User Tools

Site Tools


public:standard_communication_relay_node

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
public:standard_communication_relay_node [2018/03/31 00:38] – external edit 127.0.0.1public:standard_communication_relay_node [2019/07/24 01:43] (current) – removed fangfufu
Line 1: Line 1:
-====== Standard Communication Relay Node ====== 
-Well, this particular IP address (the DNS A record associated with fangfufu.co.uk) is now blocked by a certain organisation. I have rented yet another VPS to act as this physical server's relay, so I can access this physical server in a certain hostile environment. In this document, I describe the configuration for my standard communication node.  
- 
-===== Operating system ===== 
-Debian Stable (Current Stretch) - this is the standard operating system across all computers that I have control of.  
- 
-===== List of software ===== 
-==== tinc ==== 
-Tinc stands for "There Is No Cabal". It is a VPN software that supports mesh topology. Nodes can be configured to communicate with each other. This is different to the star topology of OpenVPN. You can also configure certain nodes to relay traffic between nodes that cannot directly communicate with each other. My existing tinc network runs on tun. I can't remember why I decided that running it on tun mode is a good idea. In hindsight, I should have run it in tap mode.  
-==== openvpn ==== 
-I configure my OpenVPN on static key mode. In this mode, I think it doesn't negotiate cipher encryption cipher using plaintext. This helps me to evade the firewall. I run my OpenVPN in tap mode, so I can bridge the virtual adapter to my router, and create a hotspot that tunnels all traffic. I also run my OpenVPN over TCP, so it works with kcptun.  
-==== squid ==== 
-I use squid for creating an application level load balancing proxy. It supports weighted round robin for load balancing. The weight is done by ping time to upstream proxy.  
-==== kcptun ==== 
-kcptun provides an alternative transmission control mechanism to tcp. It basically transports tcp traffic over udp. 
-==== exim4 ==== 
- 
-==== git ==== 
- 
-==== cron-apt ==== 
- 
-==== shadowsocks ==== 
- 
-==== kcptun ==== 
- 
-==== iptables-persistent ==== 
- 
- 
- 
- 
- 
- 
  
public/standard_communication_relay_node.1522456696.txt.gz · Last modified: 2018/03/31 00:38 by 127.0.0.1