[Olsr-dev] Propagating a default gateway OLSRv2

Henning Rogge (spam-protected)
Mon Jul 18 14:32:40 CEST 2016


Hmm?

You are using IPtables to forward traffic between eth0 and wlan0?

That sounds dangerous at best. Why do you do this?

Henning

On Fri, Jul 15, 2016 at 10:47 PM, Peter Emanuel <(spam-protected)>
wrote:

> I have an update on this. I stumbled into a prior discussion on this forum
> from 2012 about this exact problem. The solution was to change the netmask
> on the WiFi from 255.255.255.0 to 255.255.0.0. This definitely helped as
> there were default gateways specified in each of the nodes in the chain
> pointing at each connected/edge node. (I personally don't understand why
> this changed anything as all of my nodes were on the same subnet -
> 192.168.18.x. This is probably my own lack of understanding).
>
>
>
> My gateway to the Internet was node 192.168.18.2. I was able to ping this
> IP from the last node in my chain of my 6 nodes (192.168.18.201) but
> couldn't get to the Internet although the DNS lookup appeared to work fine.
> I tried accessing youtube.com and google.com. Again, once my edge node
> was 1 hop from the gateway, everything started working as expected
> (192.168.18.201 connected to 192.168.18.3).
>
>
>
>
>
>
>
> One added piece of information is that I had to set up the following
> iptable rules to actually get the packets to pass through on the gateway.
>
>
>
>     WlanIP=" $( ifconfig wlan0  2>/dev/null)";   # note leading space
>
>     WlanIP=${WlanIP#*inet addr:};                # extract the address
>
>     WlanIP=${WlanIP%% *}                         # but if none
>
>
>
>     # forward all traffic coming from wlan0 (that's not destined for the
> laptop) to eth0
>
>     iptables -A FORWARD ! --dst ${WlanIP} -i wlan0 -o eth0 -j ACCEPT
>
>     # forward traffic coming from wlan0 to eth0
>
>     iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
>
>     # forward traffic coming from eth0 to wlan0
>
>     iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
>
>     # setup Network Area Translation (NAT) so that all forwarded traffic
> to eth0 appears to be coming from the laptop's IP address
>
>     iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>
> Any help in getting the Internet access working properly would be greatly
> appreciated.
>
>
>
> -----Original Message-----
> From: Peter Emanuel [mailto:(spam-protected)]
> Sent: Thursday, July 14, 2016 1:44 PM
> To: 'Henning Rogge'
> Cc: 'olsr-dev'
> Subject: RE: [Olsr-dev] Propagating a default gateway OLSRv2
>
>
>
> I am still a little confused about how the default gateway should
> propagate. When I fired up multiple nodes in my home, everything worked
> great. When I started stringing nodes into trees across the neighborhood
> with line of sight between consecutive nodes, all of the nodes appeared in
> the routing table but the default route wasn't present in nodes 2 hops or
> more down the chain. I did only have a single node to single node
> communication as the route back to the gateway which I presume isn't an
> issue. Is there something that I am doing wrong or is there some
> configuration setting that I am missing?
>
>
>
> -----Original Message-----
>
> From: Henning Rogge [mailto:(spam-protected) <(spam-protected)>]
>
> Sent: Friday, July 08, 2016 1:56 AM
>
> To: Peter Emanuel
>
> Cc: olsr-dev
>
> Subject: Re: [Olsr-dev] Propagating a default gateway OLSRv2
>
>
>
> On Thu, Jul 7, 2016 at 8:55 PM, Peter Emanuel <(spam-protected)>
> wrote:
>
> > Hi Henning,
>
> >
>
> > Brilliant! Thanks so much. The Wiki page was extremely informative too.
> Not sure how I didn't run into it before.
>
> >
>
> > Both methods worked. I had tried
>
> >
>
> >         olsrd2_static --set lan_import.interface=eth0 wlan0 lo &
>
> >
>
> > without success. I am not sure whether the [lan_import=1] in the config
> file is significant. Regardless, I can move forward using the config file.
>
>
>
> Yes, the "=1" makes a difference...
>
>
>
> ("olsrd2_static --set lan_import[1].interface=eth0 wlan0 lo &" should work
> too)
>
>
>
> why?
>
>
>
> 2 reasons:
>
>
>
> - you might want to have multiple lan_import sections... the name gives
> you the way to put them into a config file
>
> - you don't want to have a default value active for lan_import. Think
> about sections like "global" or "olsrv2". Both have an effect even if they
> are not present in the configuration... lan_import can be dangerous, so I
> made it into a named section similar to "interface".
>
>
>
> > Which of your 2 methods is preferable since both seemed to work?
>
>
>
> Your choice. The lan_import way means you don't have to put your IP
> configuration into the olsrd2 config, which makes it easier to handle for
> multiple routers.
>
>
>
> > On the Android front - there are a number of caveats that I need to
> point out (even though I am not an Android guru). I ran into these when
> using olsrdv1.
>
> > Starting with Android release KitKat and onwards, Google started
> introducing more and more security. From a mesh standpoint, it became more
> of a pain.
>
> > 1) They introduced secure linux as the only kernel the bootloader would
> boot.
>
> > 2) They enforced compiling with -fPIE (Program Independent
>
> > Executables) as well using as -fPIC
>
> > 3) Worse yet, only authorized networks would work. The connection
> manager inside Android would not allow connecting to an Adhoc network like
> OLSRD. The connection manager needs to be modified inside Android
> authorizing the olsrd as a valid network and any application that wants to
> connect to the network has to register with the network (using Java
> Reflection or some such method). Local network communications work fine
> using later releases of Android if you compile with -fPIE when
> communicating from node to node but not when passing through the connection
> manager.
>
>
>
> Yes, the "no adhoc mode" thing is a pain...
>
>
>
> > It's a pain to modify and recompile android. So, I plan to address this
> issue later but am sticking to my Android development using Jellybean
> (4.2.2) for now. Olsrd2 seems to work just fine with this Android release.
> That said, I targeted my Android build to platform android-18 even though
> the latest build is android-24 so I cannot vouch for any android platform
> after android-18. Using kitkat, the updated Chromium browser doesn't work
> nor does YouTube even on Jelly Bean. Opera and the built in browser works
> fine. YouTube from the browser works fine.
>
>
>
> > Two other thing I ran into with the olsrd2 sources is that epoll_create1
> is only supported by later kernels that came into existence with android-21
> so I had to modify your sources to use the prior epoll_create call rather
> than epoll_create1. I also had to pull in a separately compiled version of
> the netlink library to support linking the nl80211 listener.
>
>
>
> epoll_create1 was introduced in kernel 2.6.27... that is too new for
> android 4.x *sigh*
>
>
>
> Is there a good feature request macro to test for it?
>
>
>
> Henning Rogge
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160718/d251ddbb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 6851 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160718/d251ddbb/attachment.png>


More information about the Olsr-dev mailing list