Final status report: ng_ayiya - an AYIYA Netgraph node

Peter Pentchev roam at ringlet.net
Mon Aug 24 12:53:22 UTC 2015 

Hi all,

The goal of this project is to create a Netgraph node that acts as a link
between a socket (TCP, UDP, SCTP, ...) connection to an AYIYA server
(for a start, the SixXS POPs) and a local network interface (for a start,
one that can route IPv6 traffic).

Wiki: https://wiki.freebsd.org/SummerOfCode2015/AYIYASixXSNetgraphNode
Subversion: https://svnweb.freebsd.org/socsvn/soc2015/roam/
Testing: https://svnweb.freebsd.org/socsvn/soc2015/roam/README.txt?view=co

This is the final report for this project; the ng_ayiya node is ready
for testing and, IMHO, for use with the SixXS AICCU tool.  There is
still quite some room for improvement, e.g. some fixes to the
configuration and the shutdown of the AICCU tool, but the Netgraph AYIYA
implementation is fully usable at least in the following scenarios:

- run aiccu as a TIC+AYIYA client against the actual SixXS servers to
  operate a "real-world" SixXS IPv6-over-IPv4 AYIYA tunnel

- run aiccu as a TIC+AYIYA client against a local TIC server from my
  Net-SixXS Perl distribution and a local AYIYA server from the ng_ayiya
  package (the GSoC product)

- configure two ng_ayiya nodes, either by hand or using a helper script
  from the ng_ayiya package, as two sides of a local AYIYA tunnel

The last couple of weeks of the GSoC work were mainly focused on
the first two scenarios: using and testing the SixXS AICCU tool's
operation against the real SixXS servers and against a newly-written
ayiya_listen utility that waits for incoming UDP packets on port 5072
that have not been claimed by any established tunnel, figures out which
of the configured tunnels the packet is for, sets up the Netgraph nodes
for the tunnel's operation, and starts up an ayiya_resp instance for
this tunnel to handle the initial packet and any more packets that have
arrived before the Netgraph nodes have been configured.  Again, there is
some room for improvement there, especially with restarting the remote
side of a tunnel, but this listener, along with the additional
functionality of the ayiya_resp tool (read a packet from the listener
and pass it on to the ng_ayiya node for processing) and the ng_ayiya
node itself (inject a packet as if it had arrived over the wire), should
be usable now.

Due to quite some time mismanagement on my part, my mentor and I did not
get to the step of performance testing aiccu+ng_ayiya vs. aiccu+tun
during the GSoC timeframe as we had planned, but the functionality to do
the testing should be in place now.

G'luck,
Peter

-- 
Peter Pentchev  roam at ringlet.net roam at FreeBSD.org pp at storpool.com
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.freebsd.org/pipermail/soc-status/attachments/20150824/6e3a6842/attachment.bin>

More information about the soc-status mailing list