I have been working on getting a Kerlink IoT Station to work with GPRS/3G as its primary uplink path.
A client asked me to do this configuration because they did not have the resources to it themselves. No problem. I have been working with LoRa and Kerlinks for a while now doing a consultancy job for another client (a big telco). They did not want to connect the Kerlink to their local network for security reasons. They wanted to add their gateway to TheThingsNetwork.org (TTN), a global open crowdsourced Internet of Things data network that started in The Netherlands. Reading the forums, I noticed that many trying to do the same have run into issues. The documentation is sometimes incomplete and scattered so it takes a bit of effort to get it to work.
IoT lab at the home office
The task at hand:
Configure a Kerlink IoT station to use its GPRS/3G modem as its uplink path and connect it to TheThingsNetwork.org. The SIM provided was a PukData M2M SIM which uses the KPN mobile network in The Netherlands.
Normally, the Kerlink will use its ethernet (eth0) uplink as its default path. The basic idea here is that, if configured correctly, an autoconnect mechanism will trigger the GPRS bearer, establishes a PPP connection and set a default route and DNS.
I had already installed the TTN firmware with the polypacket forwarder on the Kerlink and got it to work using the ethernet uplink. I used a LoRaMote to check if packets actually showed up in the TTN api. For the next step, I basically followed the GPRS/3G guide on the TTN Wiki which boils down to:
- Set the GPRS options to match your SIM and telco’s APN settings (i.e. APN name, pincode, username and password).
- Configure auto connect in the knet monitor.
- Set the bearers priority.
- Because no username/password is set for this APN, and empty username/password fields trigger a bug, I also installed the patched GPRS init script.
I ran into a couple of things so these considerations may be useful:
- If your SIM comes with a pin code (usually 0000), set it with ‘GPRSPIN=<your pin here>’.
- If your APN username and password are to be left empty, replace the GPRS init script with the patched version as mentioned at the bottom of the guide.
- Carefully choose your ip_link address in /knet/knetd.xml depending on your requirements. This address is pinged periodically to determine if the GPRS auto connect needs to be activated. In my case I wanted one that is only reachable over the GPRS APN (e.g. for KPN use their DNS server: 126.96.36.199) to force it to bring up the ppp0 interface whenever possible. If you’re using GPRS as a backup path this should be different (I guess an address only reachable via eth0 but make sure the PPP session is terminated as soon as the primary path becomes available again). Use tcpdump (e.g. tcpdump -i ppp0 -n -v port 1700 or icmp) to check if it is pinging the correct address and if status updates are sent.
- I chose not to use peerdns (GPRSDNS=no) because the default DNS servers are not restored in case of a GPRS connection failure, thus breaking eth0 as a fallback path. I used the Google public DNS servers in stead as they work on both paths. This could also be fixed in /etc/ppp/ip-down.
- Remember that your default gateway will be set to the ppp0 interface whenever that interface comes up. You may want to be able to connect through eth0 for maintenance…
- The (poly) packet forwarder needs to be restarted whenever there is an interface change to make sure it binds to the right source address. If it isn’t you will see packets going out the ppp0 interface with the eth0 source address (or vice versa). I added ‘/usr/bin/killall poly_pkt_fwd’ to /etc/ppp/ip-up and /etc/ppp/ip-down.
- The firewall is not enabled by default. Make sure to edit /etc/init.d/firewall to your needs and turn it on in /etc/sysconfig/network (FIREWALL=yes). Don’t forget IPv6 although dropbear for instance does not listen on a v6 socket.
Tests to do to make sure it all works:
- Check if the gateway is still active (is sending status updates) and node messages are received in the TTN API after unplugging the ethernet uplink cable. If you’re using an ethernet power injector, make sure to unplug the cable going into the injector rather than the one going out to the Kerlink. Duh! 😉 Remember that you can’t log in to the gateway anymore, assuming access to the GPRS/3G address is blocked.
- Plug the ethernet cable back in and see if you can log in again. Then check if updates/messages are still being sent over the ppp0 interface using tcpdump.
- Power cycle the Kerlink while leaving the ethernet uplink cable unplugged. This will make sure the Kerlink will boot successfully in stand-alone mode, which was the whole purpose of this exercise.
# Selector operator APN GPRSAPN=internet.access.nl # Enter pin code if activated GPRSPIN=0000 # Update /etc/resolv.conf to get dns facilities GPRSDNS=no # PAP authentication GPRSUSER= GPRSPASSWORD= # Bearers priority order BEARERS_PRIORITY="ppp0,eth0,eth1"
<!-- ############## connection parameters ############## --> <!-- nb of second to retry to connect to server if connection failed--> <CONNECT retry_timeout="10" /> <!-- port nunmber for local application kms connection --> <CONNECT kms_port="35035" /> <CONNECT auto_connection="YES" /> <!-- frequency of connection monitoring -ping- (in seconds) --> <CONNECT link_timeout="30"/> <!-- DNS servers will be pinged if commented or deleted. Some operators can block the ping on there DNS servers --> <CONNECT ip_link="188.8.131.52"/>
Don’t hesitate to leave a comment below or send a message.
