This is for folks intending to attend the IPSec tutorial: https://www.netdevconf.org/0x12/session.html?ipsecike-tutoriallab
The hands-on involves student participation. If you are going be running some non-linux OS on your laptop for the Linux IPsec tutorial, please make sure to download and install virtualbox: https://www.virtualbox.org/wiki/Downloads
Then please download the netdev-centos-devel.ova from https://www.files.netdevconf.org/d/2ee3635c9d4448e3b8b9/
and bring up the virtual machine in virtualbox by following the menu pointers to do File -> Import Appliance point it at the downloaded netdev-centos-devel.ova and go through the steps to import appliance.
Paul Wouters(on Cc) will soon send out additional instructions to make sure you have the latest libreswan rpms..
(If you run linux natively on the laptop, the extra indirection through virtualbox is redundant of course!)
- login/passwd = netdev0x12/netdev0x12
- set up network as "Bridged Adapter" and over wireless network (assuming everyone is doing this on their laptop connected over conference wireless)
cheers, jamal
On Sat, 7 Jul 2018, Jamal Hadi Salim wrote:
This is for folks intending to attend the IPSec tutorial: https://www.netdevconf.org/0x12/session.html?ipsecike-tutoriallab
The hands-on involves student participation. If you are going be running some non-linux OS on your laptop for the Linux IPsec tutorial, please make sure to download and install virtualbox: https://www.virtualbox.org/wiki/Downloads
Then please download the netdev-centos-devel.ova from https://www.files.netdevconf.org/d/2ee3635c9d4448e3b8b9/
Paul Wouters(on Cc) will soon send out additional instructions to make sure you have the latest libreswan rpms..
To ensure your libreswan is up to date, please run:
sudo rpm -ihv https://download.libreswan.org/binaries/rhel/7/libreswan-release-7-1.noarch.... yum install libreswan
This also applies to RHEL/CentOS natively. Fedora 27/28 have it already but you might need to grab it from the pending updates using:
yum --enablerepo=updates=testing install libreswan
Debian Unstable should already have the latest 3.25 release. If you are using an older Debian or Ubuntu, download the libreswan-3.25 source code and run:
make deb
If you see errors about IPV6, run:
echo USE_GLIBC_KERN_FLIP_HEADERS=true >> Makefile.inc.local echo "USE_SYSTEMD_WATCHDOG=false" >> Makefile.inc.local echo "USE_DNSSEC=false" >> Makefile.inc.local echo "USE_NIC_OFFLOAD=false" >> Makefile.inc.local make deb
(see also https://libreswan.org/wiki/Libreswan_on_Debian_Wheezy)
(If you run linux natively on the laptop, the extra indirection through virtualbox is redundant of course!)
Although keep in mind that you should have your VM's network bridged to your wifi network, so that you can see other people's VMs without NAT, as we will also be building IPsec tunnels between us.
I will also have a few spare VMs running on my own laptop, so those without the disk space to install a VM can use Terminal and ssh into one of my VM's.
Paul
-
Jamal Hadi Salim -
Paul Wouters