Lab Meeting Minutes 2024/01/13

--- title: Lab Meeting Minutes 2024/01/13 tags: lab_meeting --- > Outline > [TOC] --- # PERAL Lab Meeting - 時間：113 年 1 月 13 日 20:00 - 地點：線上 - 線上會議連結 : [Online](https://meet.google.com/zfi-zmnc-qfw) - 出席者：吳坤熹老師、謝萬霖、劉怡君、田蕙瑜、沈家正、劉冠伶、林大智、繆亭霄、蘇翊荃、陳嘉璐、陳品妤、陳姿綾、陳姿澖 - 缺席：梁宇騰 - 會議主題：[IP-in-IP Tunnel (RFC 1853)](https://view.officeapps.live.com/op/view.aspx?src=http%3A%2F%2Fms15.voip.edu.tw%2F~louise%2Fppt%2F20231229-solomon-tunnel_modify.pptx&wdOrigin=BROWSELINK&fbclid=IwAR1SNv2MWPAwauubCyaVP_9tUqDyT_aZBSY4RdQ3A_1Lcm84ythrOUya6PI) - 主講者: 陳嘉璐 - 主記: 陳品妤 ## 會議內容 ### define this service - Encapsulation - 用ipv4環境進行ipv6(不是每個中間的router都支援ipv6) - 把ipv6包在ipv4中 ![image](https://hackmd.io/_uploads/SyPP5glFT.png) ### implementation- in docker ![image](https://hackmd.io/_uploads/SkOfillKp.png) #### step 1. Build tunnel ![image](https://hackmd.io/_uploads/S1GNixlYT.png) - tunnel:ipip ![image](https://hackmd.io/_uploads/H1vBilxKa.png) ![image](https://hackmd.io/_uploads/BkPe1-lKT.png) 2. 成功觀察到兩層 ip layers ![image](https://hackmd.io/_uploads/r1QOillFp.png) ![image](https://hackmd.io/_uploads/BJQtjgxKp.png) ![image](https://hackmd.io/_uploads/H1OcixgYp.png) ![image](https://hackmd.io/_uploads/B1rojglFa.png) ![image](https://hackmd.io/_uploads/By-PN-eta.png) 3. Add ip route - traceroute ![image](https://hackmd.io/_uploads/HyIPaglFa.png) ![image](https://hackmd.io/_uploads/BkIu6elta.png) ![image](https://hackmd.io/_uploads/BJfF6xlKp.png) 4. 觀察TTL會減少 ![image](https://hackmd.io/_uploads/Bk_rm-xFp.png) ![image](https://hackmd.io/_uploads/HJnUQbgFa.png) ![image](https://hackmd.io/_uploads/SJROXbgF6.png) 5. Three IP layers ![image](https://hackmd.io/_uploads/S19TQ-xF6.png) ![image](https://hackmd.io/_uploads/ryhRQbxFp.png) ![image](https://hackmd.io/_uploads/B1_eBzeYa.png) ![image](https://hackmd.io/_uploads/rkUcLzgYa.png) ### conclusion - 可以在public internet build private interneet, whose concept is similiar to VPN. ![image](https://hackmd.io/_uploads/rylEDMxta.png) --- ### 建議&問題 1. [name=selena]VPN也是建 tunnel 嗎？ Ans: [name=solomon] Yes. Please observe your laptop. After creating a VPN connection, you will see an extra interface, with an IP address 10.99.x.y. 3. [name=selena] 建 tunnel 有解決 IPv4 address 不夠用的問題嗎？ Ans: [name=Phoebe] 用tunnel推廣ipv6, NAT 解決不夠用的問題 Ans: [name=Solomon] (姿伶是大三最有勇氣)有辦法建tunnel代表ipv4夠用(但現實是不夠)，因此不是每個host都需要一個的tunnel。一個router跟另一個router的tunnel 可以連繫200+ipv6和ipv6 ip 4. [name=lawrence]現在這個技術還有用嗎?(過渡期) Ans: [name=Louise] No. Ans: [name=Solomon]也可以讓兩個private ipv4 相連，搭車的時候同一個ip add的原因就是上層tunnel不變(只改變physical ip)，行動網路現在仍然常用於v4跟v4的tunnel，未來也可用於v4 over v6的tunnel Ans: [name=Solomon]今天講得是沒有加密的VPN 5. [name=Ryan] What's the difference between IP tunneling and UDP tunneling? Why layer 4 is more than layer 3? Most of VPN is built in UDP layer? Ans: [name=Solomon] Two endpoints of Tunnel should be capable to be route.(Public IP) TCP/UDP can traverse NAT in many environments. UDP : Two layers of tunnel. (tunnel可以包TCP在UDP裡) 不建tunnel 在TCP的理由 : tunnel可以包TCP在UDP裡，但如果兩層TCP，兩層 conjection control會干擾 Advice: [name=Solomon] Louise can try to build tunnel over SCTP. ## 待追蹤事項 1. [name=] ## 臨時動議 --- 散會結束時間： 20:34