Skip to end of metadata
Go to start of metadata

An IP tunnel provides a means of transport IP packets between two domains either through an existing physical network interface (e.g., like a VPN) or through some other communications interface.  The TransferJet link can also be used to transport IP packets between two ICO-TTJ-500 boards and this HOW-TO guide explains how this can be achieved.

 

BSP version

Icon

This tool is available since BSP V2.0.2

 

Icon

The IP tunnel service uses the CNL API directly and can not co-exist with the existing Obex service, which uses the Toshiba reference stack and PCLC. It is therefore necessary to kill the Obex service beforehand. This can be achieved as follows:

  1. Edit /etc/inittab and comment out the last line which spawns the start_daemon.sh script. Run sync to sync the file system.
  2. Reboot the board for the change to take effect.

You can restore the Obex service at any time by undoing the above change and rebooting.

 

Create an IP tunnel interface and assign a fixed IP address:

  1. ip tuntap add mode tun tun0
  2. ip link set dev tun0 up

  3. ip addr add 10.7.0.1/24 dev tun0

Now we can launch the server side TransferJet IP tunnel service:

  1. ./setuptj.sh
  2. tjetTunnelService i tun0

Create an IP tunnel interface and assign a fixed IP address:

  1. ip tuntap add mode tun tun0
  2. ip link set dev tun0 up

  3. ip addr add 10.7.0.2/24 dev tun0

Now we can launch the server side TransferJet IP tunnel service:

  1. ./setuptj.sh
  2. tjetTunnelService r tun0

 

Loading TJ driver modules

Icon

The ./setuptj.sh command is needed in order to load the TJ driver modules. It only needs to be done once after the board has booted and not each time the tunnel application is run.

 

The CNL link will be established automatically once the RF couplers are in range.  The application will generate the following messages:

Responder
[INFO] [tjetTunnelService] Responder waiting for connection...
[INFO] [tjetTunnelService] event: CNLIO_EVT_CONNECT_IND
[INFO] [tjetTunnelService] event: CNLIO_EVT_ACCEPT_CNF
[INFO] [tjetTunnelService] Responder is connected

 

 

Initiator

[INFO] [tjetTunnelService] Initiator connecting...
[INFO] [tjetTunnelService] event: CNLIO_EVT_ACCEPT_IND
[INFO] [tjetTunnelService] Initiator is connected

 

The IP connection can then be tested using ping:

  1. From the initiator (server) run ping 10.7.0.2
  2. From the responder (client) run ping 10.7.0.1

 

Example ping output

PING 10.7.0.1 (10.7.0.1): 56 data bytes
64 bytes from 10.7.0.1: seq=0 ttl=64 time=1.038 ms
64 bytes from 10.7.0.1: seq=1 ttl=64 time=2.993 ms
64 bytes from 10.7.0.1: seq=2 ttl=64 time=0.824 ms
64 bytes from 10.7.0.1: seq=3 ttl=64 time=0.840 ms
64 bytes from 10.7.0.1: seq=4 ttl=64 time=0.817 ms
64 bytes from 10.7.0.1: seq=5 ttl=64 time=0.835 ms
64 bytes from 10.7.0.1: seq=6 ttl=64 time=0.810 ms
^C
--- 10.7.0.1 ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 0.810/1.165/2.993 ms

 

advanced_setup

Once a basic IP tunnel is established, it is possible to consider adding other features such as:

  • Adding a DNS and DHCP services to the server which listens for request on tun0
  • DHCP client IP address allocation on tun0
  • IP forwarding of client traffic to the server's external internet connection (eth0 or wlan0) using NAT and IP masquerading

 

Icon

The examples in this section only work if you are using /etc/network/interfaces for managing your external network connectivity and are not compatible with connmand. Refer to Setting the HDP-TTJ-500 network configuration for more information on how to do this.

 

 

We will assume that the server is using the network 10.7.0.0/24 for the tunnel and that your internet connection is established using /etc/network/interfaces using eth0.

Firstly, we need to install a tool called dnsmasq which provides DNS forwarding and a DHCP server.  An RPM package for this tool can be downloaded and installed using the command rpm -ivh dnsmasq-2.55-r3.cortexa9hf_vfp_neon.rpm.

Next modify the /etc/dnsmasq.conf configuration file as follows by finding the relevant sections in the file:

/etc/dnsmasq.conf

# Never forward plain names (with a dot or domain part)
domain-needed

....

# If you want dnsmasq to listen for requests only on specified interfaces
# (and the loopback) give the name of the interface (eg eth0) here.
# Repeat the line for more than one interface.
interface=tun0

....

# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP
# service.
#dhcp-range=192.168.0.50,192.168.0.150,12h
#dhcp-range=10.0.0.10,10.0.0.200,2h
dhcp-range=10.7.0.10,10.7.0.200,2h

 

Now restart the service using /etc/init.d/dnsmasq restart.  These settings will remain in place even after rebooting.
Next, use the following commands to start the tunnel with IP forwarding:

 

Server IP tunnel

ip tuntap add mode tun tun0
ip link set dev tun0 up
ip addr add 10.7.0.1/24 dev tun0
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
tjetTunnelService i tun0

You may substitute eth0 for wlan0 if your internet connection is on a different interface.

Firstly, modify /etc/network/interfaces and add the following entry:

Network interface for tun0

# TransferJet tun0 interface
iface tun0 inet dhcp

 

Next, use the following commands to start the tunnel:

 

Client IP tunnel

ip tuntap add mode tun tun0
ip link set dev tun0 up
ip route change to default dev tun0
tjetTunnelService r tun0

 

Finally, run if up tun0 to bring-up the network interface and get an IP address assigned.

 

Related articles