| [141] | 1 | Introduction |
|---|
| 2 | ============ |
|---|
| 3 | etherws is an implementation of Ethernet over WebSocket tunnel |
|---|
| 4 | based on Linux Universal TUN/TAP device driver. |
|---|
| 5 | |
|---|
| 6 | Usage |
|---|
| 7 | ===== |
|---|
| 8 | For example, if you want to make virtual ethernet link for VM1 and VM2 |
|---|
| 9 | whose hypervisor's broadcast domains were split by router R:: |
|---|
| 10 | |
|---|
| 11 | +------------------+ +------------------+ |
|---|
| 12 | | Hypervisor1 | | Hypervisor2 | |
|---|
| 13 | | +-----+ | | +-----+ | |
|---|
| 14 | | | VM1 | | | | VM2 | | |
|---|
| 15 | | +--+--+ | | +--+--+ | |
|---|
| 16 | | | (vnet0) | | (vnet0) | | |
|---|
| 17 | | +--+--+ | | +--+--+ | |
|---|
| 18 | | | br0 | | | | br0 | | |
|---|
| 19 | | +--+--+ | | +--+--+ | |
|---|
| 20 | | | | | | | |
|---|
| 21 | | (ethws0) (eth0) | | (eth0) (ethws0) | |
|---|
| 22 | +----||--------+---+ +----+-------||----+ |
|---|
| 23 | || | +---+ | || |
|---|
| 24 | || -----+--------| R |--------+----- || |
|---|
| 25 | || +---+ || |
|---|
| 26 | || || |
|---|
| 27 | ``======================================'' |
|---|
| 28 | (Ethernet over WebSocket tunnel) |
|---|
| 29 | |
|---|
| 30 | then you can type following commands. |
|---|
| 31 | |
|---|
| 32 | on Hypervisor1:: |
|---|
| 33 | |
|---|
| 34 | # etherws server |
|---|
| 35 | # brctl addbr br0 |
|---|
| 36 | # brctl addif br0 vnet0 |
|---|
| 37 | # brctl addif br0 ethws0 |
|---|
| 38 | # ifconfig br0 up |
|---|
| 39 | |
|---|
| 40 | on Hypervisor2:: |
|---|
| 41 | |
|---|
| 42 | # etherws client --uri ws://<Hypervisor1's IP address>/ |
|---|
| 43 | # brctl addbr br0 |
|---|
| 44 | # brctl addif br0 vnet0 |
|---|
| 45 | # brctl addif br0 ethws0 |
|---|
| 46 | # ifconfig br0 up |
|---|
| 47 | |
|---|
| [146] | 48 | If connection through this tunnel is unstable, then you may fix it |
|---|
| 49 | by changing VM's MTU to under 1500. |
|---|
| 50 | |
|---|
| [147] | 51 | Also etherws supports SSL/TLS connection (but client does not validate |
|---|
| [148] | 52 | server certificates and server does not authenticate client yet), so if |
|---|
| [147] | 53 | you want to encrypt this tunnel, then you can use following options. |
|---|
| [144] | 54 | |
|---|
| 55 | on Hypervisor1 (options *keyfile* and *certfile* were specified):: |
|---|
| 56 | |
|---|
| 57 | # etherws server --keyfile ssl.key --certfile ssl.crt |
|---|
| 58 | |
|---|
| 59 | on Hypervisor2 (option *uri*'s scheme was changed to *wss*):: |
|---|
| 60 | |
|---|
| 61 | # etherws client --uri wss://<Hypervisor1's IP address>/ |
|---|
| 62 | |
|---|
| [141] | 63 | History |
|---|
| 64 | ======= |
|---|
| [144] | 65 | 0.2 (2012-05-16 JST) |
|---|
| 66 | - SSL/TLS connection support |
|---|
| 67 | |
|---|
| 68 | 0.1 (2012-05-15 JST) |
|---|
| [141] | 69 | - First release |
|---|
