Building a WAN Emulator
Migrated-Sun, 09/16/2012 - 17:23
With the need for a WAN emulator that could simulate Poor connections over VSat, ADSL, and other types of connection available in developing areas I set out to see what was available. There are hardware solutions out there. We already had a network Wan emulator appliance but it is limited to one network at a time, with 3 Ethernet ports, 1 management, 1 LAN A, 1 LAN B. We needed more.
Here were my requirements:
Minimum Requirements:
- Support minimum of 2 sites
- Emulate limited Bandwidth
- Emulate packet loss
- emulate latency
- Administrator configurable by link
- Very Cheap, preferably utilize existing equipment and software.
Optimal Requirements:
- 3+ sites
- End User Configurable per links
- expandable
- Each network have 2 bridged adapters, 1 for local and one for remote with no need for IP addressing
- 1 separate management link, with web interface.
I did look at boxed solutions but the cost was not feasible. Next I looked at some windows solutions. I did find eExNetLab which is a nice solution for a small lab (http://www.eex-dev.net/index.php?id=38&l=1) utility for it in windows, but it was difficult to make automatically and was not a good solution if other people needed to manage it. I did manage to run it as a service but was not as robust as I would like.
Following that I found some solutions based on FreeBSD, and linux, and while they offered featured I liked they were still limited. These included Wan Bridge (http://code.google.com/p/wanbridge/) , WANEm (http://wanem.sourceforge.net/) and Dummynet (http://www.freebsd.org/cgi/man.cgi?query=dummynet&sektion=4). They all were closer to what I wanted but not quite what I was looking for. They did however put me on the right track.
Finally I decided to use what I had learned from playing with the mentioned solutions and build a solution on CentOS 6.3, integrating what I had learned. I have a physical machine available (HP Proliant DL380 G5 with Dual 1.86 2 core CPUs, 8GB ram, 2-4 port gigabit NICs plus the 2 onboard NICs), but because I am still was still in the experimental stage I decided to build it with Windows Server 2008 R2 and use Hyper-V Using Linux Integration Services 3.4 for Hyper-V (http://www.microsoft.com/en-us/download/details.aspx?id=34603).
I will explain how I did it, but it is expected you have some experience with Windows Server Hyper-V (although This does not have to be done in the virtual environment and can be done on a physical machine) and Linux Desktop experience.
I created a Hyper-V guest with:
- 1 Legacy adapter (for management)
- 2 Synthetic Network Adapters
- These will not be recognized until Linux Integration Services 3.4 for Hyper-V (http://www.microsoft.com/en-us/download/details.aspx?id=34603) are installed on the guest.
- Make sure "Enable spooking of MAC addresses" is checked on all network adapters but the management adapter.
- I used the first port from each of the 2 4-port Gigabit adapters. These will make the first bridge, the other adapters will be installed later.
- 2048 MB ram
- 30 GB Dynamically expanding HDD
- 1 CD/DVD drive
I installed Centos 6.3 (See Installing CentOS 6.3 Linux) as a Desktop working from the console of the Hyper-V server since the mouse does not work on a Hyper-V Linux guest console RDP session until Linux Integration Services is installed. After installing CentOS you will need to do the following:
- If you don't have DHCP you will need to add a static IP address to the Management interface. It should be the only interface you until Linux Integration Services is installed. you can do this through "System-->Preferences-->Network Connections".
- mount the "Linux Integration Services 3.4 for Hyper-V" iso on the guest machine and run the install.sh as the "root" user.
- Install WEBMIN & USERMIN. I did this trough yum but that meant I had to add the file /etc/yum.repos.d/webmin.repo following instructions at http://www.webmin.com/rpm.html
- Enabled Ports 10000 (WEBMIN) & 20000 (USERMIN) in the firewal for incoming web requests in the Firewall.
- I created ifcfg for each adapter files in /etc/sysconfig/network-scripts. I Named the files ifcfg-WAN01INSIDE & ifcfg-WAN01OUTSIDE from this template:
TYPE=Ethernet
BOOTPROTO=none
IPv4_FAILURE_FATAL=yes
NAME=WAN01INSIDE or WAN01OUTSIDE or whatever you want
ONBOOT=yes
BRIDGE=WAN01BRIDGE or whatever you want to name the bridge
DEVICE=WAN01INSIDE or WAN01OUTSIDE or whatever you want
HWADDR=<hardwareaddress of adapter>
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes - I created ifcfg for the bridge in /etc/sysconfig/network-scripts. I Named the files ifcfg-WAN01BRIDGE from this template:
DEVICE=WAN01BRIDGE or whatever you want
NAME=WAN01BRIDGE or whatever you want
ONBOOT=yes
TYPE=Bridge
STP=on
MTU=9000
DELAY=0 - I installed the other adapters repeating steps 5 & 6 for each pair of adapters and the respective bridge but using unique names and devices for them.
