Note : (1) I am listing the instructions that I hope will combine the process of building MPLS and IPSEC. I have NOT tried this earlier. If this does not work, these need to be built separately, building the kernel and hte modules separately in each case. (2) As a first step, change the EXTRAREVISION in the /usr/src/linux Makefile, to reflect a new kernel and set of modules (3) MPLS needs to be built on ALL nodes in the MPLS network. IPSec needs to be built only on the gateways. Both of these need rebuilding the kernel. (4) iSCSI needs to be built only on the initiator and target. iSCSI does not need rebuidling the kernel. (5) Packages needed for this exercize mpls-linux-1.172.tar.gz iptables-1.2.7a.tar.bz2 freeswan-1.99.tar.gz ref18_10.tgz (The Inter Operability Lab's scsi client and target) Each of them needs to be untarred. The freeswan is untarred in /usr/src. The others can be untarred anywhere. In this document, the directory containing the freeswan-1.99 is referred to as the 'freeswan directory' and the mpls-linux-1.1 is referred to as the 'mpls directory'. (6) The linux source directory is assumed to be /usr/src/linux. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -uncompress/untar mpls-linux-1.172.tgz tar -zxvf mpls-linux-1.172.tgz -change directory to linux cd /usr/src/linux -patch Linux kernel for MPLS for Linux patch -p1 < DIRECTORY_CONTAINING_MPLS_SUBDIR/mpls-linux-1.172/patches/linux-kernel.diff cd /usr/src/linux (or whatevr the linux source directory is called) make clean make mrproper -configure Linux kernel to turn on MPLS (atleast the following) make menuconfig Standard config: Code maturity level options ---> [*] Prompt for development and/or incomplete code/drivers Networking options ---> [*] Multi Protocol Label Switching - MPLS For more advanced traffic mappings (in addition to Standard config): [*] Network packet filtering (replaces ipchains) IP: Netfilter Configuration ---> <*> IP tables support (required for filtering/masq/NAT) <*> Packet mangling <*> MPLS target support NOTE!!! You need to turn on "Multi Protocol Label Switching" before you'll see "MPLS target support". -compile and install kernel make dep ; make bzImage NOTE : IF you are NOT building IPSEC, (On the intermediate nodes in the network, yyou don't need to). make modules. IF you RE building IPSec, skip this step. the 'menugo' in Freeswan should take care of it (hopefully) (Leave the /usr/src/linux at this stage. cd to the freeswan directory IF YOU NEED to build IPSEC) =================== You are now inside the freeswan directory ================ make clean make menugo Select the following in the kernel configuration interface. In 'networking options' selec the 'ipsec' options (at the bottom of the list) After you save and exit, menugo will continue to build the modules. (Hence you did not do a 'make modules' earlier. Hopefully this should work. If not, you have to go back and 'make modules' in /usr/src/linux BEFORE beginnning to build freeswan make modules_install cp /usr/src/linux/arch/i386/bzImage into the /boot directory. rename it appropriately. Also, 'mkinitrd' another mkinitrd image using the new directory created under /lib/modules, for this version of the kernel. Make the appropriate entry in /etc/grub.conf. reboot. This should bring up the new kernel and modules containing MPLS and IPSec (where appropriate) =================== You are now leaving the freeswan directory =============== -change directory to mpls-linux-1.1xx/utils/ -compile mplsadm make (if you have problems compiling read README.1st.really) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Follow the instructions in 'steps_to_configure_ipsec' // DOTHIS Follow the instructions in a2l_lsp_setup_3hops . Change the IPAddresses accordingly Building iSCSI initiator and target untar ref18_10.tgz. compile common, initiator and target. Make sure to edit the Makefile to point to the right linux source directory (the KERNEL_DIR macro)