Difference between revisions of "Mesh/Technical Overview"

no edit summary
(stale)
Line 14: Line 14:
Our mesh has two types of nodes: Home nodes and extender nodes.
Our mesh has two types of nodes: Home nodes and extender nodes.


The home nodes run the full sudowrt firmware and on its own a bunch of home nodes will make up a fine mesh network. The home node is a normal five-ethernet-port indoor wifi router. An extender node runs a minimal firmware and does nothing on its own. Instead, the extender node basically acts as extra radios when plugged in to a home node. The node operator can put a home node in e.g. their living room and if they later decide they want a high speed directional link to a neighbour then they can put e.g. a Nanobridge M5 running the extender node firmware on their roof and connect it via ethernet to the home node. Or they could put a Nanostation M2 pointed out their window and extend the signal further out into the street or to nearby neighbours. Each extender node extends all three networks (explained in the next section).
The home nodes run the full sudowrt firmware and a network of only home nodes can make a functioning mesh network if they are within 200 meters and LOS of each other. The home node is a normal five-ethernet-port indoor wifi router. An extender node runs a minimal firmware and does nothing on its own. Instead, the extender node basically acts as an extra radio and extends the networks reach when plugged in to a home node.  
The node operator can choose to put a home node in e.g. their living room and if they decide they want a high speed directional link to a neighbour then they can put e.g. a Nanobridge M5 running the extender node firmware on their roof and connect it via ethernet to the home node. Or they could put a Nanostation M2 pointed out of their window and extend the signal further out into the street or to nearby neighbours. Each extender node extends all three networks (explained in the next section).


For home nodes we are currently only officially supporting the [http://www.tp-link.us/products/details/cat-9_TL-WDR3600.html TP-Link TL-WDR3600]. We are not planning to support anything else for the time being, though if you have a good reason please let us know. For extender nodes we are currently supporting the Ubiquiti Nanobridge M series and the Ubiquiti Nanostation M series.
For home nodes we are currently supporting the following [https://sudoroom.org/wiki/Mesh/WalkThrough#Download.2FBuild hardware]. We are not planning to support anything else for the time being, though if you have a good reason please let us know. For extender nodes we are currently supporting the Ubiquiti M series [https://sudoroom.org/wiki/Mesh/Flashing_extender_nodes#Flash_the_Extender_Node routers].


The mesh is made up mostly of wifi routers using Atheros chipsets and running [https://github.com/sudomesh/sudowrt-firmware our own firmware] based on [http://openwrt.org/ OpenWRT], [http://www.pps.univ-paris-diderot.fr/~jch/software/babel/ Babel] and wlan slovenja's [https://github.com/sudomesh/tunneldigger tunneldigger].  
The mesh is made up mostly of wifi routers using Atheros chipsets and running [https://github.com/sudomesh/sudowrt-firmware our own firmware] based on [http://openwrt.org/ OpenWRT], [http://www.pps.univ-paris-diderot.fr/~jch/software/babel/ Babel] and wlan slovenja's [https://github.com/sudomesh/tunneldigger tunneldigger].  
Line 27: Line 28:


* The Open network with SSID peoplesopen.net is an open access point. Most people will use the network by connecting to this.
* The Open network with SSID peoplesopen.net is an open access point. Most people will use the network by connecting to this.
* The Mesh network with SSID pplsopen.net-node2node is an ad-hoc network that the nodes use to mesh with each other using Babel
* The Mesh network with SSID pplsopen.net-node2node is an ad-hoc network that the nodes use to mesh with each other using the Babel mesh protocol.
* A private wifi network that is named by the node owner (or a name is generated) and uses WPA2-PSK.
* A private wifi network SSID that is named by the node owner (or a name is generated by makenode) and uses WPA2-PSK.


