Projecte

General

Perfil

Tasks » Historial » Versió 9

Pau Escrich, 02-08-2012 20:18

1 1 Pau Escrich
h1. Tasks
2
3
h2. IPv6
4 2 Pau Escrich
5 1 Pau Escrich
Right now qMp is using IPv6 ULA between the mesh nodes as main IP protocol.
6 6 Axel Neumann
However clients can only get IPv4 address (by DHCP). 
7 1 Pau Escrich
8 6 Axel Neumann
A) The first step of this task is to give IPv6 ULA to end users (by radvd announcements)
9 1 Pau Escrich
10 6 Axel Neumann
B) Another needed point is all related with IPv6 public addresses. 
11
   A Gateway node can get an IPv6 network range from its ISP.
12
   When another node wants to use this node as gateway, it ask for an available IPv6 range using AHCP.
13
   Then configure it to some interface (br-lan?) and give public IPv6 addresses to end users (by radvd announements)
14
15 1 Pau Escrich
16
h2. smsfs
17
18
The bmx6 sms is a cool feature which permits to send small messages (represented as files) to all nodes of the network. 
19 6 Axel Neumann
However there is a restriction of XXX bytes per file (or message). 
20 1 Pau Escrich
21 6 Axel Neumann
A) A nice approach would be to create an abstraction layer of this sms feature, something like sms filesystem. 
22
   Then if the maximum size is M and the file size is N (where N > M). 
23
   The file is splited in X parts ( X = N/M ). Also gzip encryption can be used to minimize the network overhead.
24 3 Pau Escrich
25 7 Axel Neumann
B) Alternative approach is to have a rsync-based daemon which uses sms feature only to exchange md5 or sha2 sums
26
   of directories or files and automatically update/sync these with neighbors and other nodes.
27
28
C) Alternative approach is to refactor BMX6 to handle non-atomic descriptions (enable descriptions to be fragmented over multiple packets).
29 1 Pau Escrich
   That would scale much better and solve the above restriction from the root.
30 6 Axel Neumann
31 7 Axel Neumann
D) The fuse module may be used to provide an userspace-transparent filesystem.
32 1 Pau Escrich
   There exist a LUA API for fuse (flu): http://piratery.net/flu/index.html http://hg.piratery.net/flu/overview
33
34
h2. Centralized control
35
36 7 Axel Neumann
System to control all nodes from the network is needed. 
37
38
A) Maybe the SMS plugin can be used to broadcast the commands.
39
40
B) Some security must be implemented too (node A can get instructions from B but not from C).
41
42
C) If security is not ignored I would concentrate on an ssh based approach.
43 1 Pau Escrich
   If its simple, the ssh layer can later still be replaced with a future-secure-sms version.
44 7 Axel Neumann
   Advantage would be to be reusable for other systems and have no dependencies on BMX6
45
46 9 Pau Escrich
D) A VPN between qMp nodes is needed to be able to manage them in remote. Tinc seems the best option.
47 1 Pau Escrich
48
h2. Statistics
49
50 9 Pau Escrich
There are several statistics systems integrated in OpenWRT (like collectd). But they seems to be too heavy for us kind of devices.
51
The statistics must be recollected in a central server (in the internet or in the mesh). It can be done using ftp for instance or snmp. 
52
However firewalls can easy block this kind of trafic. 
53
A quick idea is to develop an statistics system based on ICMP packages. The clients each N seconds get the data, encapsulate it in a ICMP packet and send it to the central server.
54
55
Any idea is welcome!
56
57 1 Pau Escrich
h2. WPA2 + ADHOC
58
59 9 Pau Escrich
Support for WPA2 encryption is now possible thanks to IBSS_RSN. Mac80211 (ath5k/ath9k) has support for it in OpenWRT trunk.
60
Some characteristics are:
61
62
- Broadcast messages are encrypted used the common shared key
63
64
- Unicast messages are encrypted using a uniq private token between the nodes
65
66
- It is managed by hostapd and wpa_supplicant (or wpad in OpenWRT)
67
68
It is very interesting for QMP to secure the backbone mesh network.
69
70 1 Pau Escrich
h2. Iptables Proxy
71 9 Pau Escrich
72
The current qMp version is using tinyproxy for captive portal task (or splash screen). However it consumes too much CPU, each new client is a new fork so it does not scale.
73
A Splash Screen based just on Iptables and a small webserver (uhttpd included in qMp) is possible.
74 1 Pau Escrich
75
h2. bmx6 health daemon
76 6 Axel Neumann
77
 See: http://qmp.cat/issues/155
78 8 Axel Neumann
79
h2. BMX6/SMS MDNS/Avahi plugin
80
81
Avahi (aka Bonjour) is a protocol to announce and share local services within a local network.
82
This way, home computers connected to the same ethernet link can instantly chat or use each others Multimedia repositories, playlists, streaming.
83
Therefore each computer announces its services using multicast messages.
84
85
The goal is to extend this local service announcements over the mesh network.
86
87
The approach is that a mesh router connected to the same link can capture these messages and encapsulate the content in a bmx6 sms message
88
to be propagated to all other routers in a mesh network.
89
An other mesh router finally receives this (avahi) service-advertisement sms, decapsulates the content, and retransmits it on its local ethernet/AP network to all home computers/notebnooks.
90
Read more about this (for olsr) here: http://zioproto.ninux.org/wordpress/2009/04/04/olsrd-mdns-plugin/
91
92
93