diff --git a/boards/sim/sim/sim/NETWORK-LINUX.txt b/boards/sim/sim/sim/NETWORK-LINUX.txt index c11f767272..2571eda13d 100644 --- a/boards/sim/sim/sim/NETWORK-LINUX.txt +++ b/boards/sim/sim/sim/NETWORK-LINUX.txt @@ -1,5 +1,5 @@ -NETWORK SUPPORT ON LINUX -^^^^^^^^^^^^^^^^^^^^^^^^ +Network Support on Linux +======================== The simulation uses the TUN/TAP driver under Linux to provide network support. It can operate in one of two modes: host routed, or bridged. In the host @@ -11,8 +11,8 @@ to set up, but is much more flexible, and is likely to be easier to maintain in the end. -HOST ROUTE MODE -^^^^^^^^^^^^^^^ +Host Route Mode +--------------- If CONFIG_SIM_NET_HOST_ROUTE is enabled, the simulation will create and maintain a host route from the assigned IP address to the instance's tap @@ -27,14 +27,52 @@ able to see it until the simulation is stopped. The host route will force all traffic destined for that IP to be sent to the tap interface. NOTE: If you configure an IP address that is not on the same subnet as your - host, additional manual setup will be required. This is not - recommended; you should use bridge mode instead. + host, additional manual setup will be required. A helper script, + `tools/simhostroute.sh` is provided that can do this setup on Linux. + On Windows or macOS using host route mode is not recommended. + +Recent versions of Linux require setting kernel capabilities to allow the nuttx +executable access to the tap network driver. You can see more about the tun/tap +driver requiring Linux capabilities here: + +https://github.com/torvalds/linux/blob/master/Documentation/networking/tuntap.txt + +The `boards/sim/sim/sim/configs/tcpblaster/defconfig` is known to work in this +configuration. + +To compile: + + $ cp boards/sim/sim/sim/configs/tcpblaster/defconfig .config + $ make menuconfig # optional, to adjust configuration + $ make clean; make + +You can do the following after compiling the NuttX simulator: + +On Linux: + + $ # necessary on recent Linux distributions + $ sudo setcap cap_net_admin+ep ./nuttx + $ # set up the host route and IP tables rules + $ # replace ens33 with your Ethernet or wireless interface + $ sudo ./tools/simhostroute.sh ens33 on + $ # start the NuttX simulator + $ ./nuttx + +On the NuttX Simulator: + + nsh> ifconfig eth0 10.0.1.2 + nsh> ifup eth0 + +On Linux: + + $ # is nuttx up? + $ ping 10.0.1.2 -BRIDGE MODE -^^^^^^^^^^^ +Bridge Mode +----------- -BASIC USAGE +Basic Usage ----------- If CONFIG_SIM_NET_BRIDGE is enabled, the simulation's tap interface will automatically be added to the Linux bridge device specified by the @@ -54,11 +92,11 @@ multiple simulations, they will all be added to the same bridge and can talk amongst themselves. -OPTION 1: ROUTING LOCAL TRAFFIC TO THE BRIDGE ----------------------------------------------- -If you want the host to be able to talk to your simluations, you will +Option 1: Routing Local Traffic to the Bridge +--------------------------------------------- +If you want the host to be able to talk to the simulator, you will also need to assign the bridge an IP address (this will be the default -gateway you assign to your simluations) and add a network route. Note +gateway you assign to the simulator) and add a network route. Note that the subnet chosen should not already be in use. For example, if you want to use the 172.26.23.0/24 subnet for your simluations, you would do something like the following: @@ -70,9 +108,9 @@ The standard Linux ifconfig utility will automatically add the appropriate network route, so no further effort is needed. -OPTION 2: LIVE NETWORK ACCESS ------------------------------- -There are two main methods of giving your simulations access to your network +Option 2: Live Network Access +----------------------------- +There are two main methods of giving the simulator access to your network at large. One is to set up your Linux host as a router and configure your network so that it knows where to find the appropriate subnet. This is far too complex for most use cases, so you can safely ignore it unless you have @@ -111,16 +149,21 @@ as an ethernet hub; your simluation has direct access to the normal gateway as if the simluation were a device physically connected to the network. -CONFIGURING AT STARTUP +Configuring at Startup ---------------------- Most Linux distributions have a mechanism for configuring a bridge at startup. See your distribution's documentation for more information. +Setup Script +------------ -NOTES -^^^^^ +There is a script, `tools/simbridge.sh` that will do the setup for you. - o Users of VMware ESXi should be aware that the bridge will place the contained + +Notes +----- + + - Users of VMware ESXi should be aware that the bridge will place the contained ethernet interface into promiscuous mode (don't ask me why). ESXi will reject this by default, and nothing will work. To fix this, edit the properties of the relevant vSwitch or VLAN, select the Security tab, and @@ -131,7 +174,7 @@ NOTES I don't know if VMware's consumer products have similar issues or not. - o tools/simbridge.sh could make the bridge setup easier: + - tools/simbridge.sh could make the bridge setup easier: # tools/simbridge.sh eth0 on # tools/simbridge.sh eth0 off diff --git a/boards/sim/sim/sim/configs/tcpblaster/defconfig b/boards/sim/sim/sim/configs/tcpblaster/defconfig new file mode 100644 index 0000000000..cfd09e1a05 --- /dev/null +++ b/boards/sim/sim/sim/configs/tcpblaster/defconfig @@ -0,0 +1,137 @@ +# +# This file is autogenerated: PLEASE DO NOT EDIT IT. +# +# You can use "make menuconfig" to make any modifications to the installed .config file. +# You can then do "make savedefconfig" to generate a new defconfig file that includes your +# modifications. +# +CONFIG_ARCH="sim" +CONFIG_ARCH_BOARD="sim" +CONFIG_ARCH_BOARD_SIM=y +CONFIG_ARCH_CHIP="sim" +CONFIG_ARCH_SIM=y +CONFIG_BOARDCTL_POWEROFF=y +CONFIG_BUILTIN=y +CONFIG_CLOCK_MONOTONIC=y +CONFIG_DEBUG_ERROR=y +CONFIG_DEBUG_FEATURES=y +CONFIG_DEBUG_NET=y +CONFIG_DEBUG_NET_ERROR=y +CONFIG_DEBUG_SYMBOLS=y +CONFIG_DEV_LOOP=y +CONFIG_DEV_ZERO=y +CONFIG_DRIVERS_VIDEO=y +CONFIG_ELF=y +CONFIG_EXAMPLES_FTPC=y +CONFIG_EXAMPLES_TCPBLASTER=y +CONFIG_EXAMPLES_TCPECHO=y +CONFIG_EXECFUNCS_HAVE_SYMTAB=y +CONFIG_FS_BINFS=y +CONFIG_FS_HOSTFS=y +CONFIG_FS_LITTLEFS=y +CONFIG_FS_PROCFS=y +CONFIG_FS_TMPFS=y +CONFIG_IDLETHREAD_STACKSIZE=2048 +CONFIG_INPUT=y +CONFIG_IOB_NBUFFERS=1024 +CONFIG_IOB_NCHAINS=128 +CONFIG_IOB_NOTIFIER=y +CONFIG_IOB_THROTTLE=16 +CONFIG_LIBC_EXECFUNCS=y +CONFIG_LIBC_IOCTL_VARIADIC=y +CONFIG_LIBC_LOCALE=y +CONFIG_LIBC_LOCALTIME=y +CONFIG_LIBM=y +CONFIG_MAX_TASKS=16 +CONFIG_MAX_WDOGPARMS=2 +CONFIG_MM_REGIONS=2 +CONFIG_MQ_MAXMSGSIZE=64 +CONFIG_MTD=y +CONFIG_NET=y +CONFIG_NETDB_DNSCLIENT=y +CONFIG_NETDB_DNSCLIENT_MAXRESPONSE=176 +CONFIG_NETDB_DNSCLIENT_RECV_TIMEOUT=3 +CONFIG_NETDB_DNSSERVER_IPv4ADDR=0x771d1d1d +CONFIG_NETDEVICES=y +CONFIG_NETDEV_LATEINIT=y +CONFIG_NETDEV_PHY_IOCTL=y +CONFIG_NETDEV_STATISTICS=y +CONFIG_NETINIT_DRIPADDR=0x0a000101 +CONFIG_NETINIT_IPADDR=0x0a000102 +CONFIG_NETINIT_NETLOCAL=y +CONFIG_NETUTILS_DHCPC=y +CONFIG_NETUTILS_FTPC=y +CONFIG_NETUTILS_TELNETD=y +CONFIG_NETUTILS_TFTPC=y +CONFIG_NETUTILS_WEBCLIENT=y +CONFIG_NET_ARP_SEND=y +CONFIG_NET_BROADCAST=y +CONFIG_NET_ICMP=y +CONFIG_NET_ICMP_SOCKET=y +CONFIG_NET_ICMPv6=y +CONFIG_NET_ICMPv6_SOCKET=y +CONFIG_NET_IPv6=y +CONFIG_NET_LOOPBACK=y +CONFIG_NET_SENDFILE=y +CONFIG_NET_SLIP=y +CONFIG_NET_SOLINGER=y +CONFIG_NET_STATISTICS=y +CONFIG_NET_TCP=y +CONFIG_NET_TCPBACKLOG=y +CONFIG_NET_TCP_WRITE_BUFFERS=y +CONFIG_NET_TUN=y +CONFIG_NET_TUN_PKTSIZE=1500 +CONFIG_NET_UDP=y +CONFIG_NET_UDP_BINDTODEVICE=y +CONFIG_NET_UDP_WRITE_BUFFERS=y +CONFIG_NFILE_DESCRIPTORS=8 +CONFIG_NSH_ARCHINIT=y +CONFIG_NSH_BUILTIN_APPS=y +CONFIG_NSH_FILE_APPS=y +CONFIG_NSH_READLINE=y +CONFIG_NSH_TELNETD_CLIENTSTACKSIZE=4096 +CONFIG_NSOCKET_DESCRIPTORS=10 +CONFIG_POSIX_SPAWN_PROXY_STACKSIZE=2048 +CONFIG_PREALLOC_MQ_MSGS=4 +CONFIG_PREALLOC_TIMERS=4 +CONFIG_PSEUDOFS_SOFTLINKS=y +CONFIG_PSEUDOTERM=y +CONFIG_PSEUDOTERM_BSD=y +CONFIG_PTHREAD_CLEANUP=y +CONFIG_PTHREAD_CLEANUP_STACKSIZE=2 +CONFIG_PTHREAD_MUTEX_TYPES=y +CONFIG_PTHREAD_STACK_DEFAULT=8192 +CONFIG_RAMMTD=y +CONFIG_READLINE_CMD_HISTORY=y +CONFIG_READLINE_TABCOMPLETION=y +CONFIG_SCHED_CHILD_STATUS=y +CONFIG_SCHED_HAVE_PARENT=y +CONFIG_SCHED_HPWORK=y +CONFIG_SCHED_ONEXIT=y +CONFIG_SERIAL_TERMIOS=y +CONFIG_SIG_DEFAULT=y +CONFIG_SIG_EVTHREAD=y +CONFIG_SIM_M32=y +CONFIG_STACK_COLORATION=y +CONFIG_SYSLOG_BUFFER=y +CONFIG_SYSLOG_CONSOLE=y +CONFIG_SYSLOG_TIMESTAMP=y +CONFIG_SYSTEM_CLE=y +CONFIG_SYSTEM_NSH=y +CONFIG_SYSTEM_NSH_STACKSIZE=4096 +CONFIG_SYSTEM_NTPC=y +CONFIG_SYSTEM_PING6=y +CONFIG_SYSTEM_PING=y +CONFIG_SYSTEM_PING_STACKSIZE=4096 +CONFIG_SYSTEM_SYSTEM=y +CONFIG_SYSTEM_TELNET_CLIENT=y +CONFIG_SYSTEM_TELNET_CLIENT_STACKSIZE=4096 +CONFIG_SYSTEM_TIME64=y +CONFIG_TASK_NAME_SIZE=32 +CONFIG_TELNET_CHARACTER_MODE=y +CONFIG_TELNET_TXBUFFER_SIZE=64 +CONFIG_TTY_SIGINT=y +CONFIG_TTY_SIGINT_CHAR=0x3 +CONFIG_TTY_SIGSTP=y +CONFIG_USERMAIN_STACKSIZE=4096 +CONFIG_USER_ENTRYPOINT="nsh_main" diff --git a/tools/README.txt b/tools/README.txt index 0115b2b132..465e114e7f 100644 --- a/tools/README.txt +++ b/tools/README.txt @@ -931,6 +931,18 @@ sethost.sh -h will show this help test and terminate selects configuration file. Default: .config +simhostroute.sh +--------------- + + Helper script used to set up the tap driver, host routes, + and IP Tables rules to support networking with the + simulator under Linux. General usage: + + $ tools/simhostroute.sh + Usage: tools/simhostroute.sh + + See boards/sim/sim/sim/NETWORK-LINUX.txt for further information + simbridge.sh ------------ diff --git a/tools/simhostroute.sh b/tools/simhostroute.sh new file mode 100755 index 0000000000..4d153251ae --- /dev/null +++ b/tools/simhostroute.sh @@ -0,0 +1,79 @@ +#!/bin/bash + +#**************************************************************************** +# tools/simhostroute.sh +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. The +# ASF licenses this file to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance with the +# License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +#**************************************************************************** + +# Helper script to set up host route to NuttX simulator +# and set up IP Tables to allow it to access the +# internet. +# +# This script needs to be run as root. +# +# Note that on Linux you may also have to set kernel capabilities +# on the nuttx executable to allow NuttX to access the tap device: +# +# sudo setcap cap_net_admin+ep ./nuttx + +if [ $# != 2 ]; then + echo "Usage: $0 " + exit 1 +fi + +IF_HOST=$1 +STATUS=$2 + +IF_BRIDGE=nuttx0 +IP_NET="10.0.1.0/24" +IP_NETMASK="255.255.255.0" +IP_BROADCAST="10.0.0.255" +IP_HOST="10.0.1.1" +IP_NUTTX="10.0.1.2" + +if [ "$STATUS" == "on" ]; then + ip link add $IF_BRIDGE type bridge + ifconfig $IF_BRIDGE $IP_HOST + ifconfig $IF_BRIDGE up + ifconfig -a + ip addr add $IP_HOST dev $IF_BRIDGE + ifconfig $IF_BRIDGE netmask $IP_NETMASK + ip route delete $IP_NET + ip route add $IP_NET dev $IF_BRIDGE src $IP_HOST + ip route add $IP_NUTTX/32 dev $IF_BRIDGE src $IP_HOST + + # nat to allow NuttX to access the internet + iptables -t nat -A POSTROUTING -o $IF_HOST -j MASQUERADE + iptables -A FORWARD -i $IF_HOST -o $IF_BRIDGE -m state --state RELATED,ESTABLISHED -j ACCEPT + iptables -A FORWARD -i $IF_BRIDGE -o $IF_HOST -j ACCEPT + + ip route show +else + ip route delete $IP_NET + ip route delete $IP_NUTTX/32 + + # delete nat rules to clean up + iptables -t nat -A POSTROUTING -o $IF_HOST -j MASQUERADE + iptables -D FORWARD -i $IF_HOST -o $IF_BRIDGE -m state --state RELATED,ESTABLISHED -j ACCEPT + iptables -D FORWARD -i $IF_BRIDGE -o $IF_HOST -j ACCEPT + + ip link delete $IF_BRIDGE type bridge + + ip route show +fi +