Tasks » Historial » Versió 9
Pau Escrich, 02-08-2012 20:18
1 | 1 | Pau Escrich | h1. Tasks |
---|---|---|---|
2 | |||
3 | h2. IPv6 |
||
4 | 2 | Pau Escrich | |
5 | 1 | Pau Escrich | Right now qMp is using IPv6 ULA between the mesh nodes as main IP protocol. |
6 | 6 | Axel Neumann | However clients can only get IPv4 address (by DHCP). |
7 | 1 | Pau Escrich | |
8 | 6 | Axel Neumann | A) The first step of this task is to give IPv6 ULA to end users (by radvd announcements) |
9 | 1 | Pau Escrich | |
10 | 6 | Axel Neumann | B) Another needed point is all related with IPv6 public addresses. |
11 | A Gateway node can get an IPv6 network range from its ISP. |
||
12 | When another node wants to use this node as gateway, it ask for an available IPv6 range using AHCP. |
||
13 | Then configure it to some interface (br-lan?) and give public IPv6 addresses to end users (by radvd announements) |
||
14 | |||
15 | 1 | Pau Escrich | |
16 | h2. smsfs |
||
17 | |||
18 | The bmx6 sms is a cool feature which permits to send small messages (represented as files) to all nodes of the network. |
||
19 | 6 | Axel Neumann | However there is a restriction of XXX bytes per file (or message). |
20 | 1 | Pau Escrich | |
21 | 6 | Axel Neumann | A) A nice approach would be to create an abstraction layer of this sms feature, something like sms filesystem. |
22 | Then if the maximum size is M and the file size is N (where N > M). |
||
23 | The file is splited in X parts ( X = N/M ). Also gzip encryption can be used to minimize the network overhead. |
||
24 | 3 | Pau Escrich | |
25 | 7 | Axel Neumann | B) Alternative approach is to have a rsync-based daemon which uses sms feature only to exchange md5 or sha2 sums |
26 | of directories or files and automatically update/sync these with neighbors and other nodes. |
||
27 | |||
28 | C) Alternative approach is to refactor BMX6 to handle non-atomic descriptions (enable descriptions to be fragmented over multiple packets). |
||
29 | 1 | Pau Escrich | That would scale much better and solve the above restriction from the root. |
30 | 6 | Axel Neumann | |
31 | 7 | Axel Neumann | D) The fuse module may be used to provide an userspace-transparent filesystem. |
32 | 1 | Pau Escrich | There exist a LUA API for fuse (flu): http://piratery.net/flu/index.html http://hg.piratery.net/flu/overview |
33 | |||
34 | h2. Centralized control |
||
35 | |||
36 | 7 | Axel Neumann | System to control all nodes from the network is needed. |
37 | |||
38 | A) Maybe the SMS plugin can be used to broadcast the commands. |
||
39 | |||
40 | B) Some security must be implemented too (node A can get instructions from B but not from C). |
||
41 | |||
42 | C) If security is not ignored I would concentrate on an ssh based approach. |
||
43 | 1 | Pau Escrich | If its simple, the ssh layer can later still be replaced with a future-secure-sms version. |
44 | 7 | Axel Neumann | Advantage would be to be reusable for other systems and have no dependencies on BMX6 |
45 | |||
46 | 9 | Pau Escrich | D) A VPN between qMp nodes is needed to be able to manage them in remote. Tinc seems the best option. |
47 | 1 | Pau Escrich | |
48 | h2. Statistics |
||
49 | |||
50 | 9 | Pau Escrich | There are several statistics systems integrated in OpenWRT (like collectd). But they seems to be too heavy for us kind of devices. |
51 | The statistics must be recollected in a central server (in the internet or in the mesh). It can be done using ftp for instance or snmp. |
||
52 | However firewalls can easy block this kind of trafic. |
||
53 | A quick idea is to develop an statistics system based on ICMP packages. The clients each N seconds get the data, encapsulate it in a ICMP packet and send it to the central server. |
||
54 | |||
55 | Any idea is welcome! |
||
56 | |||
57 | 1 | Pau Escrich | h2. WPA2 + ADHOC |
58 | |||
59 | 9 | Pau Escrich | Support for WPA2 encryption is now possible thanks to IBSS_RSN. Mac80211 (ath5k/ath9k) has support for it in OpenWRT trunk. |
60 | Some characteristics are: |
||
61 | |||
62 | - Broadcast messages are encrypted used the common shared key |
||
63 | |||
64 | - Unicast messages are encrypted using a uniq private token between the nodes |
||
65 | |||
66 | - It is managed by hostapd and wpa_supplicant (or wpad in OpenWRT) |
||
67 | |||
68 | It is very interesting for QMP to secure the backbone mesh network. |
||
69 | |||
70 | 1 | Pau Escrich | h2. Iptables Proxy |
71 | 9 | Pau Escrich | |
72 | The current qMp version is using tinyproxy for captive portal task (or splash screen). However it consumes too much CPU, each new client is a new fork so it does not scale. |
||
73 | A Splash Screen based just on Iptables and a small webserver (uhttpd included in qMp) is possible. |
||
74 | 1 | Pau Escrich | |
75 | h2. bmx6 health daemon |
||
76 | 6 | Axel Neumann | |
77 | See: http://qmp.cat/issues/155 |
||
78 | 8 | Axel Neumann | |
79 | h2. BMX6/SMS MDNS/Avahi plugin |
||
80 | |||
81 | Avahi (aka Bonjour) is a protocol to announce and share local services within a local network. |
||
82 | This way, home computers connected to the same ethernet link can instantly chat or use each others Multimedia repositories, playlists, streaming. |
||
83 | Therefore each computer announces its services using multicast messages. |
||
84 | |||
85 | The goal is to extend this local service announcements over the mesh network. |
||
86 | |||
87 | The approach is that a mesh router connected to the same link can capture these messages and encapsulate the content in a bmx6 sms message |
||
88 | to be propagated to all other routers in a mesh network. |
||
89 | An other mesh router finally receives this (avahi) service-advertisement sms, decapsulates the content, and retransmits it on its local ethernet/AP network to all home computers/notebnooks. |
||
90 | Read more about this (for olsr) here: http://zioproto.ninux.org/wordpress/2009/04/04/olsrd-mdns-plugin/ |
||
91 | |||
92 | |||
93 |