[Olsr-dev] Propagating a default gateway OLSRv2

Peter Emanuel (spam-protected)
Mon Jul 18 19:00:38 CEST 2016


Because using iptables was the only way I could make it work with HNA in Version 1. I will run another test today to see if it works without it. Why is it dangerous in your estimation? All I am doing is using eth0 as a NAT to the mesh network. Will this conflict with the olsr routing?

 

From: Henning Rogge [mailto:(spam-protected)] 
Sent: Monday, July 18, 2016 5:33 AM
To: Peter Emanuel
Cc: olsr-dev
Subject: Re: [Olsr-dev] Propagating a default gateway OLSRv2

 

Hmm?

 

You are using IPtables to forward traffic between eth0 and wlan0?

 

That sounds dangerous at best. Why do you do this?

 

Henning

 

On Fri, Jul 15, 2016 at 10:47 PM, Peter Emanuel <(spam-protected)> wrote:

I have an update on this. I stumbled into a prior discussion on this forum from 2012 about this exact problem. The solution was to change the netmask on the WiFi from 255.255.255.0 to 255.255.0.0. This definitely helped as there were default gateways specified in each of the nodes in the chain pointing at each connected/edge node. (I personally don't understand why this changed anything as all of my nodes were on the same subnet - 192.168.18.x. This is probably my own lack of understanding).

 

My gateway to the Internet was node 192.168.18.2. I was able to ping this IP from the last node in my chain of my 6 nodes (192.168.18.201) but couldn't get to the Internet although the DNS lookup appeared to work fine. I tried accessing youtube.com and google.com. Again, once my edge node was 1 hop from the gateway, everything started working as expected (192.168.18.201 connected to 192.168.18.3).

 



 

 

One added piece of information is that I had to set up the following iptable rules to actually get the packets to pass through on the gateway.

 

    WlanIP=" $( ifconfig wlan0  2>/dev/null)";   # note leading space

    WlanIP=${WlanIP#*inet addr:};                # extract the address

    WlanIP=${WlanIP%% *}                         # but if none

 

    # forward all traffic coming from wlan0 (that's not destined for the laptop) to eth0

    iptables -A FORWARD ! --dst ${WlanIP} -i wlan0 -o eth0 -j ACCEPT

    # forward traffic coming from wlan0 to eth0

    iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

    # forward traffic coming from eth0 to wlan0

    iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

    # setup Network Area Translation (NAT) so that all forwarded traffic to eth0 appears to be coming from the laptop's IP address

    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Any help in getting the Internet access working properly would be greatly appreciated.

 

-----Original Message-----
From: Peter Emanuel [mailto:(spam-protected)] 
Sent: Thursday, July 14, 2016 1:44 PM
To: 'Henning Rogge'
Cc: 'olsr-dev'
Subject: RE: [Olsr-dev] Propagating a default gateway OLSRv2

 

I am still a little confused about how the default gateway should propagate. When I fired up multiple nodes in my home, everything worked great. When I started stringing nodes into trees across the neighborhood with line of sight between consecutive nodes, all of the nodes appeared in the routing table but the default route wasn't present in nodes 2 hops or more down the chain. I did only have a single node to single node communication as the route back to the gateway which I presume isn't an issue. Is there something that I am doing wrong or is there some configuration setting that I am missing? 

 

-----Original Message-----

From: Henning Rogge [ <mailto:(spam-protected)> mailto:(spam-protected)] 

Sent: Friday, July 08, 2016 1:56 AM

To: Peter Emanuel

Cc: olsr-dev

Subject: Re: [Olsr-dev] Propagating a default gateway OLSRv2

 

On Thu, Jul 7, 2016 at 8:55 PM, Peter Emanuel < <mailto:(spam-protected)> (spam-protected)> wrote:

> Hi Henning,

> 

> Brilliant! Thanks so much. The Wiki page was extremely informative too. Not sure how I didn't run into it before.

> 

> Both methods worked. I had tried

> 

>         olsrd2_static --set lan_import.interface=eth0 wlan0 lo &

> 

> without success. I am not sure whether the [lan_import=1] in the config file is significant. Regardless, I can move forward using the config file.

 

Yes, the "=1" makes a difference...

 

("olsrd2_static --set lan_import[1].interface=eth0 wlan0 lo &" should work too)

 

why?

 

2 reasons:

 

- you might want to have multiple lan_import sections... the name gives you the way to put them into a config file

- you don't want to have a default value active for lan_import. Think about sections like "global" or "olsrv2". Both have an effect even if they are not present in the configuration... lan_import can be dangerous, so I made it into a named section similar to "interface".

 

> Which of your 2 methods is preferable since both seemed to work?

 

Your choice. The lan_import way means you don't have to put your IP configuration into the olsrd2 config, which makes it easier to handle for multiple routers.

 

> On the Android front - there are a number of caveats that I need to point out (even though I am not an Android guru). I ran into these when using olsrdv1.

> Starting with Android release KitKat and onwards, Google started introducing more and more security. From a mesh standpoint, it became more of a pain.

> 1) They introduced secure linux as the only kernel the bootloader would boot.

> 2) They enforced compiling with -fPIE (Program Independent 

> Executables) as well using as -fPIC

> 3) Worse yet, only authorized networks would work. The connection manager inside Android would not allow connecting to an Adhoc network like OLSRD. The connection manager needs to be modified inside Android authorizing the olsrd as a valid network and any application that wants to connect to the network has to register with the network (using Java Reflection or some such method). Local network communications work fine using later releases of Android if you compile with -fPIE when communicating from node to node but not when passing through the connection manager.

 

Yes, the "no adhoc mode" thing is a pain...

 

> It's a pain to modify and recompile android. So, I plan to address this issue later but am sticking to my Android development using Jellybean (4.2.2) for now. Olsrd2 seems to work just fine with this Android release. That said, I targeted my Android build to platform android-18 even though the latest build is android-24 so I cannot vouch for any android platform after android-18. Using kitkat, the updated Chromium browser doesn't work nor does YouTube even on Jelly Bean. Opera and the built in browser works fine. YouTube from the browser works fine.

 

> Two other thing I ran into with the olsrd2 sources is that epoll_create1 is only supported by later kernels that came into existence with android-21 so I had to modify your sources to use the prior epoll_create call rather than epoll_create1. I also had to pull in a separately compiled version of the netlink library to support linking the nl80211 listener.

 

epoll_create1 was introduced in kernel 2.6.27... that is too new for android 4.x *sigh*

 

Is there a good feature request macro to test for it?

 

Henning Rogge

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160718/bb63d936/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6851 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20160718/bb63d936/attachment.png>


More information about the Olsr-dev mailing list