freedombonee/doc/EN/mesh.org

11 KiB

/free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/images/logo.png

/free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/What%20is%20a%20mesh%20network? /free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/The%20Freedombone%20Mesh /free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/Installation /free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/Wifi%20adaptors /free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/Using%20the%20mesh /free/freedombonee/src/commit/cddefb33f6b0bb47d82021acd20cf6f2f10c7460/doc/EN/Further%20reading

What is a mesh network?

The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.

The client/server and mesh network models have advantages and disadvantages. If the server in a client/server system fails then you can have catastrophic service outages which affect many users. If a peer in a mesh network fails then the other peers may be mostly unaffected and communications can continue. The disadvantage of mesh networks is that each peer relays data for other peers and so the bandwidth usage by each peer may be higher than for a client in a client/server system. However, with modern hardware that's not much of an issue.

Mesh networks are useful for building local and highly resillient communications infrastructure which can be put together rapidly, in situations where the ordinary internet is either unavailable or untrustworthy.

Example use cases would be:

  • Conferences / Exhibitions
  • Local community networks, not run by telcos or ISPs
  • Emergency services / Disaster relief
  • Camp sites
  • War zones
  • Scientific expeditions to remote areas
  • Onboard smaller ships without satellite internet, captain/crew communications
  • Underground (mines or caves)
  • Protests / Occupations of buildings
  • Eventually in space for manned missions to other planets, moons or asteroids

The Freedombone Mesh

The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.

Installation

Two types of system

Installation is split into two categories, routers and user devices.

A router is a computer which is dedicated to moving network traffic and building out the mesh infrastructure. It's not primarily intended to have a user interface. Hardware such as the Beaglebone Black is ideal for this, because it's small, inexpensive and doesn't consume much electrical power and so can be fitted in any location where an electricity supply is available.

Small computers acting as mesh routers can also be battery operated or solar powered so that the network need not be statically sited. They could be included in a backpack for camping, fitted within moving vehicles, strapped to protest placards or attached to large tethered helium balloons (like weather balloons) to help provide a local and transient communications system.

User devices are the computers with which you would typically access the internet - laptops, desktop machines, netbooks or any other device which can run a Debian-based distro (eg. Ubuntu) with a working wifi connection.

Installing on routers

Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process. Connect your system to your internet router with an ethernet cable, then ssh into it and type:

su
apt-get update
apt-get install git build-essential dialog
git clone https://github.com/bashrc/freedombone
cd freedombone
make install

At this point if you are using a system or dongle with an Atheros AR9271 wifi chipset then you may want to install some pre-compiled firmware (you can compile it from source, but it takes a long time - especially on the Beaglebone Black). If you need to do that then see the wifi adaptor notes below.

Then to begin the install:

freedombone menuconfig

Select the "mesh (router)" install variant, give an ESSID or just hit enter for the default. If discression is important then use an ESSID similar to those already in the area. The ESSID must be the same on every mesh peer. Assign this mesh peer a name. In order to avoid confusions it's important that the name should be unique on the network and contain no spaces. So maybe a word followed by some numbers, or the name of the place where the router will be installed.

If you're installing on a Beaglebone Black then after a while the system will reboot and you will need to ssh in again and run:

cd freedombone
freedombone -c freedombone.cfg

The reboot is needed in order to enable zram and the hardware random number generator.

Installing on user devices

Typically on a laptop with a Debian-based distro installed, open a terminal and type:

sudo apt-get update
sudo apt-get install git build-essential dialog
git clone https://github.com/bashrc/freedombone
cd freedombone
sudo make install
freedombone menuconfig

Select the "mesh (user device)" variant and set the same ESSID as you did for the routers, or just hit enter for the default.

An important point is that on older Debian-based systems, such as Ubuntu 14.04 or Trisquel 7, you may need to install a more recent version of batctl. An example is as follows.

sudo apt-get remove --purge batctl
wget http://mirrors.kernel.org/ubuntu/pool/universe/b/batctl/batctl_2014.1.0-2_amd64.deb
sudo dpkg -i batctl_2014.1.0-2_amd64.deb

Wifi adaptors

There are a small number of wifi adaptors which are compatible with a fully free software stack.

Atheros AR9271

To install the firmware for this:

cd freedombone/drivers
sha256sum ath9k_htc_driver_bbb.tar.gz
7eb9324681f03c7630ed01e490ea447dfbd96c9b5389e45b64e4646d1be16ff1
tar -xvzf ath9k_htc_driver_bbb.tar.gz
mv *.fw /lib/firmware
cd ..

Using the mesh

Switching from internet to mesh mode

To join the mesh network open a terminal and type:

meshweb

If you want to have your system as a permanent mesh peer then you could add that command to your startup applications so that it activates whenever the computer starts up.

A web page should appear in your browser, which then allows you to access communication services on the mesh. These pages should update automatically, so that if peers enter or leave the network the lists will change accordingly.

If for any reason things don't seem to be updating you can force an update by issuing the command:

zeronetavahi

Chat

If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The Toxic client is installed by default, but you may also want to install qTox or uTox for a more conventional-looking user experience.

You can obtain Tox IDs for users on the network via the initial web page.

To launch the Toxic client in a terminal type:

toxic

The first time you will be asked whether you wish to encrypt the data file used for your settings. Select "no" for this, otherwise the system will not be able to obtain your public key and broadcast it to other peers in the network. Even if you select "yes" the system will still be usable, but it will not be so easy for other peers on the network to find you unless you have previously exchanged your Tox ID via some out-of-band method.

Then to add a new friend:

/nick mynickname
/add <friend Tox ID>

Your friend will need to approve the request, and then you can chat via text or voice using CTRL-o and CTRL-p to switch between screens and cursor keys plus Enter to select users.

Another thing worth knowing is that if you were already using a Tox client before running the meshweb command then it's a good idea to close and reopen it, so that the list of bootstrap nodes is updated. The same also applies when exiting the mesh and returning to the internet.

A note for the security-conscious is that broadcasting Tox IDs via the network (using Avahi) is convenient but not highly secure. An adversary could maybe join the network and create decoy peers to try to disrupt the communications and have messages going to the wrong places. For the best security exchange Tox IDs in advance by some method other than looking them up from the initial mesh web page.

Blogging

The Freedombone mesh uses a fully decentralized blogging system called ZeroBlog. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.

All blogs on the mesh are public, so any user joining the mesh can read any other blog. Network traffic is encrypted between peers, so passive snooping will be hard, and also the integrity of data is checked via certificates so that you can be reasonably confident that nefarious content has not been added or removed from the data stream while in transit through the network.

This type of content creation and delivery provides a good template for what the conventional internet should ultimately be like if it is to be robust, trustworthy and resistant to censorship or damage.

To add a new blog entry click the new post button, edit the title and content (clicking save at the bottom of the screen after each). Then when you are done click on the publish button at the bottom of the screen. And that's all there is to it.

Other services

It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.

Turing off the mesh

If you wish to return to the internet then open a terminal and type:

sudo batman stop

After a few seconds your usual internet wifi connection should be re-established.

Further reading

For much more extensive details about deploying wireless networks there is an excellent book called Wireless Networking in the Developing World which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.