# Final Working with fwmark set on the interface Configuration
REMOTE_KEY=6/CwH/gzz9jdKnxeVpWFivycFQMBkniLeBNFQq0+f04=
sudo wg set wg0 peer $REMOTE_KEY allowed-ips 0.0.0.0/0 persistent-keepalive 25 endpoint 54.227.102.183:41823
# This command enables the src_valid_mark functionality for all network interfaces. This is required for routing marked packets properly with WireGuard.
sudo sysctl -q net.ipv4.conf.all.src_valid_mark=1
# This command adds a rule to the routing policy database (RPDB) that says, "If a packet does not have the firewall mark 51820, look up the routing table 51820."
command: nexd --stun --username qaa9a7badf-df1b-11ed-9534-0022480a240b --password x6!GHS6g3TUyHH relay https://qa.nexodus.io
2023-04-20T02:12:13.738Z INFO nexd/main.go:128 Debug logging enabled
2023-04-20T02:12:13.738Z INFO nexd/main.go:68 Starting relay agent with wireguard driver
2023-04-20T02:12:13.742Z DEBUG nexodus/stun_linux.go:73 send to 64.233.186.127:19302: (0 bytes)
2023-04-20T02:12:13.911Z DEBUG nexodus/stun_linux.go:170 response from 64.233.186.127: (40 bytes)
2023-04-20T02:12:13.911Z DEBUG nexodus/stun_linux.go:66 reflexive binding is: 52.90.113.12:51820
2023-04-20T02:12:13.916Z DEBUG nexodus/stun_linux.go:73 send to 142.250.15.127:19302: (0 bytes)
2023-04-20T02:12:14.031Z DEBUG nexodus/stun_linux.go:170 response from 142.250.15.127: (40 bytes)
2023-04-20T02:12:14.031Z DEBUG nexodus/stun_linux.go:66 reflexive binding is: 52.90.113.12:51820
-
DescribeSecurityGroups: This endpoint allows you to retrieve information about one or more security groups, such as their IDs, names, descriptions, and associated VPCs.
-
CreateSecurityGroup: This endpoint allows you to create a new security group in a specified VPC. You can specify the name, description, and VPC ID for the new security group.
-
AuthorizeSecurityGroupIngress: This endpoint allows you to add inbound rules to a security group. You can specify the security group ID, IP protocol, port range, and the source of the traffic (e.g., an IP range, another security group, or a prefix list).
-
AuthorizeSecurityGroupEgress: This endpoint allows you to add outbound rules to a security group. You can specify the security group ID, IP protocol, port range, and the destination of the traffic (e.g., an IP range, another security group, or a prefix list).
-
RevokeSecurityGroupIngress: This endpoint allows you to remove inbound rules from a security group. You can specify th
package main | |
import ( | |
"flag" | |
"fmt" | |
"net" | |
"strconv" | |
"github.com/libp2p/go-reuseport" | |
"github.com/pion/stun" |
Disco Node Logs
2023-03-24T03:26:25.664Z DEBUG nexodus/wg-peers.go:186 Local Node Configuration - Wireguard IP [ 100.100.0.1 ]
2023-03-24T03:26:25.665Z INFO nexodus/wg-deploy.go:48 Peer setup complete
2023-03-24T03:26:50.656Z DEBUG nexodus/nexodus.go:349 Reconciling peers from relay state
2023-03-24T03:26:50.656Z DEBUG nexodus/nexodus.go:470 Reconciling peers from relay state
2023-03-24T03:27:20.656Z DEBUG nexodus/nexodus.go:349 Reconciling peers from relay state
2023-03-24T03:27:20.656Z DEBUG nexodus/nexodus.go:470 Reconciling peers from relay state
2023-03-24T03:27:50.660Z DEBUG nexodus/nexodus.go:349 Reconciling peers from relay state
[fedora@cluster2-gw1-ha1-iperf-axon ~]$ kubectl get pods --all-namespaces -o wide| grep iperf-server
default iperf-server-group1-7dfdb96bf7-jlfd2 1/1 Running 0 17h 10.80.2.3 cluster2-worker1-server-iperf-axon <none> <none>
default iperf-server-group2-84fc844565-gbklz 1/1 Running 0 17h 10.80.3.3 cluster2-worker2-server-iperf-axon <none> <none>
default iperf-server-group2-1-dc45d8fdf-jqfhf 1/1 Running 0 101s 10.80.3.5 cluster2-worker2-server-iperf-axon <none> <none>
default iperf-server-group2-3-78f77d675d-k6ddl 1/1 Running 0 70s 10.80.3.6 cluster2-worker2-server-iperf-axon <none> <none>
default iperf-server-group2-2-b9689dfd4-s7cwk 1/1 Running 0 69s 10.80.3.7 cluster2-worker2-server-iperf-axon <none>
ssh -i ./axon-perf-testing.pem fedora@34.238.122.79
[cluster1brokerNode]
34.238.122.79 ansible_user=fedora ansible_connection=ssh k8s_master=10.10.0.94 hostname=cluster1-ha1-iperf-node
############################################################################ | |
aws ec2 describe-instance-types --filters "Name=instance-type,Values=c5.*" --query "InstanceTypes[].[InstanceType, NetworkInfo.NetworkPerformance]" --output table | |
------------------------------------- | |
| DescribeInstanceTypes | | |
+--------------+--------------------+ | |
| c5.4xlarge | Up to 10 Gigabit | | |
| c5.xlarge | Up to 10 Gigabit | | |
| c5.12xlarge | 12 Gigabit | |