What Exactly Is The “Internet of Things”?
A graphic primer behind the term & technologies
Over the last several years, stories of the technologies making up an Internet of Things have started to slip into public consciousness. As this is occurring, we believe the whole story of Smart Systems and the Internet of Things is not being told. Many of the dispatches coming in from the “front lines” of technology innovation are but fragments of a much larger narrative.
From our perspective, this story is not just about people communicating with people or machines communicating with machines. Smart, connected systems are a technological and economic phenomenon of unprecedented scale, encompassing potentially billions if not trillions of nodes — an Internet of infinite interactions and values…
The “Infographic of Things”
How to set up an IPv6 enabled FTP server: vsftpd
Many people are searching for configuration examples on how to set up an IPv6 enabled FTP server like vsftpd. Here you will find examples of a number of popular FTP servers. This article covers vstftpd for Linux.
Let’s have a look at vsftpd. vsftpd is a stable GPL licensed FTP server for UNIX systems, including Linux. It is secure and very fast. The configuration example is based on an Ubuntu installation an assumes you have an active IPv6 network stack:
Install the vsftpd package:
Let’s install vsftpd and any other required package:
apt-get -y install vsftpd
Use your favorite editor to edit the configuration file for vsftpd:
First of all, disallow anonymous, unidentified users to access files via FTP; change the anonymous_enable setting to NO:
Allow local uses to login by changing the local_enable setting to YES:
If you want a local user to have write permissions, then change the write_enable setting to YES:
You probably want local users to be ‘chroot jailed’ so they will only have access to their own environment and cannot see anything else on the system; change thechroot_local_user setting to YES:
Make the server stop listening on IPv4:
Now make the server listen on an IPv6 socket:
You may want to go over the other options which I will not cover here as they fall outside the scope of this example. Then exit and save the file by typing:
Restart the vsftpd service:
service vsftpd restart
Check to see if it is listening on an IPv6 socket:
netstat -an6|grep 21
Which should produce an output similar to:
tcp6 0 0 :::21 :::* LISTEN
There are many IPv6 books around nowadays with many different approaches to the subject. IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6 by Rick Graziani is an excellent book that will help you fully understand the fundamentals of IPv6. It has a great balance of theory and practical information and is a good starting point for learning about IPv6. Other IPv6 books can be found on our books and e-books pages. We have included a number of Amazon reader reviews below:
Graziani provides straightforward understanding.
By M.B. Reynolds on June 5, 2013
The title of the book is an accurate depiction of the contents of this work. The material is presented in a straightforward, methodical manner. The material is presented with understanding and teaching in mind utilizing repetition, sample code, examples, and review. The book is primarily a walk through the various Internet Engineering Task Force (IETF) Requests for Comments (RFC) that comprises the aspects, features, and options of IPv6. Most of these RFC walkthroughs are accompanied with Cisco IOS example code for setting up a router to implement the RFC.
After some of these examples, output from a packet sniffer demonstrates the changes to the packet headers. The book finishes with mechanisms for implementing mixed IPv4 and IPv6 environments and approaches to transitioning from IPv4 to IPv6. Additional references and notes point the reader to more details or topics not covered by the book. Overall I certainly recommend this book as a starting point into IPv6 if the reader has some IPv4 and routing experience. I believe for the novice an additional more general book on networking should be digested first.
The book covers the Internet history and the motivation of IPv6. The IPv6 headers and Extension headers are presented in (again) a straightforward explanation with plenty of diagrams and tables. This explanation includes the specific differences between IPv4 and IPv6 headers. A nice overview of IPSec headers includes authentication, transport, and tunneling modes. Chapter four outlines the multitude of unicast, multicast, and anycast address types. The Neighborhood Discovery Protocol is a new feature of Internet Control Message Protocol version 6 (ICMPv6). Graziani shows ICMPv6 with its enhancements is an important change in how IP hosts identify themselves and others hosts and routers on the network.
The middle of the book discusses IPv6 configuration and routing. Initially, a router is configured from scratch with the various address types. The same example configuration and network is nicely used through the middle of the book. This method is useful for continuity and context. Building on this initial configuration static routes and routing tables are built. The old and new RIPng, EIGRP, and OSPF are compared and contrasted in Chapter 8. The middle ends with Dynamic Host Configuration Protocol version 6 (DHCPv6). The new features such as stateless & stateful DHCP and relay agents are covered. Some interesting differences in Domain Name Service (DNS), TCP, and UDP are explained.
