[Olsr-dev] Propagating a default gateway OLSRv2
Peter Emanuel
(spam-protected)
Sun Jul 17 00:41:04 CEST 2016
Further update – dogged persistence pays off!
I converted the gateway from using
[lan_import=1]
interface eth0
To
[olsrv2]
lan 0.0.0.0/0
and lo and behold, it started working. So for my case/architecture, the 2 methods behave differently. I leave it to Henning and the experts to explain why. Regardless, I am much happier in that I know I can make it work. It wasn’t flawless though. It was behaving quite intermittently especially when my Android device was the 6th node down the chain. When I pinged the gateway from this node, I would get pings with (DUP!) in them and would sometimes drop away completely and then return. There must be some circular routing or something else going on. Not sure! It would be nice if it was more reliable out of the box.
That said, I probably can circumvent the flakiness by using the Access Control List (ACL) feature inside Version2 – schema=interface.acl. This would work for me as the Raspberry PI’s are static nodes I.e. placed analogous to cell towers with line of sight. With this in mind, I am seeking some guidance on how best to set up the ACL.
The attached JPG represents the Raspberry PI nodes clustered around a school or community center (the gateway). I am hoping that I can coerce the routing using the pattern as shown (sorta like connect down and to the right kinda metaphor). Each node is connected to 2 other nodes and am hoping I can force these to be MPR (relay) nodes. The Android devices will attach to the appropriate node as the user moves within the covered area. So, my questions are the following:
1) Are the 2 ACL accept node entries just the 2 directly contacted nodes or must there be entries for the 2 hop neighbors as well?
2) Should there be entries for the nodes that are close but I don’t want to connect to as it is not the desired topology – reject the nodes that disrupts the coerced topology even if they are near enough?
3) Can I use MAC addresses rather than IP addresses which will work much better if I can get the auto generate IP address feature to work?
Any help would be greatly appreciated.
Peter Emanuel
From: Peter Emanuel [mailto:(spam-protected)]
Sent: Friday, July 15, 2016 1:48 PM
To: 'Peter Emanuel'; 'Henning Rogge'
Cc: 'olsr-dev'
Subject: RE: [Olsr-dev] Propagating a default gateway OLSRv2
I have an update on this. I stumbled into a prior discussion on this forum from 2012 about this exact problem. The solution was to change the netmask on the WiFi from 255.255.255.0 to 255.255.0.0. This definitely helped as there were default gateways specified in each of the nodes in the chain pointing at each connected/edge node. (I personally don't understand why this changed anything as all of my nodes were on the same subnet - 192.168.18.x. This is probably my own lack of understanding).
My gateway to the Internet was node 192.168.18.2. I was able to ping this IP from the last node in my chain of my 6 nodes (192.168.18.201) but couldn't get to the Internet although the DNS lookup appeared to work fine. I tried accessing youtube.com and google.com. Again, once my edge node was 1 hop from the gateway, everything started working as expected (192.168.18.201 connected to 192.168.18.3).
One added piece of information is that I had to set up the following iptable rules to actually get the packets to pass through on the gateway.
WlanIP=" $( ifconfig wlan0 2>/dev/null)"; # note leading space
WlanIP=${WlanIP#*inet addr:}; # extract the address
WlanIP=${WlanIP%% *} # but if none
# forward all traffic coming from wlan0 (that's not destined for the laptop) to eth0
iptables -A FORWARD ! --dst ${WlanIP} -i wlan0 -o eth0 -j ACCEPT
# forward traffic coming from wlan0 to eth0
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
# forward traffic coming from eth0 to wlan0
iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
# setup Network Area Translation (NAT) so that all forwarded traffic to eth0 appears to be coming from the laptop's IP address
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Any help in getting the Internet access working properly would be greatly appreciated.
