `tun` and `tap` are in `/etc/modules` to load at boot (https://www.cyberciti.biz/faq/linux-how-to-load-a-kernel-module-automatically-at-boot-time/)
Update README.md 2020-04-27 22:18:08 +00:00
Update README.md 2020-04-27 22:57:28 +00:00			`Install:`
Update README.md 2020-04-27 22:18:08 +00:00			1. Clone this repository: `git clone`
Update tinc/lixonet/hosts/test_mane_lixo, README.md files 2020-04-27 22:32:03 +00:00			2. `mkdir /etc/lixonet/`
			3. Fill out `/etc/lixonet/lixonet.conf` (see: Configuration options)
			4. Supply `/etc/lixonet/tinc.key`
			5. Run `chmod +x build.sh && ./build.sh` to deploy the stack on Docker.