![]() The following figure shows the networking inside OpenWRT router. Once OpenWRT is booted you can login to the web interface of the router to configure it. Started a dhsclient on the lan interface (br-lan) to request a IP from libvirtd. I also stopped the odhcpd and dnsmasq server running on OpenWRT.All applications on the desktop will communicate through this bridge to OpenWRT which will route the traffic to the Internet. For this test we will remove the NAT rules on the bridge virbr0.It also configures NAT rules for traffic going out of the VMs through the virbr0. Libvirt provides dnsmasq service which listens on bridge virbr0 and provides DHCP ip to the VMs. The idea is to push the incoming traffic to OpenWRT and apply traffic monitoring/policy. Little tweaking is required for making OpenWRT work with libvirtd. The following diagram shows the network topology. To test OpenWRT I used a KVM image (which can be found here) and started a VM on my desktop. I am exploring the possibility of flashing OpenWRT on my backup router at home. OpenWRT is a Linux based firmware, which supports a lot of networking hardware. Now I wanted to look at more advanced tools for the job. In my previous post I talked about using a Network Namespace to control the download limit. Recently I have been looking at tools for managing and monitoring my home network. Posted on MaMaCategories Networking, Notes Tags homenetwork, ospf, routeros 2 Comments on Test-driving OSPF on RouterOS Test driving OpenWRT I was able to get OSPF running with RouterOS in no time. Following configuration is used on the routers. OSPF Configurationįor testing purpose I restricted my setup to area 0 to which both routers are connected. The following figures show the final setup. Linux bridges were used to connect the routers and the hosts. To keep things lite weight I used NameSpaces to simulate hosts connected to the routers. The actual setup however needs some hosts on the network to test the connectivity after implementing OSPF. I used virt-manager to setup the test network. MikroTik © recommends 128 MB RAM and 128 MB of HDD as minimal hardware requirements. The footprint of the router VMs are quite small. All for these are installed as VMs on my home desktop. The following diagram describes my network setup. So I decided to test OSPF routing with Router OS. This is perfect for learning purposes and experimenting at home. What is more amazing is they provide a RouterOS in a virtual form-factor called Cloud Hosted Router (CHR) that can be installed on hypervisors like KVM/VirtualBox/VMware. I came across RouterOS by MikroTik © which provides advances routing protocol support. Ntop can even be run from a docker container Now the monitoring data from ntopng can can be exported to Grafana. This will keep the monitored traffic separate from the monitoring traffic. Accessing the Monitoring resultĪs the Gigabit port of the Pi is used to receive mirrored traffic, the monitoring dashboard is accessed over the wlan0 interface. I used the Rasbian image for the pi and Ntopng can be easily installed from their repository using apt. It can aggregate and produce nice traffic analysis summary. To monitor traffic over long time I used Ntop. These tools give a live view of the packets going through my home network. Once the traffic is available on the mirrored port, I was able to run traffic monitors like wireshark, tshark and tcpdump on the mirror port to analyze all the traffic between the router and ISP. All traffic monitoring happens on the Pi. The mirrored traffic is passed on to the Raspberry Pi. I used this to mirror traffic arriving through the router and the ISP connection. The NetGear GS105E switch provides the capability of port mirroring. The following figure shows the connectivity. To get around the problem I decided to put the traffic monitor on the WAN side of the router. This makes traffic monitoring a bit of a problem on the LAN side. ![]() As with most people I have very few devices that connect to the router over an Ethernet cable, most devices are wifi capable. The router provides both wire and wifi connectivity. I have a PPPoE connection to my ISP that connects to my home router. So, I decided to do a weekend project to implement traffic analysis on my home network. I had the Raspberry Pi laying around for some time without doing any major function and so was the NetGear switch.
0 Comments
Leave a Reply. |