Turn-key Mesh Routing Access Point

IPSection writes "LocustWorld announces the release of MeshAP-05. This is a test release of a bootable CD which turns a single board computer or laptop into a mesh node and access point. Clients can sign on to the network, cells communicate to form a robust, dynamic, compressed and encrypted mesh network. This is a prototype release intended for the widest possible test. Feedback is encouraged." There are several interesting things on this site, actually -- check out the Swarm Chip.

Definitions would be helpful... [w/site mirror!]

[SlashChick]

First of all, here's the full text, since it already seems to be Slashdotted:

"Version 5 of the mesh-AP is a bootable CD which is designed for either SBC systems like the "seahorse" and "starfish" but will work in many laptops and desktop systems. Simply boot the CD and place a wi-fi card in the machine. Driver support for multiple ethernet cards and multiple wi-fi cards. The system contains multiple protocols, assigning dhcp addresses to standard wifi clients at each "cell" cells communicate via mesh routing and form a robust self organising, compressed and encrypted network. There is a DNS proxy and HTTP proxy on each cell and IP is also gatewayed using NAT. See the enclosed word document on the CD for more information. This is a testing release, not suitable for production use, feedback is welcomed and development is ongoing. Requires 64mb of ram, zero harddisk space required. (UPDATED: Several fixes + full gateway discovery and repair)"

Now, for those of us who don't work with wireless networking on a daily basis, does someone care to explain the potential applications of this? Why is it useful? What can someone do with this?

And, finally, a note to the LocustWorld admins: The fact that your site is Slashdotted already should be a good indication of why not to use PHP-Nuke, eh? At first glance, I can't even tell whether this is a Slashdot-like news site or a corporate site. And if it's a corporate site, why do you have a poll on your front page? Since the site crashed, I can't even hit the mission statement.

Re:Definitions would be helpful... [w/site mirror!

[edrugtrader]

too many words, i'll make it simple

BORG!

anyways, if you are a php developer, go here
WE ARE HIRING A DEVELOPER IN SUNNYVALE

Campus ?

[penguin_punk]

Can you just imagine 300 Dorm students with their own ad-hoc p2p network? It's too bad that the site's /.-ed, but I think a working application for this would be p2p networking within close proximity like a large University where the majority of the 'web' would be located around dorms, but several 'access points' on the outside of the larger hubs could connect local residents. Possible extending the network across town.

I'd hate to be the only sap between two large dorms - you'd be the gateway and could say good-bye to any bandwidth for yourself.

Damnit! Get that site back on-line. I'd love to test ths sucker out.

Re:Definitions would be helpful... [w/site mirror!

[mossmann]

The reason this is useful is that it allows a group of (perhaps constantly changing) network nodes to form a big cohesive network. It sounds like it creates isolated layer 2 cells and builds a single layer 3 network out of the cells, which I believe is what the Linksys WET11 does.

Compare this to the coherent layer 2 network which can be created with Spanning Tree Protocol by using OpenAP like these guys do.

Most WiFi access points do not support a mesh topology, but only support hub and spoke. With hub and spoke, you can only connect to the network if you have line of sight to a hub, but with a mesh network, you can connect via any other network node. Mmmmmmm. . .

Perhaps someone who actually got through the slashdotting can comment on the other features (compression, encryption, proxying, etc.)

Re:Definitions would be helpful... [w/site mirror!

[Nyarly]

First off: completely agree about PHP-Nuke. Besides, about 30% of securityfocus traffic relates to PHP-Nuke. Why would you want the hassle?

Why is this useful? The current state of affairs in the 802.11 world is that there are dozens of devices that have vague analogs in the wired networking world, but none of those analogies are perfect. Basically, you have the following classes of device:

• WLAN cards. Oronoco cards and the like. You one in a desktop box and it gets wireless ethernet capability. Can either talk to other WLAN cards (in what's called an ad-hoc network) or to a wireless access point. Basically like a NIC, except NICs don't try to plug themselves into hubs or other NICs. And the situation of connecting directly to another box using a crossover cable is usually viewed as a degenerate case; ad-hoc networks are completely legit and workable.
• Wireless Access Points are devices designed to allow WLAN cards to talk to a wired network. If there's an AP available, WLAN cards will break out of ad-hoc mode (where everyone talks to everyone) and switch to an associated mode, where they only talk to their AP. Ideally this is the AP with the best signal strength - but not always.
• Wireless Bridges are designed to allow a wired network participate in a wireless network.

Anyone who need this explaination probably just went "What!? But there's already a device to connect wireless networks to wired networks!" Ah, would that it were so. As much as AP's resemble wired switches, they're not.

Wired networks are true undirected graphs. Wireless networks are heirarchal and difficult. Repeaters exist, but they're usually a bad idea, because you take huge hits to throughput.

