2. Deliberately Impacting Ethernet

Deliberately Impacting Ethernet

Basic Setup

So, I was quite fortunate, for a while I got my hands on two very similar servers.

  • Motherboard: X11SDV-4C-TP8F
# dmidecode -t baseboard
# dmidecode 3.2
Scanning /dev/mem for entry point.
SMBIOS 3.1.1 present.

Handle 0x0002, DMI type 2, 15 bytes
Base Board Information
    Manufacturer: Supermicro
    Product Name: X11SDV-4C-TP8F
    Version: 1.02
    Serial Number: -
    Asset Tag: To be filled by O.E.M.
    Features:
        Board is a hosting board
        Board is replaceable
    Location In Chassis: To be filled by O.E.M.
    Chassis Handle: 0x0003
    Type: Motherboard
    Contained Object Handles: 0

Handle 0x0014, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: ASPEED Video AST2500
    Type: Video
    Status: Enabled
    Type Instance: 1
    Bus Address: 0000:03:00.0

Handle 0x0015, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN I350 #1
    Type: Ethernet
    Status: Enabled
    Type Instance: 1
    Bus Address: 0000:65:00.0

Handle 0x0016, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN I350 #2
    Type: Ethernet
    Status: Enabled
    Type Instance: 2
    Bus Address: 0000:65:00.1

Handle 0x0017, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN I350 #3
    Type: Ethernet
    Status: Enabled
    Type Instance: 3
    Bus Address: 0000:65:00.2

Handle 0x0018, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN I350 #4
    Type: Ethernet
    Status: Enabled
    Type Instance: 4
    Bus Address: 0000:65:00.3

Handle 0x0019, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN X722 #1
    Type: Ethernet
    Status: Enabled
    Type Instance: 5
    Bus Address: 0000:b5:00.0

Handle 0x001A, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN X722 #2
    Type: Ethernet
    Status: Enabled
    Type Instance: 6
    Bus Address: 0000:b5:00.1

Handle 0x001B, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN X722 #3
    Type: Ethernet
    Status: Enabled
    Type Instance: 7
    Bus Address: 0000:b5:00.2

Handle 0x001C, DMI type 41, 11 bytes
Onboard Device
    Reference Designation: Intel LAN X722 #4
    Type: Ethernet
    Status: Enabled
    Type Instance: 8
    Bus Address: 0000:b5:00.3
  • Memory, a single 8G stick
# dmidecode -t memory
# dmidecode 3.2
Scanning /dev/mem for entry point.
SMBIOS 3.1.1 present.

Handle 0x0025, DMI type 16, 23 bytes
Physical Memory Array
    Location: System Board Or Motherboard
    Use: System Memory
    Error Correction Type: Single-bit ECC
    Maximum Capacity: 1536 GB
    Error Information Handle: Not Provided
    Number Of Devices: 4

Handle 0x0026, DMI type 17, 40 bytes
Memory Device
    Array Handle: 0x0025
    Error Information Handle: Not Provided
    Total Width: 72 bits
    Data Width: 64 bits
    Size: 8192 MB
    Form Factor: DIMM
    Set: None
    Locator: DIMMA1
    Bank Locator: P0_Node0_Channel0_Dimm0
    Type: DDR4
    Type Detail: Synchronous
    Speed: 2666 MT/s
    Manufacturer: Samsung
    Serial Number: -
    Asset Tag: DIMMA1_AssetTag (date:18/19)
    Part Number: M393A1G43EB1-CTD
    Rank: 2
    Configured Memory Speed: 2400 MT/s
    Minimum Voltage: 1.2 V
    Maximum Voltage: 1.2 V
    Configured Voltage: 1.2 V

So the CPU is a Intel(R) Xeon(R) D-2123IT CPU @ 2.20GHz

For storage the box has a single SSD on the built in SATA adapter,

# camcontrol devlist
<SAMSUNG MZ7KM240HMHQ-00005 GXM5304Q>  at scbus0 target 0 lun 0 (pass0,ada0)
<AHCI SGPIO Enclosure 1.00 0001>   at scbus6 target 0 lun 0 (ses0,pass1)
<AHCI SGPIO Enclosure 1.00 0001>   at scbus15 target 0 lun 0 (ses1,pass2)

From there on it was somewhat straight forward, patched it up with a normal Cat6 cable between the two servers, ixl0 to ixl0 as it where.

When I booted up the first server it got an IP ending with 170, so I ended up calling the server 170 and 171 and it carried over to the IPs used on the various links.

