docs: add documentation for gluon-ebtables-filter-{multicast,ra-dhcp}
This commit is contained in:
Matthias Schiffer
parent
81b2142e65
commit
f0308ed93c
@ -50,6 +50,8 @@ Packages
|
|||||||
:maxdepth: 1
|
:maxdepth: 1
|
||||||
|
|
||||||
package/gluon-client-bridge
|
package/gluon-client-bridge
|
||||||
|
package/gluon-ebtables-filter-multicast
|
||||||
|
package/gluon-ebtables-filter-ra-dhcp
|
||||||
|
|
||||||
Releases
|
Releases
|
||||||
--------
|
--------
|
||||||
|
|||||||
30
docs/package/gluon-ebtables-filter-multicast.rst
Normal file
30
docs/package/gluon-ebtables-filter-multicast.rst
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
gluon-ebtables-filter-multicast
|
||||||
|
===============================
|
||||||
|
|
||||||
|
The *gluon-ebtables-filter-multicast* package filters out various kinds of
|
||||||
|
non-essential multicast traffic, as this traffic often constitutes a
|
||||||
|
disproportionate burden on the mesh network. Unfortunately, this breaks many useful services
|
||||||
|
(Avahi, Bonjour chat, ...), but this seems unavoidable, as the current Avahi implementation is
|
||||||
|
optimized for small local networks and causes too much traffic in lange mesh networks.
|
||||||
|
|
||||||
|
The multicast packets are filtered between the nodes' client bridge (*br-client*) and mesh
|
||||||
|
interface (*bat0*) on output.
|
||||||
|
|
||||||
|
|
||||||
|
The following packet types are considered essential and aren't filtered:
|
||||||
|
|
||||||
|
* ARP (except requests for/replies from 0.0.0.0)
|
||||||
|
* DHCP, DHCPv6
|
||||||
|
* ICMPv6 (except Echo Requests (ping) and Node Information Queries (RFC4620)
|
||||||
|
* IGMP
|
||||||
|
|
||||||
|
In addition, the following packet types are allowed to allow experimentation with
|
||||||
|
layer 3 routing protocols.
|
||||||
|
|
||||||
|
* Babel
|
||||||
|
* OSPF
|
||||||
|
* RIPng
|
||||||
|
|
||||||
|
The following packet types are also allowed:
|
||||||
|
|
||||||
|
* BitTorrent Local Peer Discovery (it seems better to have local peers for BitTorrent than sending everything through the internet)
|
||||||
13
docs/package/gluon-ebtables-filter-ra-dhcp.rst
Normal file
13
docs/package/gluon-ebtables-filter-ra-dhcp.rst
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
gluon-ebtables-filter-ra-dhcp
|
||||||
|
=============================
|
||||||
|
|
||||||
|
The *gluon-ebtables-filter-ra-dhcp* package tries to prevent common
|
||||||
|
misconfigurations (i.e. connecting the client interface of a Gluon
|
||||||
|
node to a private network) from causing issues for either of the
|
||||||
|
networks.
|
||||||
|
|
||||||
|
The rules are the following:
|
||||||
|
|
||||||
|
* DHCP requests, DHCPv6 requests and Router Solicitations may only be sent from clients to the mesh, but aren't forwarded
|
||||||
|
from the mesh to clients
|
||||||
|
* DHCP replies, DHCPv6 replies and Router Advertisements from clients aren't forwarded to the mesh
|
||||||
Loading…
Reference in New Issue
Block a user