Friday, April 25, 2014

Linux - How to Setup VTun between Ubuntu and CentOS servers

VTun is the easiest way to create Virtual Tunnels over TCP/IP networks with traffic shaping, compression and encryption. VTun support IP, PPP, SLIP, Ethernet and other tunnel types. VTun is easily and highly configurable, it can be used for various network tasks.

This tutorial shows you how to install VTun between one Ubuntu server (Ubuntu 12.04.3) and one CentOS server (CentOS 5.5).

Hardware requirements:

  • PII466/128Mb was compressing several 3-4Mbits tunnels.
  • AlphaXL 266/64Mb was compressing and shaping about 10-50 tunnels from 64Kbit to 512Kbit.
  • P200MMX/64Mb with about 100 tunnels over loopback.

Install VTun on Ubuntu server:
# apt-get install vtun
# dpkg -l | grep vtun
ii  vtun                                     3.0.2-4build1                     virtual tunnel over TCP/IP networks

In case you want to install it from the source, you can download VTun package from: "http://vtun.sourceforge.net"

Configure VTun server:
Upon installation, VTun places its configuration file "vtund.conf" in /etc/ directory. This can be extremely confusing as the client and server need separate entries in the tunnel specification section. For VTun server, I suggest you change vtund.conf to vtund-server.conf and for the client, change vtund.conf to vtund-client.conf. Then manually specify a path to the relevant configuration file on startup. For example. "vtund -f /etc/vtund-server.conf -s " to start server.

It is very straightforward to configure VTun server and client. The configuration file is organized into three discrete units. Read the vtun conf file manual (http://manpages.ubuntu.com/manpages/precise/en/man5/vtund.conf.5.html) for more information. Here I will give two examples, one for server and one for client.

server IP address: 111.22.33.44
Client IP address: 222.33.44.55

vtund-server.conf:
options {
  port 5000;                      # Listen on this port

  # Command path
  ifconfig      /sbin/ifconfig;  
  route         /sbin/route;
  firewall      /sbin/iptables;
  ip            /sbin/ip;
}

default {
  speed 0;              # By default maximum speed, NO shaping
  type tun;
  proto udp;
  keepalive yes;
}

client1 {
  passwd  client1;       # Password
  keepalive yes; # Keep connection alive
  type tun; # IP tunnel
  proto udp; # UDP protocol

  up {
    ifconfig "%% 10.10.10.1 pointopoint 10.10.10.2 mtu 1450";
  };

  down {
    ifconfig "%% down";
  };
}

vtund-client.conf:
options {
  port 5000;            # Listen on this port.
  ifconfig      /sbin/ifconfig;
  route         /sbin/route;
  firewall      /sbin/iptables;
}

client1 {
  passwd  client1;       # Password
  keepalive yes;        # Keep connection alive
  type tun;
  proto udp;

  up {
        ifconfig "%% 10.10.10.4 pointopoint 10.10.10.1 mtu 1450";
  };
}

Start VTun server:
# vtund -f /etc/vtund-server.conf -s

Start VTun client:
# vtund -f /etc/vtund-client.conf client1 111.22.33.44

In the log file, you should see messages like:
vtund[4009]: VTUN server ver 3.X 05/17/2011 (stand)
vtund[4025]: Use SSL-aware challenge/response
vtund[4025]: Session data[xx.xx.xx.xx:39529] opened
vtund[4025]: UDP connection initialized
ntpd[670]: Listen normally on 8 tun0 10.10.10.2 UDP 123

vtund[5693]: Connecting to xx.xx.xxx.xxx
vtund[5693]: Session xxx[xx.xx.xxx.xxx] opened
kernel: tun: Universal TUN/TAP device driver, 1.6
kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
vtund[5693]: UDP connection initialized

Now you can ping VTun server from client by 10.10.10.x IP.

I recommend you to read the "VTun" tutorial from Ryan Breen (http://www.linuxjournal.com/article/6675?page=0,0).

1 comment:

jishnu v said...

The tunnel ip address given in the configuration file is incorrect.
The tunnel ip of one host should gateway of other