- Next I created a folder "/WAN-MGT" and created a file in it called "WANADAPT.csv". in this file I listed the value dentered for "DEVICE=" for each of the OUTSIDE adapters. Example:
WAN01OUTSIDE
WAN02OUTSIDE
WAN02OUTSIDE - Create a script called "WAN.sh" in the "/WAN-MGT" folder. Enter the following in the script:
#! /bin/sh
tc qdisc del dev $1 root
tc qdisc add dev $1 root handle 1: htb default 12
tc class add dev $1 parent 1:1 classid 1:12 htb rate $2 ceil $3
tc qdisc add dev $1 parent 1:12 netem delay $4 $5 loss $6 $7#EOF
-
Now that the network is configured and the script that makes it all work are in place all we need to do is configure WEWAN.shBMIN and USERMIN for it. I used WEBMIN to make a custom commands form and USERMIN to give users access to it.
WEBMIN:
-
goto http://<IPADDRESS>:10000 and login as root
-
in the left pane menu unser "Others" select "Custom Commands"
-
In the right pane click the "Create a new command" link. Fill out the following fields (the rest can be left at their default value):
Description: WAN Management
Command: sh /WAN-MGT/WAN.sh $eth $rate $ceil $delay $RanDvariable $loss $dropvariable (note: order of these variables is VERY important)
Run as user: root
Availible in Usermin: Yes
Parameter name: eth
Description: WAN Adapter to change
Type: select "Menu" and type "/WAN-MGT/WANADAPT.csv"
Quote? No
Required? Yes -
Click Create button.
-
Under WAN Management there is a link that says "Edit command." Click it. (you will do this a few times)
-
Now you can add an additional Parameter. do it with the following values:
Parameter name: rate
Description: WAN Adapter to change
Type: select "Text" and type "type a default setting speed and end it with kbps or Mbps but include NO spaces such as 384kbps)
Quote? No
Required? Yes - Click "save"
- repeat the steps 5-7 for the following parameters:
Parameter name: ceil
Description: Maximum Burst speed (kbps or Mbps)
Type: select "Text" and enter a default setting speed and end it with kbps or Mbps but include NO spaces such as 400kbps
Quote? No
Required? Yes
----------------------------------------------------Parameter name: delay
Description: Latency (ms)
Type: select "Text" and enter a default latency ending it with ms but include NO spaces such as 150ms
Quote? No
Required? Yes
----------------------------------------------------Parameter name: RanDvariable
Description: Random Latency variance(ms)
Type: select "Text" and enter a default latency random variance ending it with ms but include NO spaces such as 20ms
Quote? No
Required? Yes
----------------------------------------------------Parameter name: loss
Description: Packet loss (%)
Type: select "Text" and enter a default Packet Loss in %)
Quote? No
Required? Yes
----------------------------------------------------Parameter name: dropvariable
Description: Random packet loss (%)
Type: select "Text" and enter a default Random Packet Loss variance in % such as 2%)
Quote? No
Required? Yes - Test it! start pinging from a computer on one side of the bridge to a computer on the other. note the latency and packet loss. check the speed by transferring a file.
- now select a adapter in the Wan Management Custom Command, set the values and click the WAN Management button, and try the test in step 9 again. you should have seen a change in the latency, packet drop and speed to the settings you made.
USERMIN:
- I created a regular user in my WAN Emulator operating system for yusers to gain access to it without having access to the entire system. They can access the wan and custom commands through USERMIN at http://<ipaddress>:20000.
- I made configuration for USERMIN in WEBMIN (Left pane: Un-used Modules-->Usermin Configuration) in WEBMIN:
- making the custom Commands the default page in User Interface (User Interface Icon) by selecting it from the dropdown menu for "After login, always go to module"
- removing all USERMIN modules from the Usermin Modules icon but these:
Apache Options Files
Custom Commands
Running Processes
Comments