All three of these networks are available on both 2.4 and 5 GHz on the home node. They are also all three available on any extender nodes plugged in to the home node. The three different networks are extended over a single ethernet cable using VLANs.
All three of these networks are available on both 2.4 and 5 GHz on the home node. They are also all three available on any extender nodes plugged in to the home node. The three different networks are extended over a single ethernet cable using VLANs.
Line 84: Line 85:
One of our medium-term goals is to be able to sell nodes on our website and minimize the amount of work required to re-flash/configure the nodes and provide documentation for the user. To facilitate this, our current process for new nodes is:
One of our medium-term goals is to be able to sell nodes on our website and minimize the amount of work required to re-flash/configure the nodes and provide documentation for the user. To facilitate this, our current process for new nodes is:


* A new node is flashed either automatically (using e.g. [https://github.com/sudomesh/ubiquiti-flasher ubiquiti-flasher] or [https://github.com/sudomesh/merakiflasher merakiflasher]) or manually with your own tools and the [https://github.com/sudomesh/sudowrt-firmware sudowrt] firmware.
* A new node is flashed manually with the [https://github.com/sudomesh/sudowrt-firmware sudowrt] firmware.
* The node is then configured by a sudo mesh volunteer using our [https://github.com/sudomesh/makenode makenode] software.
* The node is then configured by a sudo mesh volunteer using our [https://github.com/sudomesh/makenode makenode] software.
* makenode generates SSH keys, SSH root password, web admin password and private wifi password, then it configures the node, saves the info in the [https://github.com/sudomesh/node-database node database] and shuts down the node.
* Makenode generates SSH keys, a SSH root password, a web admin password and a private wifi password. Then it configures the node, saves the info in the [https://github.com/sudomesh/node-database node database] and shuts down the node.
* makenode then automatically [https://github.com/sudomesh/ql570 prints a sticker] containing some basic info including wifi and web admin passwords.
* Makenode then automatically [https://github.com/sudomesh/ql570 prints a sticker] containing some basic info including wifi and web admin passwords.
* The sudo mesh volunteer attaches the sticker to the nodes power supply and puts the node back in the box with a set of instructions for how to install and use the node.
* The sudo mesh volunteer attaches the sticker to the nodes power supply and puts the node back in the box with a set of instructions for how to install and use the node.
* The node is shipped to the new node owner!
* The node is shipped to the new node owner!
Line 95: Line 96:
All nodes set up by sudo mesh automatically allow root access using an SSH key held by a few trusted sudo mesh organizers. This is to allow us to update the firmware and troubleshoot network issues. We inform node-owners of this fact and tell them how to prevent sudo mesh from accessing their nodes, but also indicate that they should be ready to manage their own node if they choose to do this.
All nodes set up by sudo mesh automatically allow root access using an SSH key held by a few trusted sudo mesh organizers. This is to allow us to update the firmware and troubleshoot network issues. We inform node-owners of this fact and tell them how to prevent sudo mesh from accessing their nodes, but also indicate that they should be ready to manage their own node if they choose to do this.


We don't yet have a solution for node monitoring but we're expecting to use the new version of wlan slovenja's nodewatcher software.
== Node Monitoring ==


We don't yet have an automatic update solution in place, but we are looking at the software used by Gluon. The Gluon update system is centralized but in the long term we would like to have a decentralized system that works something like this:
Currently, the peoples open network can be monitored in real time with an [https://peoplesopen.herokuapp.com heroku app]
Our exit nodes communicate to this URL using a monitor.sh script. This relays information about the number of active routes and number of active gateways. If the exit node doesn't check-in for longer than 2 minutes, it is assumed to be down.


* Any number of node-updater servers announce themselves on the mesh and whether or not an update is available.
* The nodes run a future version of mdnssd-min as a daemon that keeps a currently list of node-updaters.
* Once every N hours +/- a random factor, if any node-updaters have updates available, all nodes connect to a randomly chosen node-updater and request an update.
* The node-updaters send the nodes an ipk file with the update and the nodes check the signature and install it if it's signed by a trusted authority.


==Detailed Documentation==
==Detailed Documentation==