使用n2n搭建局域网

闲着无聊，趁双十一在某云和某云便宜买了3台服务器，写了一个小程序，后端正好部署在上面。后端服务部署之后，就想搭个CAT的监控，有问题也能及时发现。CAT正常是使用在一个局域网里，配置上都是内网ip，几台服务器都是带公网ip的，倒也能配置成功，但用一个内网ip的话，配置起来会更方便。然后就想，能不能在几个服务器之间搭一个私有的局域网呢？

网上搜了一下，发现比较多的使用ngrok、frp，也有n2n，frp自己在梅林上用过，ngrok看文档跟frp比较相似，都是用来做内网穿透的，跟我的需求不太相符，看n2n的文档应该是我需要的。

1、先把源码下载下来，需要自己编译安装

sudo yum install gcc openssl-devel
make
sudo make install

编译的时候可能缺少lib，我用的是centos，yum安装即可
2、在每台服务器上安装完成后，首先选一台机器，启动一个超级节点

supernode -l 7777 -v

-l指定监听的端口，-v展示详细的信息，方便调试。这里还有个-f参数，应该是前台运行，但默认就是前台
3、然后启动子节点

sudo edge -d n2n0 -c n2n -k password -a 192.168.1.101 -l 1.2.3.4:7777

-k指定一个密码，在所有子节点上都是一样的，-a指定本机的ip，-l指定超级节点的ip和监听的端口，其他的参数可以看着用
通过ifconfig查看，发现多了一个网络设备

n2n0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1400
        inet 192.168.1.101  netmask 255.255.255.0  broadcast 192.168.1.255
        ether 9a:2a:a2:54:bf:e6  txqueuelen 1000  (Ethernet)
        RX packets 166  bytes 9604 (9.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1794  bytes 143340 (139.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

edge的参数

[root@bj2 ~]# edge -h
Welcome to n2n v.2.4 for x86_64
Built on Dec  2 2018 14:50:17
Copyright 2007-18 - ntop.org and contributors

edge <config file> (see edge.conf)
or
edge -d <tun device> -a [static:|dhcp:]<tun IP address> -c <community> [-k <encrypt key> | -K <key file>]
    [-s <netmask>] [-u <uid> -g <gid>][-f][-m <MAC address>] -l <supernode host:port>
    [-p <local port>] [-M <mtu>] [-r] [-E] [-v] [-t <mgmt port>] [-b] [-h]

-d <tun device>          | tun device name
-a <mode:address>        | Set interface address. For DHCP use '-r -a dhcp:0.0.0.0'
-c <community>           | n2n community name the edge belongs to.
-k <encrypt key>         | Encryption key (ASCII) - also N2N_KEY=<encrypt key>. Not with -K.
-K <key file>            | Specify a key schedule file to load. Not with -k.
-s <netmask>             | Edge interface netmask in dotted decimal notation (255.255.255.0).
-l <supernode host:port> | Supernode IP:port
-b                       | Periodically resolve supernode IP
                         | (when supernodes are running on dynamic IPs)
-p <local port>          | Fixed local UDP port.
-u <UID>                 | User ID (numeric) to use when privileges are dropped.
-g <GID>                 | Group ID (numeric) to use when privileges are dropped.
-f                       | Do not fork and run as a daemon; rather run in foreground.
-m <MAC address>         | Fix MAC address for the TAP interface (otherwise it may be random)
                         | eg. -m 01:02:03:04:05:06
-M <mtu>                 | Specify n2n MTU of edge interface (default 1400).
-r                       | Enable packet forwarding through n2n community.
-E                       | Accept multicast MAC addresses (default=drop).
-v                       | Make more verbose. Repeat as required.
-t <port>                | Management UDP Port (for multiple edges on a machine).

Environment variables:
  N2N_KEY                | Encryption key (ASCII). Not with -K or -k.

在几台服务器分别启动子节点，整个局域网就搭建好了。需要注意的是，子节点启动之后，互相ping可能不会马上通，稍等一会就好了。还要注意服务器后台的防火墙，不要拦截了端口。