apps/openlan
1
0
Fork 0
mirror of https://github.com/luscis/openlan.git synced 2025-10-15 21:20:37 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
1feeb28c971cd3337f17f7cd1471ed22d5e20df8
openlan/docs/central.md
sicheng ac4f79bbf4 clone from danieldin95
2022-07-29 23:38:54 +08:00

131 lines
2.7 KiB
Markdown
Executable File
Raw Blame History

# Central Branch Example
## Topology
```
OLSW(Central) - 10.16.1.10/24
^
|
Wifi(DNAT)
|
|
+---------------------Internet-----------------------+
^ ^ ^
| | |
Branch1 Branch2 Branch3
| | |
OLAP1 OLAP2 OLAP3
10.16.1.11/24 10.16.1.12/24 10.16.1.13/24
```
## Configure OLSW
生成预共享密钥:
```
[root@olsw ~]# uuidgen
e108fe36-a2cd-43bc-82e2-f367aa429ed2
[root@olsw ~]#
```
交换机配置:
```
[root@olsw ~]# cd /etc/openlan/switch
[root@olsw ~]# cat > switch.json <<EOF
{
"cert": {
"dir": "/var/openlan/cert"
},
"http": {
"public": "/var/openlan/public"
},
"inspect": [
"neighbor",
"online"
],
"crypt": {
"secret": "f367aa429ed2"
}
}
EOF
```
添加网络配置:
```
[root@olsw ~]# cd network
[root@olsw ~]# cat > central.json <<EOF
{
"name": "central",
"bridge": {
"name": "br-em1",
"address": "10.16.1.10/24"
},
"subnet": {
"end": "10.16.1.100",
"netmask": "255.255.255.0",
"start": "10.16.1.44"
},
"hosts": [
{
"hostname": "olap1.hostname",
"address": "10.16.1.11"
}
],
"openvpn": {
"listen": "0.0.0.0:1194",
"subnet": "172.32.194.0/24"
}
}
EOF
```
添加接入认证的用户:
```
[root@olsw ~]# openlan us add --name admin@central --role admin
[root@olsw ~]# openlan us add --name olap1@central
[root@olsw ~]# openlan us add --name olap2@central
[root@olsw ~]# openlan us add --name olap3@central
```
## Configure OLAP
添加一个网络:
```
[root@olap1 ~]# cd /etc/openlan
[root@olap1 ~]# cat > central.json <<EOF
{
"crypt": {
"secret": "f367aa429ed2"
},
"connection": "public-ip-of-olsw",
"username": "olap1@central",
"password": "get-password-of-olsw-administrator"
}
EOF
[root@olap1 ~]# cat central.json | python -m json.tool
```
配置网络服务:
```
systemctl enable openlan-point@central
systemctl start openlan-point@central
```
检查启动日志:
```
journalctl -u openlan-point@central
```
Reference in New Issue View Git Blame Copy Permalink