The book ends with mixed IPv4 and IPv6 environments. Graziani shows dual stack allows for parallel IPv4 and IPv6 networks. He covers tunneling methods such as 6to4 and ISATAP that allow for IPv6 packets to be encapsulated in IPv4 packets and routed through an IPv4 network. He shows this allows for a smooth transition from IPv4. Finally Network Address Translation IPv6 to IPv4 (NAT64) is walked through. He shows this allows and IPv4 address to be mapped to a IPv6 address and vice versa to allow coexisting IPv4 and IPv6 networks to communicate.
One of the most substantial changes from IPv4 to IPv6 is the addresses and their types. After introducing hexadecimal and the address format short hands, Graziani explains well the structure of the new 128-bit address: prefix, subnet, and interface id.
After trying others – THIS is THE BOOK!
By John Scott on March 22, 2013
The review written by Cosmic Traveler says it well. I purchased 2 other books before this one and they both ended up on the bottom shelf of my bookshelf. I ordered this one and I couldn’t put it down. If the mere thought of a 128-bit address represented in hexadecimal format makes your hair stand up, you need to order this book and then go have a glass of wine – or a cold beer.
By Matthew Petersen on February 14, 2014
To support future business continuity, growth, and innovation, organizations must transition to IPv6, the next generation protocol for defining how computers communicate over networks. IPv6 Fundamentals provides a thorough yet easy-to-understand introduction to the new knowledge and skills network professionals and students need to deploy and manage IPv6 networks.
Excellent book, highly recommended!
By MSG causes migraines on October 15, 2013
Even though I have been a CCIE since the 1990s and have dealt with IPv6 successfully on the re-certification exams, this book added a lot of needed clarity on the context and usage of IPv6 so the concepts are more readily absorbed and made intuitive. For those network engineers not yet exposed to IPv6 due to their individual customer/employer situations, it is a near-term reality everyone is going to have to deal with as the IPv4 private addressing RFC 1918 (and the updated IPv4 content in RFC 6761) cannot eliminate the reality that IPv4 is nearing address depletion.
By COSMIC TRAVELER on November 17, 2012
Are you a network engineer; network designer; network technician; part of the technical staff; and, networking student, including those of the Cisco Networking Academy; who are seeking a solid understanding of the fundamentals of IPv6? If you are, then this book is for you! Author Rick Graziani, has done an outstanding job of writing a book that focuses on the basics of IPv6.
Author Graziani, begins by discussing how the Internet of today requires a new network layer protocol, Ipv6, to meet the demands of its users. Then, the author examines the Ipv6 protocol and its fields. Next, he introduces IPv6 addressing and address types. The author continues by examining the different types of IPv6 addresses in detail. Then, he examines ICMPv6. The author then illustrates the configuration of IPv6, addressing the use of a common topology. Next, he examines the IPv6 routing table and changes in the configurations pertaining to IPv6. The author continues by discussing three routing protocols: RIPng, EIGRP for IPv6 and OSPFv3. Then, he examines DHCP for IPv6 or DHCPv6. The author then covers two of three strategies for IPv4 and IPv6 integration and coexistence: dual-stack and tunneling. Finally, he discusses the third technique for transition from IPv4 and IPv6: Network Address Translation or NAT.
This most excellent book provides a thorough yet easy-to-understand introduction to IPv6. More importantly, this great book is also intended to provide a foundation in IPv6 that will allow you to build on it.
Great book to begin IPv6 study
By Cord Scott on March 22, 2013
Really like this book. Information is accurate and concise and concentrates on the protocol and not just how to configure Cisco gear for IPv6, which is what too many people look for. Not a whole lot on migration but Cisco Press has another book that deals with that.
Everyone should start IPv6 with this book
By Andras Dosztal on May 13, 2013
Detailed but still easy to understand, having a good balance of theory and practical knowledge. Up to date, covers all topics needed for someone who’s getting familiar with IPv6. Having prior IPv4 and routing knowledge is recommended.
It was much needed. Especially now that Google ranks sites based on how well they do on mobile devices. Time for a major overhaul of our website. We’ve moved it from a way too old Joomla setup to state of the art WordPress site. Joomla appears to be dying slowly anyway. It’s much faster and completely responsive which means it will automatically adjust its layout to smaller mobile screens. Very cool.
At the same time we have removed some of the less popular parts like the forums. They were being used by spammers mostly. And we don’t like those.. We have improved the #ipv6 twitter stream and added a shop where you can find the coolest t-shirts and other IPv6 related things like mugs and stickers. There’s no place like ::1, right? We have partnered with Zazzle for this so get yourself one of those cool shirts today!
