Tutorial: Administrative Mesh Network

by John Haverlack 2020-09-22

Tutorial Objectives

This tutorial covers how to:

Install CJDNS on Linux, Windows or Mac platforms
Join a test CJDNS mesh network
Test SSH connectivity between nodes
Test NoMachine remote desktop between nodes
Test Firefox with a remote Squid Proxy server for remote web access.

The focus of this tutorial will be on using an enrypted IPv6 mesh network (CJDNS) for remote administrative access as an alternative to VPN or SSH tunneling.

Pros of CJDNS

Minimal dependence on fixed IP addresses for static routes between networks
All traffic is encrypted
Resilient to intermittent network outages (this is mostly true)
Most IPv4 applications can be used transparently on IPv6 address without modification
Codebase is free, open source mature and stable
CJDNS runs on Windows, Mac OS X, Linux (CentOS, Debian/Ubuntu/Mint, Raspbian, and OpenWRT)
Community Support via Matrix/Element: https://app.element.io/#/room/!FgPvfVaiPeDNKZHaSe:matrix.org

Cons of CJDNS

Security depends on strict administrative control of member nodes. Each node is a potential risk vector.
Occasional performance issues, but typically works as good or better than direct SSH connections.
I've had trouble running as a service on Windows and Macs. However others report this is not an issue.

Another open alternative mesh network solution is [Ygdrasil](https://yggdrasil-network.github.io/). I've not had a chance to do hands on testing with this system so I am not equipped to provide a comparison.

Prerequisites

Test Host

You will need a recent up-to-date Linux (CentOS/Debian/Linuxmint/Ubuntu/Raspbian), Mac OS X, or Windows 10 physical or virtual computer with:

> ~1 GB RAM
a graphical desktop environment
Administrative Access (to install software)

It is recommended to perform this tutorial on a local test system other than your primary desktop computer.

Optional VirtualBox Test Host

To save time, I have provided 2 Debian VirtualBox images that you may download and import ahead of time for the purposes of this tutorial.

tutorial-admeshnet-cjdns.ova (SHA1Sum:0ca5d30879bc1f6f40c6566083f2d99b22e0c61f ~2.5 GB) - This Debian Desktop VirtualBox image comes will all software installed and is ready to quickly connect to our test mesh network for demonstration.
tutorial-admeshnet-preinst.ova (SHA1Sum:f08d969c0fc29f48dc54cb4f70bf6175269ffcb2 ~2.4 GB ) - This Debian Desktop VirtualBox image comes without all software installed so we can do hands on training of the installation procedure.

Please contact jehaverlack@alaska.edu for the Administrative login and password for these images.

Alternately if you choose to install on a Windows or Mac computer, or other Linux system you will need to have administrative permissions and be responsible for any technical glitches that may arise. The easiest way to follow this tutorial will be to use one of the prepared VirtualBox images.

Installing VirtualBox and Importing VirtualBox OVA images.

Download and install VirtualBox for your x86_64 Win,Mac,Lnx desktop/laptop computer (with > 4 GB RAM, &gh; 5 GB free disk space).
Download one or both of the above VirtualBox OVA guest images.
For each VirtualBox OVA guest image that you want to run
Open VirtualBox, Goto the menu: File -> Import Appliance, Select your *.ova file image and follow the import process.

Software

This tutorial will be using the following software inside our CJDNS test hosts:

CJDNS https://github.com/cjdelisle/cjdns/#cjdns
Node.JS https://nodejs.org/en/
FireFox https://www.mozilla.org/en-US/firefox/new/efox/
NoMachine https://www.nomachine.com/

To save time you might want to install Node.JS, Firefox, and NoMachine on you test host prior to the tutorial.

Tutorial Beginning

Before we begin you should have at least one test host ready to use in this tutorial:

One of the VirtualBox Guest images
A Mac, Windows, Linux, Raspberry Pi test host

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search