Both servers installed with FreeBSD 12.0-RELEASE-p10 GENERIC amd64 and a few packages for my own comfort. (vim, zsh, git, and other tools)

Direct Link

170 setup

ifconfig ixl0 mtu 9000
ifconfig ixl0 up
ifconfig ixl0 192.168.1.170/24

# ifconfig ixl0
ixl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9000
        options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
        ether ac:1f:6b:xx:xx:xx
        inet 192.168.1.170 netmask 0xffffff00 broadcast 192.168.1.255
        media: Ethernet autoselect (10Gbase-T <full-duplex>)
        status: active
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

171 setup

ifconfig ixl0 mtu 9000
ifconfig ixl0 up
ifconfig ixl0 192.168.1.171/24

# ifconfig ixl0
ixl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 9000
    options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
    ether ac:1f:6b:xx:xx:xx
    inet 192.168.1.171 netmask 0xffffff00 broadcast 192.168.1.255
    media: Ethernet autoselect (10Gbase-T <full-duplex>)
    status: active
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>

gif(8) encapsulation

170 setup

ifconfig gif0
ifconfig gif0 create
ifconfig gif0 tunnel 192.168.1.170 192.168.1.171
ifconfig gif0 inet 192.168.2.170/24 192.168.2.171

171 setup

ifconfig gif0
ifconfig gif0 create
ifconfig gif0 tunnel 192.168.1.171 192.168.1.170
ifconfig gif0 inet 192.168.2.171/24 192.168.2.170

gre(8) encapsulation

170 setup

ifconfig gre0 create
ifconfig gre0 tunnel 192.168.1.170 192.168.1.171 inet 192.168.4.170 192.168.4.171
ifconfig gre0 tunnel 192.168.1.170 192.168.1.171
ifconfig gre0 inet 192.168.4.170 192.168.4.171

171 setup

ifconfig gre0 create
ifconfig gre0 tunnel 192.168.1.171 192.168.1.170
ifconfig gre0 inet 192.168.4.171 192.168.4.170

if_ipsec(8) encapsulation

170 setup

ifconfig ipsec0 destroy
ifconfig ipsec0 create reqid 100
ifconfig ipsec0 inet tunnel 192.168.1.171 192.168.1.170
ifconfig ipsec0 inet 192.168.5.171/24 192.168.5.170
setkey -c &lt;&lt;EOF
add 192.168.1.171 192.168.1.170 esp 10000 -m tunnel -u 100 -E rijndael-cbc "VerySecureKey!!1";
add 192.168.1.170 192.168.1.171 esp 10001 -m tunnel -u 100 -E rijndael-cbc "VerySecureKey!!2";
EOF

171 setup

ifconfig ipsec0 destroy
ifconfig ipsec0 create reqid 200
ifconfig ipsec0 inet tunnel 192.168.1.170 192.168.1.171
ifconfig ipsec0 inet 192.168.5.170/24 192.168.5.171
setkey -c &lt;&lt;EOF
add 192.168.1.171 192.168.1.170 esp 10000 -m tunnel -u 200 -E rijndael-cbc "VerySecureKey!!1";
add 192.168.1.170 192.168.1.171 esp 10001 -m tunnel -u 200 -E rijndael-cbc "VerySecureKey!!2";
EOF

On FreeBSD wireguard is implemented in go.

Software installation

Using freebsd, poudriere all done and running, repositories pointing the right ways, this is easy. All I have to do is a simple

$ sudo pkg install -y wireguard

This gifts me the installation of two packages, wireguard-go, the main thing and wireguard which does have the /usr/local/bin/wg command, but more importantly, it has the /usr/local/bin/wg-quick which takes a ... kind of simple config file and feeds it to wg.

Server Side

In /usr/local/etc/wireguard/server.conf on the server, I've got the following.

192.168.3.170 is the servers IP on the tun interface with the listed peers

[Interface]
PrivateKey = serverprivate
ListenPort = 51820
Address    = 192.168.3.170/32

[Peer]
PublicKey  = clientpublic
AllowedIPs = 192.168.3.171/32
PersistentKeepalive = 25

Client Side

Very similar to the server, in /usr/local/etc/wireguard/client.conf, and 192.168.3.171 is the clients IP in the wireguard tunnel.

[Interface]
PrivateKey = clientprivate
Address    = 192.168.3.171/32

[Peer]
PublicKey  = serverpublic
Endpoint   =  192.168.1.170:51820
AllowedIPs =  192.168.3.0/24
PersistentKeepalive = 25

192.168.1.170 is the IP of the listening server

Comments

comments powered by Disqus