-----Original Message-----
From: Peter Emanuel [mailto:(spam-protected)]
Sent: Thursday, July 14, 2016 1:44 PM
To: 'Henning Rogge'
Cc: 'olsr-dev'
Subject: RE: [Olsr-dev] Propagating a default gateway OLSRv2
I am still a little confused about how the default gateway should propagate. When I fired up multiple nodes in my home, everything worked great. When I started stringing nodes into trees across the neighborhood with line of sight between consecutive nodes, all of the nodes appeared in the routing table but the default route wasn't present in nodes 2 hops or more down the chain. I did only have a single node to single node communication as the route back to the gateway which I presume isn't an issue. Is there something that I am doing wrong or is there some configuration setting that I am missing?
-----Original Message-----
From: Henning Rogge [ <mailto:(spam-protected)> mailto:(spam-protected)]
Sent: Friday, July 08, 2016 1:56 AM
To: Peter Emanuel
Cc: olsr-dev
Subject: Re: [Olsr-dev] Propagating a default gateway OLSRv2
On Thu, Jul 7, 2016 at 8:55 PM, Peter Emanuel < <mailto:(spam-protected)> (spam-protected)> wrote:
> Hi Henning,
>
> Brilliant! Thanks so much. The Wiki page was extremely informative too. Not sure how I didn't run into it before.
>
> Both methods worked. I had tried
>
> olsrd2_static --set lan_import.interface=eth0 wlan0 lo &
>
> without success. I am not sure whether the [lan_import=1] in the config file is significant. Regardless, I can move forward using the config file.
Yes, the "=1" makes a difference...
("olsrd2_static --set lan_import[1].interface=eth0 wlan0 lo &" should work too)
why?
2 reasons:
- you might want to have multiple lan_import sections... the name gives you the way to put them into a config file
- you don't want to have a default value active for lan_import. Think about sections like "global" or "olsrv2". Both have an effect even if they are not present in the configuration... lan_import can be dangerous, so I made it into a named section similar to "interface".
> Which of your 2 methods is preferable since both seemed to work?
Your choice. The lan_import way means you don't have to put your IP configuration into the olsrd2 config, which makes it easier to handle for multiple routers.
> On the Android front - there are a number of caveats that I need to point out (even though I am not an Android guru). I ran into these when using olsrdv1.
> Starting with Android release KitKat and onwards, Google started introducing more and more security. From a mesh standpoint, it became more of a pain.
> 1) They introduced secure linux as the only kernel the bootloader would boot.
> 2) They enforced compiling with -fPIE (Program Independent
> Executables) as well using as -fPIC
> 3) Worse yet, only authorized networks would work. The connection manager inside Android would not allow connecting to an Adhoc network like OLSRD. The connection manager needs to be modified inside Android authorizing the olsrd as a valid network and any application that wants to connect to the network has to register with the network (using Java Reflection or some such method). Local network communications work fine using later releases of Android if you compile with -fPIE when communicating from node to node but not when passing through the connection manager.
Yes, the "no adhoc mode" thing is a pain...
> It's a pain to modify and recompile android. So, I plan to address this issue later but am sticking to my Android development using Jellybean (4.2.2) for now. Olsrd2 seems to work just fine with this Android release. That said, I targeted my Android build to platform android-18 even though the latest build is android-24 so I cannot vouch for any android platform after android-18. Using kitkat, the updated Chromium browser doesn't work nor does YouTube even on Jelly Bean. Opera and the built in browser works fine. YouTube from the browser works fine.
> Two other thing I ran into with the olsrd2 sources is that epoll_create1 is only supported by later kernels that came into existence with android-21 so I had to modify your sources to use the prior epoll_create call rather than epoll_create1. I also had to pull in a separately compiled version of the netlink library to support linking the nl80211 listener.
epoll_create1 was introduced in kernel 2.6.27... that is too new for android 4.x *sigh*
Is there a good feature request macro to test for it?
Henning Rogge
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160716/fea1edd0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6851 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160716/fea1edd0/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RaspberryPIRouting.jpg
Type: image/jpeg
Size: 120222 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160716/fea1edd0/attachment-0001.jpg>
More information about the Olsr-dev
mailing list