Now, mesh wireless takes care of all that. Got a spot that's a little dim? Plop down a mesh point, it integrates into the network and you're nice and bright there now. Couldn't be easier, and is a whole lot more like a wired ethernet with the wires taken away, as opposed to the completely different animal that non-mesh wireless is.

Short form: wireless is obnoxious even if the results are cool. Mesh wireless is gorgeous, and the results are cooler.

Advanced wireless networking

[PureFiction]

There are a number of other interesting wireless projects which provide some cool / usefull features to 802.11 wifi networks:

NoCat Networks which implement QoS controls on user traffic giving priority to authenticated users.

Janus Wireless is working to improve mobile IP connectivity and integrated peer network services

IRIS which was mentioned recently and is perfectly suited for integration itno wireless networks for large amounts of reliable, distributed data storage.

MIT's GRID routing project which is probably the most similar.

The really cool uses will come when the integrated peer network / wireless network applications become popular an tandem with pervasive 802.11 deployment in homes and offices.

The problem is . .

[GlassUser]

The problem is that the nodes seem to need to be in contact with each other, eg, one NIC per node, and you must be on the same channel as all the other nodes. While certainly useful, it seems to require a relatively high density.

http://www.houstonwireless.org/ and http://www.seattlewireless.org/ appear to be working on systems that work better in multihomed intelligently routed (well, assigned by a person and not guessed at by a machine - which is better may be up for debate) environments. Much less density is required in these types of situations, but near-universal is definately not guaranteed.

I'd like to see first, if this system can support multiple wireless nics, and second, how it behaves in a large scale setting. Second B, how does it work if you have a few directional antennae pointed at each other? The way most meshes appear to get around this is to set client-serving nodes in AP mode, and use ad-hoc for directional (routing) links.

This definately has promise.

Details about how it works:

[osolemirnix]

can be found in the Mesh AP Documentation.
Essentially all nodes that have an internet connection on eth0 broadcast the fact that they are a gateway into the real internet. This model extends by hops, out into the WIFI mesh network.
So all the system does, is route you to the internet via a path with the fewest hops. It does not provide interconnectivity between WIFI nodes themselves at all (they are all NATed). It does not provide a handover from one cell to the next as you move, so it just works for stationary nodes. It just offers a multi-hop VPN to the nearest AP with a "real" internet connection, adding a NAT layer with every hop out.
This is pretty cool, but still a far cry away from spontaneous self-organizing WIFI-only networks, where there is no "root gateway" and no hierarchy as in this case (which is one of the problems).

A short excerpt from the doc before it gets slashdotted:

The software provided, the "Mesh AP", is designed to be run on a node, eg a system designed to serve others. It has the dual purpose of also connecting in to the network. So even if you are just a repeater and using the software to reach the Internet, you are also providing an extension to the mesh and a standard DHCP cell for any non-mesh clients which wish to sign on.

The software boots, it then allocates itself an address, typically in the 10.x.x.x range. Initially the allocated address is random.

Then, it attempts to find an internet gateway, first probing 192.168.1.1/255.255.128.0 and then using a DHCP client on the Ethernet interface to try to sign on to a gateway. If no gateway can be found, the software considers that it has only wireless links and is a repeater-cell.

The cell starts an internal dns server and transparent web proxy on port 80 and 8080, a dhcp server is also started an a random class C network is picked in the range 192.168.128.0/255.255.128.0

Clients connecting to the dhcp cell are pointed to the wireless interface for default gateway and dns server. The dns server running on the repeater always returns the address of the gateway, no matter what domain name is resolved.

At this point, the node still cannot serve clients, but it will sign them on.

Meanwhile, the kernel AODV(11) module is loaded and the node then finds neighbour cells in its local range by sending/receiving UDP packets to the broadcast address.

Any cells within the mesh which are gateways, periodically broadcast a route to a bogus address which implies an internet gateway. This route is repeated outwards in a "ring" fashion as per the AODV protocol.

Any cell without a gateway receiving this address then attempts to establish a compressed encrypted IP-tunnel VPN via the "vtund" package. Compression uses LZO and encryption is blowfish. (ip ranges 172.16.x.x)

This IP tunnel could be over multiple hops to the destination gateway, AODV handles the optimised routing between linked cells. Eg, multi-hop routes eg.

The cell then switches all its outbound dns and ip traffic to go via this VPN gateway link. The DHCP configuration is also updated to now serve the remote gateway address as a dns server (gateway nodes run a real dns proxy) - Any clients who signed on before the link was found will forward traffic to the local cell which will proxy it via http proxy etc, any clients signing on after a gateway is found will receive the remote gateway details and will have full IP routing.

Any client signing directly on to a cell which has a local internet gateway will go directly via that gateway.