To emulate the operation of IP networks, the CORE Network Emulator requires that routing and networking software be installed on the host Linux system. CORE creates virtual nodes using the Linux Containers (LXC) network namespaces feature so all services installed in the host computer will be available to run on the virtual nodes created by CORE.
The CORE Network Emulator documentation does not provide information about these services and does not show how to install them. This post describes the open-source networking software and utilities and how to install each one in a Linux system.
The Quagga open-source router software is used by the Router node in the CORE Network Emulator to support dynamic routing protocols. More information about Quagga is available the the following URL: http://www.nongnu.org/quagga/.
Quagga is the most commonly used open-source routing daemon. It is part of some active and interesting open-source projects, such as the RouteFlow software defined network controller, and code from Quagga has been re-used in commercial router offering from Vyatta and Cumulus Networks. For more information about the use of Quagga in open-source routing projects, go to www.opensourcerouting.org.
To install Quagga, enter the following command:
$ sudo apt-get install quagga
We do not need to configure Quagga on the host. The CORE Network Emulator has built-in scripts that will configure Quagga — and any other service you select — when it is started in the simulated network.
XORP is another open-source routing platform. XORP provides intergrated multicast routing support, which is probably the main reason one might choose to use XORP, instead of Quagga, in a simulation.
More information is available at: http://www.xorp.org/.
$ sudo apt-get install xorp
The BIRD Internet Routing Daemon supports IPv4 or IPv6 routing protocols. It is well known for its scalable BGP implementation and is used by some internet service providers to create route servers. BIRD can be used instead or quagga to create a router.
More information is available at: http://bird.network.cz/
$ sudo apt-get install bird
Secure Shell (SSH) is a network data encryption protocol that provides a secure data communication channel between two computers over an insecure network. One computer runs an SSH client and the other runs an SSH server.
More information is available at: https://wiki.debian.org/SSH.
$ sudo apt-get install openssh-client $ sudo apt-get install openssh-server
The Dynamic Host Configuration Protocol (DHCP) Server dynamically distributes network configuration parameters, such as IP addresses for interfaces and services, to host computers on the same network. It reduces manual configuration requirements. Most home and business edge routers include DHCP Server functionality.
More information is available at: https://www.isc.org/downloads/dhcp/.
$ sudo apt-get install isc-dhcp-server
A Dynamic Host Configuration Protocol (DHCP) client, dhcp-client, running on a host computer requests IP addresses and networking parameters automatically from a DHCP server. The DHCP client already installed in Ubuntu, and is already installed in most other Linux distributions.
File Transfer Protocol (FTP) is a network protocol used to transfer files from one computer to another over an IP network. a TCP-based network, such as the Internet.
Most Linux distributions already include an FTP client. For the FTP pserver, CORE expects to use vsftpd, the “Very Secure FTP Daemon”, as the FTP server. More information is available at: https://help.ubuntu.com/community/vsftpd.
$ sudo apt-get install vsftpd
$ sudo apt-get install apache2
Packet Capture (PCAP) is a program that can capture packets from a network interface and send the contents to a file. Tcpdump is a command-line packet analyzer that the CORE Network Emulator uses to perform pcap functions and also analyze captured packets. More information is available at: http://www.tcpdump.org/.
$ sudo apt-get install tcpdump
The Router Advertisement Daemon (radvd) is used by system administrators to automatically configure network hosts on an IPv6 network. More information is available at: http://www.litech.org/radvd/.
$ sudo apt-get install radvd
The atd daemon executes commands scheduled by using the at command to run in the future. It operate similarly to cron but is used to schedule and run one-time events in the future.
More information is available at: http://debian-handbook.info/browse/stable/sect.task-scheduling-cron-atd.html.
$ sudo apt-get install at
The Common Address Redundancy Protocol (CARP) is an automatic failover and redundancy protocol. CARP is designed to share a common IP address among multiple hosts in same network segment in order to provide failover redundancy to multiple servers or hosts. CARP is designed as a free and open source alternate to the Virtual Router Redundancy Protocol (VRRP)2.
More information is available at: http://www.pureftpd.org/project/ucarp and http://manpages.ubuntu.com/manpages/lucid/man8/ucarp.8.html.
$ sudo apt-get install ucarp
Users may alternatively wish to use VRRP, if they wish to explore the more commonly used VRRP functionality.
VPNClient and VPNServer
A Virtual Private Network (VPN) solution is similar to SSH, in that is provides an encrypted channel between two computers over an insecure network. A VPN usually offers more functionality than an SSH tunnel, but at the cost of more complexity.
For more information, see: http://openvpn.net/index.php/open-source.html
$ sudo apt-get install openvpn
IPSec is a set of network layer protocols that provides encryption and verification of data sent between two computers over an insecure IP network. Many VPNs use IPSec as the encryption layer in the VPN solution. The CORE Network Emulator’s scripts also assume that the IPSec key manager application, racoon, is installed in the system.
For more information, see: http://ipsec-tools.sourceforge.net/.
$ sudo apt-get install ipsec-tools racoon
A Firewall is a software program, or a system, that can be configured to enforce data access policies between two networks. A Firewall will typically block network data traffic that does not conform to a set of configured rules so non-conforming data packets are prevented from passing . Firewall software can also be configured on a host computer to protect the applications with network connections running on that computer.
The standard Linux firewall solution is iptables and it is already installed in most Linux distributions. For more information, see: https://help.ubuntu.com/community/IptablesHowTo.
The traceroute command allows a user to determine the path a packet takes through the IP network from the source computer to a destination computer by displaying the sequence of hops the packet has traversed. For more information, see how to use traceroute to diagnose network issues.
Traceroute may already be installed in your Linux distribution. If it is not already installed, you can install it with the following command:
$ sudo apt-get install traceroute
The mgen utility generates real-time traffic patterns so that the simulated network can be loaded in a variety of ways. It was developed by the Navy research Laboratory. We must install mgen to use the traffic generation functions in the CORE Network Analyzer. More information is available at: http://www.nrl.navy.mil/itd/ncs/products/mgen.
$ sudo apt-get install mgen
$ sudo apt-get install wireshark
Allow non-root users to capture packets with Wireshark3 by executing the following command:
$ sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
Tshark is the command-line version of Wireshark. It is a network protocol analyzer that operates similarly to tcpdump. More information is available at: http://www.wireshark.org/docs/man-pages/tshark.html.
$ sudo apt-get install tshark
Navy Research Laboratory routing protocols
The following services are used in wireless and mobile ad-hoc network simulations. I chose not to install these. Please see the links below to find out more about these services. Each of these packages was developed by the Navy Research Laboratory.
The Neighborhood Discovery Protocol (NHDP, RFC 6130) provides two-hop neighborhood discovery for mobile IP based networks.
More information and installation instructions are available at: http://www.nrl.navy.mil/itd/ncs/products/nhdp
The Simplified Multicast Forwarding (SMF) provides basic Internet Protocol (IP) multicast forwarding suitable for use in wireless mesh and mobile ad hoc networks (MANET). It is described by (RFC 6621).
More information and installation instructions are available at: http://www.nrl.navy.mil/itd/ncs/products/smf.
The Optimized Link State Routing (OLSR) protocol a routing protocol for wireless mesh and mobile ad hoc networks (MANET) and is described in RFC 3626.
The CORE Network Emulator is, by default, set up to use the NRL implementation, which is available at the following URL: http://www.nrl.navy.mil/itd/ncs/products/olsr.
Another open-source implementation of OSLR is available at: http://www.olsr.org/.