===============================================================================
                              X-BONE 3.2 README
                          http://www.isi.edu/xbone/
                                xbone@isi.edu

                              $Revision: 1.21 $
                         $Date: 2005/04/27 20:59:42 $
===============================================================================

Index:
	X-BONE Project Overview

	X-BONE Components
	       Overlay Manager
	       Resource Daemon
	       Apache-SSL based GUI

	Global X-Bone

	Backward Compatibility

	Files included in this installation

	What's NOT included in this installation, and why

	Information and Bug Report

===============================================================================

>>> X-BONE Project Overview

    The X-Bone dynamically deploys and manages Internet overlays to reduce
    their configuration effort and increase network component sharing. X-Bone
    discovers, configures, and monitors network resources to create overlays
    over existing IP networks. Overlay networks are useful for deploying
    overlapping virtual networks on shared infrastructure and for virtualizing
    and simplifying network topology. 

    The following is a list of key features of X-Bone:
	> dynamic resource discovery with S/MIME-authenticated multicast
	> automatic overlay deployment
	> web GUI for easy overlay management
	> simultaneous participation in multiple overlays
	> two-layer IP in IP encapsulation
	> supports existing applications and unmodified routing, multicast,
	  and DNS services in unmodified operating systems
	> supports recursive overlays
	> supports secure overlays through IPsec

>>> X-BONE Components
   
    >>> Node Daemon (ND) 
    
        The Node Daemon is a unified daemon that can be configured to
        perform certain roles including Overlay Manager and Resource
        Daemon. (see http://www.isi.edu/xbone for definition),

	The Overlay Manager (OM) coodinates and deploys overlays on
	behalf of user requests.  Users access the OM via the GUI, and
	the OM contacts RDs on various hosts to request and configure
	the components. An X-Bone system requires at least one
	(currently usually only one) Node Daemon configured as an OM
	(use "daemon_type = meta" in the configuration file).

	The RD coordinates configuration of a single physical host to
	serve in one of three roles in the overlay that include
	"host", "router" and "node" (use "daemon_type = X" in the
	configuration file where X is host, router or node). "Host"
	and "router" roles are well defined. In the "node" role, the
	RD can configure the physical host to act as a "host" or a
	"router" depending on need. Note that the role, once
	configured, remains the same across all overlays that the
	physical host participates in.  Typically, at least one
	router, and one or more hosts are required to deploy
	'interesting' topologies.
	
	The Node Daemon has the built-in capability to
	recurse. However, this functionality is not yet available
	through the API.

    >>> Apache-SSL based GUI (GUI)

	The user controls the X-Bone via a web-based interface, currently 
	available only in Apache-SSL. The X-Bone installation configures an
	Apache-SSL server, and provides the appropriate X-Bone configuration
	web pages and scripts. At least one GUI is required per X-Bone system.

    *** NOTE - the Node Daemon and GUI can run on the same machine if
    *** desired.

>>> Global X-Bone 

	Global X-Bone Testbed is a shared world wide testbed that
	integrates isolated X-Bone deployments across the world. The
	integration is through a shared database of information that
	allows global discovery (global registry), communication
	(multiple certificate authorities), and access/resource
	control (shared ACLs). The Global X-Bone release of the X-Bone
	software includes support for a shared database based on LDAP 
	replication that combines fine grained control over 
	participation in the Global X-Bone network with ease of use.

	Global X-Bone is described in detail in Tridentcom 2005 Paper. 
	http://www.isi.edu/touch/pubs/tridentcom2005/

	Installation procedure is described in INSTALL
  
>>> Backward Compatibility

    >>> XBone 3.0 is incompatible with any previous XBone releases
    >>> because of different message formats and newly added X-Bone
    >>> API support.

>>> Files included in this installation: (${PREFIX}=/usr/local by default)

    >>> X-Bone executable files & library modules:

	The X-Bone is written completely in Perl (5.8.0 and above).  X-Bone
	files will be installed under ${PREFIX}/xbone by default, and the
	primary executables will also be linked in ${PREFIX}/bin.

    >>> Host configuration file for xb-node-daemon (RD): 
	${PREFIX}/etc/xbone/xbone.conf

    >>> Host persistent state file for xb-node-daemon: 
	/var/xbone/xbone.state

	This file will be generated automatically by Node Daemon
	during runtime, and will be used for crash recovery.

    >>> Man pages for X-Bone:

	A set of man pages will be installed under ${PREFIX}/man.

    >>> X-Bone GUI: (XML files & CGI scripts)

	The web pages and CGI scripts of the X-Bone GUI will be installed
	under ${PREFIX}/www/xbone by default. Note that Apache-SSL server is
	required, but not included with X-Bone distribution.

	An example of Apache-SSL configuration file (httpd.conf or httpsd.conf)
	is provided in ${PREFIX}/etc/xbone/apache-conf. Modify your existing
	httpsd.conf according to the example. Pay special attentions to the
	"XBone Section" at the end of the file.

    >>> DNS Server/Client Configuration files for X-Bone:

	Examples of forward & reverse zone files are provided as well as
	named.conf and resolv.conf in ${PREFIX}/etc/xbone/named-conf.
	You need to modify named.conf on the DNS server according to the
	example and your local DNS setup, and copy the zone files to the
	corresponding location. On the client side (RDs), you only need
	to add the line shown in the given resolv.conf example to the 
	beginning of the "nameserver" section of your /etc/resolv.conf.

    >>> Certificate Authority (CA) certificate:

	The CA certificate is installed automatically for both the Apache-SSL
	server and the X-Bone. But you do need to obtain host & user
	certificates manually after the installation to	run X-Bone. We 
	recommend placing these certificates in /usr/local/etc/xbone/cert. 
	Specify these paths when prompted during installation. 

>>> What's NOT included in this installation, and why:

    >>> Required ports, packages, and RPMs

	X-Bone requires a few other software packages. While all of these
	components are run as-is, some require specific configuration 
	options. See INSTALL and FAQ for details. When in doubt, contact
	the maintainers of the package that fails before contacting us. 

    >>> Modified / patched versions of network tools 

	That's because the X-Bone doesn't require such modifications. Unlike
	other VPN or overlay network solutions, the X-Bone is completely
	compatible with existing ping, traceroute, etc.

    >>> Host and User Certificates

	The X-Bone project maintains a Certification Authority (CA) that
	issues and signs X.509 certificates ONLY for collaborator of our
	project. If this is an independent installation, you will need
	to either setup your own certificatation authority (CA) (see the
	instructions in the OpenSSL package. (http://www.openssl.org)) or
	use a commercial service (e.g., Verisign).

>>> INFORMATION & BUG REPORT

    >>> Copyright Information:

	Please see COPYRIGHT or the copyright information at the beginning
	of any of the X-Bone program files.  

    >>> Problems & Bug Report

	Please submit your problem or bug report to <xbone@isi.edu>.

    >>> Other Information:

	For more information on the X-Bone programs, please read the man pages
	and other documentation of the X-Bone; or look directly at the Perl
	code of X-Bone.

	For more information of the X-Bone project, please visit our web site
	at http://www.isi.edu/xbone/ or email your question to <xbone@isi.edu>.

