n2n最新地址https://github.com/ntop/n2n
下載安裝最新版安裝包

supernode超級節點

在/etc/n2n/supernode.conf添加端口，白名單或防火墻方向以下端口，其他edge節點就通過supernode的這個端口進行通訊

-p=1234

然后啟動服務并加入自啟動

systemctl enable --now supernode.service

edge邊緣節點

sudo edge -c mynetwork -r -n 10.131.31.0/24:179.10.10.5 -n 192.168.100.0/24:179.10.10.2 -n 10.0.25.0/24:179.10.10.15 -k liweilun123. -A4 -a 179.10.10.1 -f -l 1.1.1.1:59966 -c <community> | n2n community name the edge belongs to 表示n2n組網屬于那個集群 -r | enable packet forwarding through n2n community 表示允許數據包通過n2n網關傳遞 -n <cidr:gateway> | route an IPv4 network via the gateway, use 0.0.0.0/0 for| the default gateway, can be set multiple times 表示通過某個n2n節點作為網關進行訪問該ipv4網段，可以設置多個-n參數 -k <key> | encryption key (ASCII) - also N2N_KEY=<key> 表示加密密鑰值 -A1 | disable payload encryption, do not use with key, defaults| to AES then 表示加密方式，A1表示禁止加密，不添加A參數表示默認AES加密 -A2 ... -A5 | choose a cipher for payload encryption, requires a key,| -A2 = Twofish, -A3 = AES (default if key provided),| -A4 = ChaCha20, -A5 = Speck-CTR 表示四種加密方式，加密方式不一樣會導致延遲和帶寬的變化，同一community的edge節點的加密方式必須一致，否則無法解密數據導致無法通訊 -a [mode]<ip>[/n] | interface address and optional CIDR subnet, default '/24',| mode = [static|dhcp]:, for DHCP use '-r -a dhcp:0.0.0.0',| edge draws IP address from supernode if no '-a ...' given 表示edge節點的地址ip，可以是靜態或者由supernode進行dhcp。子網默認/24掩碼 -f | do not fork and run as a daemon, rather run in foreground 表示進程前臺運行，一般此參數用于測試或systemd service內 -l <host:port> | supernode ip address or name, and port 表示supernode的ip或域名和端口

查看n2n流量

[root@node7 ~]# sudo edge -c mynetwork -r -n 10.131.31.0/24:179.10.10.5 -n 192.168.100.0/24:179.10.10.2 -n 10.0.25.0/24:179.10.10.15 -k liweilun123. -A4 -a 179.10.10.1 -f -l 1.1.1.1:59966 15/Mar/2022 17:38:00 [edge.c:703] adding 10.131.31.0/24 via 179.10.10.5 15/Mar/2022 17:38:00 [edge.c:703] adding 192.168.100.0/24 via 179.10.10.2 15/Mar/2022 17:38:00 [edge.c:703] adding 10.0.25.0/24 via 179.10.10.15 15/Mar/2022 17:38:00 [edge_utils.c:3774] adding supernode = 1.1.1.1:59966 15/Mar/2022 17:38:00 [edge.c:1085] starting n2n edge 3.0.0 Oct 27 2021 19:04:56 15/Mar/2022 17:38:00 [edge.c:1091] using compression: none. 15/Mar/2022 17:38:00 [edge.c:1092] using ChaCha20 cipher. 15/Mar/2022 17:38:00 [edge_utils.c:392] number of supernodes in the list: 1 15/Mar/2022 17:38:00 [edge_utils.c:394] supernode 0 => 1.1.1.1:59966 15/Mar/2022 17:38:00 [edge_utils.c:483] successfully created resolver thread 15/Mar/2022 17:38:00 [edge.c:1116] use manually set IP address 15/Mar/2022 17:38:00 [edge.c:1231] created local tap device IP: 179.10.10.1, Mask: 255.255.255.0, MAC: DE:50:1A:A2:93:FB 15/Mar/2022 17:38:00 [edge.c:1298] WARNING: n2n has not been compiled with libcap-dev; some commands may fail 15/Mar/2022 17:38:00 [edge.c:1303] dropping privileges to uid=997, gid=993 15/Mar/2022 17:38:00 [edge.c:1329] edge started 15/Mar/2022 17:38:00 [edge_utils.c:1132] successfully joined multicast group 224.0.0.68:1968 15/Mar/2022 17:38:00 [edge_utils.c:2730] [OK] edge <<< ================ >>> supernode 16/Mar/2022 09:17:58 [edge_utils.c:1541] WARNING: supernode not responding, now trying [120.24.26.24:59966] ^C16/Mar/2022 12:27:30 [edge.c:959] shutting down... 16/Mar/2022 12:27:30 [edge_utils.c:3001] ********************************** 16/Mar/2022 12:27:30 [edge_utils.c:3002] Packet stats: 16/Mar/2022 12:27:30 [edge_utils.c:3003] TX P2P: 0 pkts 16/Mar/2022 12:27:30 [edge_utils.c:3004] RX P2P: 0 pkts 16/Mar/2022 12:27:30 [edge_utils.c:3005] TX Supernode: 38 pkts (9 broadcast) 16/Mar/2022 12:27:30 [edge_utils.c:3006] RX Supernode: 21 pkts (2 broadcast) 16/Mar/2022 12:27:30 [edge_utils.c:3007] **********************************

edge節點關閉n2n組網進程時會分別統計p2p直連和supernode轉發的tx和rx流量。這里顯示p2p為0，證明是邊緣節點之間的流量通訊只走了supernode的轉發，打洞失敗。

總結

以上是生活随笔為你收集整理的n2n打洞的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。