We’ve also improved the book shop so you will be automatically directed to your local Amazon site for all your IPv6 purchases. We have also added a selection of IoT (Internet of Things) books since this subject is highly linked to IPv6.
The Dutch National Cyber Security Centre has put a new version (2.0) of their IPv6 white paper online. It is written in cooperation with a number of experts from public and private organizations. Dennis Silva and I also helped out and our article “Niets doen is geen optie”, published in Computable 04-06-2012, was used as one of the references. This article was based on our own IPv6 white paper that we wrote last year and it provided interesting input for discussions on what transition scenarios are feasible and what risks they come with.
It was great to be part of this and I’m proud to see our names, and the company’s, being mentioned in the list of references and contributors. 🙂
The paper is published here: http://www.ncsc.nl/dienstverlening/expertise-advies/kennisdeling/whitepapers/ip-versie-6-ipv6.html
In this version of the IPv6 paper, there is more focus on security risks of migration scenarios. Depletion of the IPv4 address space means that everyone at some point has to decide on an IPv6 strategy. With every scenario, whether it is ‘doing nothing’ or going for a full native IPv6 implementation, comes risk. For instance, 6in4 tunnels can provide unwanted access into secured networks and the default enabled IPv6 in many OSes can provide unnoticed connectivity between nodes that are thought to be isolated.
Today is 6/6/2012, World IPv6 Launch Day. The day the Internet community permanently enables the IPv6 Internet protocol on their infrastructure. Some refer to this protocol as ‘The New Internet Protocol’. But is it new? No. Not at all.
To deal with the anticipated IPv4 address exhaustion, the Internet Engineering Task Force (IETF) developed IPv6 and described it in Internet standard document RFC 2460. This was published in December 1998. Due to the incompatibilty with the current IPv4 protocol, it was never widely adopted. Now that address exhaustion is imminent, the world is in a hurry to set things straight.
I am the proud owner of what is arguably the coolest IPv6 Internet domain name in the world: ipv6.net. I have owned it for a long time. Not too long ago I realized that 6 days after 6/6/2012, it has been exactly 15 years since the domain name was registered. Apparently, back in 1997, I envisioned that IPv6 was going to be big. I just didn’t know it would take such a long time. But are we there yet? No. Not even close.
Back then the community thought we would run out of IP addresses in just a couple of years. With some tricks we managed to stretch things out until now. We even back-ported some cool stuff from the new protocol into the old. It wasn’t until mid 2011 that we saw some serious global industry initiatives to promote adoption of IPv6: World IPv6 Day on June 8th. On that day some of the smaller as well as larger members of the global Internet community temporarily enabled IPv6 on their infrastructure. For some, just to see what would happen. For others a good test of their transition plan or chosen technology. Some ‘forgot’ to switch it off again. For most it was a big success; a final rehearsal for the big step: a global transition from IPv4 towards IPv6.
Today is the start of that transition. Content providers around the globe will provide access to their services over IPv6. Access providers will provide IPv6 access to their end-users. Hard- and software manufacturers will bring out IPv6 support for their products. This broad involvement will certainly help to solve the chicken and egg, content versus access, problem.
So what will happen after today? If all goes well, and I certainly expect so, we will have marked the beginning of the end of IPv4. It will take many years before IPv6 has become the dominant protocol and IPv4 is marked ‘legacy’. But I expect that after today more and more companies will make a start with their transition. For many it will be hard to make a good business case for it as there is not always a clear added business value. Just don’t wait too long as the landscape is rapidly changing.
Some advice for those about to take the plunge: take ample time to gather knowledge, create awareness among those involved, decide on a sound transition scenario, test and start planning.
And for me? Well, as an IT professional I will be helping out customers doing just that. Personally, I will continue to blog and tweet about IPv6 for a long time to come…
This is a presentation I worked on which outlines IPv6 in Mission Critical Environments; typical environments of customers of Schuberg Philis.
That is all mighty interesting and I would like to get IPv6 ready ASAP. Where do I go from here?
The best thing to do now is to start learning more about the matter. A good way to do that is to get yourself a good book and start reading. A large selection of IPv6 books can be found in our online shop.
If you already have some knowledge but like to learn more about topics as, implementation, migration, integration, optimization and other ‘ations’, have a look at our excellent selection of videos made by industry professionals.
Maybe you are already busy upgrading your network to the next generation but are running into some problems. Or maybe you are facing new challenges or like to share your findings with others. So start sharing.
Network and other IT professionals can keep their knowledge up to date with our hot IPv6 news feed, also if you are interested in attending summits or other industry events and meetings.
We will be adding more information, documents, tools and other resources as time progresses. So make sure to check back soon!
If you can’t find what you need or you would like to make a comment or request, don’t hesitate to contact us.