Modify

Opened 4 years ago

Last modified 2 years ago

#12078 new enhancement

Expanding Luci to setup 802.11s meshnetworks with Mesh-ID, Rootannouncment, etc.

Reported by: Thomas.Wagner@… Owned by:
Priority: normal Milestone: Barrier Breaker 14.07
Component: luci Version: Trunk
Keywords: luci, 802.11s Cc:

Description

Thomas.Wagner@…
Expanding Luci to setup 802.11s meshnetworks with Mesh-ID, Rootannouncment, etc.

On a university project I expand OpenWRT to setup 802.11s Meshnetworks using Luci.
Including setting MeshID and Root/Gateannouncment
In term of GPL I publish my changes within this ticket.

On my routers there is authsae installed to setup up a secure mesh.
I integrated authsae configuration in Luci/uci.
I expand uci in order to setup mesh_param.

The attached file l_uci_addones_for_11s_mesh.tbz contains a copy (svn trunk r32582) of build_dir/linux-ar71xx_generic/luci-mesh-1.0/ipkg-ar71xx/luci-mesh/usr/lib/lua/luci/model/cbi/admin_network/wifi.lua and package/mac80211/files/lib/wifi/mac80211.sh as wifi.lua.orginal and mac80211.sh.orginal
The modifcation I did are explained below:

  • wifi.lua.mesh

This expands Luci to set up Mesh-ID and to enable Route/Gateannouncment. It requires the changes of mac80211.sh.announcements or wifi.lua.all

  • wifi.lua.all

This makes the same changes like wifi.lua.mesh. Additional you were able to activate authsae encryption and to set a key.
It will require mac80211.sh.announcements + mac80211.sh.authsae (or mac80211.sh.all)

  • mac80211.sh.announcements

You can activate Root-/Gateannouncment on setting:

uci add wireless.@wifi-iface[0].mesh_root=1
uci add wireless.@wifi-iface[0].mesh_gate=1
  • mac80211.sh.mesh_param

This allows setting all mesh_param that can be set by executing iw $dev set mesh_param using uci:

uci add_list wireless.@wifi-iface[0].mesh_param=mesh_max_peer_links=32
uci add_list wireless.@wifi-iface[0].mesh_param=mesh_ttl=30
...

Note: Root-/Gateannouncment are also activated via mesh_param. If mac80211.sh.mesh_param and mac80211.sh.announcements are combined activate the announcments this way:

uci add wireless.@wifi-iface[0].mesh_root=1
uci add wireless.@wifi-iface[0].mesh_gate=1

not this way:

uci add_list wireless.@wifi-iface[0].mesh_param=root_mode=1 
...
  • mac80211.sh.authsae

This allows to configure authsae using luci

  • mac80211.sh.all

Conclusion of .announcements, .mesh_param, .authsae

Hint: To exaim my changes step by step use diff. E.g:

diff wifi.lua.orginal wifi.lua.mesh 

This is still missing:

  1. In Luci the state of 11s-Networks is not correctly displayed:
    • Mode: unknown
    • Errormessage: Wireless is disabled or not associated
    • Instaed of Mesh-ID the Essid is displayed, even thoug (E)ssid is not used in 11s-Networks
  2. http://wiki.openwrt.org/doc/uci/wireless says:
    • ssid: type:string; requierd:yes
    • requierd:yes should be changed because in 11s-Networks there is no SSID. E.g: requierd:if (mode != mesh)

My complete work is avaible at: https://wwwvs.cs.hs-rm.de/vs-wiki/index.php/Datei:Openwrt_r32582_11s_mesh_addons.tbz

Attachments (2)

l_uci_addones_for_11s_mesh.tbz (17.8 KB) - added by anonymous 4 years ago.
attitude_meshaddon.tbz (87.2 KB) - added by Thomas.Wagner@… 3 years ago.
Expanding (l)uci to setup AuthSAE crypted 802.11s Mesh networks

Download all attachments as: .zip

Change History (19)

Changed 4 years ago by anonymous

comment:1 follow-up: Changed 4 years ago by djanice1980@…

I tested your patch and it WORKS. I ran into one little bug that has to do with my equipment. I am using Atheros 231X equipment and the mesh nodes show all 0's in the arp cache. They communicate to each other fine, but this does not allow me to pass traffic between them. It could be that I setup VAP in my test. 1 VAP to client access and 1 VAP for MESH.

Any ideas?

comment:2 in reply to: ↑ 1 Changed 4 years ago by Thomas.Wagner@…

Replying to djanice1980@…:

I tested your patch and it WORKS. I ran into one little bug that has to do with my equipment. I am using Atheros 231X equipment and the mesh nodes show all 0's in the arp cache. They communicate to each other fine, but this does not allow me to pass traffic between them. It could be that I setup VAP in my test. 1 VAP to client access and 1 VAP for MESH.

This is a know bug:
https://dev.openwrt.org/ticket/11972
You just have to fix the ath9k driver.

comment:3 Changed 4 years ago by anonymous

I'll try it again. I thought I enabled that patch. My equipment doesn't utilize ath9k drivers, but if having this driver enabled corrects the problem then I should be good. I may have to wait until there is a full kerbel patch. I'll report back after testing.

Thanks

David

comment:4 Changed 3 years ago by krzysztof.matusik@…

Please have a look (ticket 13250).
I'm tinkering with hostapd.sh to implement 802.11r part of hostapd with uci. Unfortunately current build of wpad doesn't recognize 802.11r options, so I'm asking to include them in compilation in that ticket.
If this gets done, next thing will be tesing, bug-fixing, enhancing luci- and we're done.

regards

comment:5 Changed 3 years ago by krzysztof.matusik@…

sorry, wrong place, got lost in my browser tabs, it should be here

comment:6 Changed 3 years ago by Thomas.Wagner@…

802.11r is not 802.11s

comment:7 Changed 3 years ago by anonymous

How do I install this patch?

comment:8 Changed 3 years ago by info@…

How do I install this patch?
Sorry I don't want to be anonym-

Changed 3 years ago by Thomas.Wagner@…

Expanding (l)uci to setup AuthSAE crypted 802.11s Mesh networks

comment:9 Changed 3 years ago by Thomas.Wagner@…

I have just adapt the mesh addones to the release version of Attitude Adjustment.
Download the source e.g. using svn and open menuconfig:

svn co svn://svn.openwrt.org/openwrt/tags/attitude_adjustment_12.09
cd attitude_adjustment_12.09
make menuconfig

Now select Target, Subtarget and Targetprofile. Then go to exit and save your changes.
Now dowload some sources you will need to build the image including luci:

make defconfig
./scripts/feeds update packages luci
./scripts/feeds install -a -p luci
./scripts/feeds install -d m libconfig
make download

Download and extract the attitude_meshaddon.tbz file and start make menuconfig again to select:

    LuCI -->
      Collections  ---> 
         luci
      luci-mesh
    Libraries  --->   
      libiw
    Network  --->
       authsae          (for crypted mesh networks)
       ath9k-nohwcrypt  (if your router contains a ath9k wlan chipset and you like to run crypted mesh networks)

After that you can build all packages/ images by running make world.
After that a image with mesh addons will be located at bin/TARGET_NAME/openwrt-...bin

If you prefere using precompile images from http://downloads.openwrt.org/attitude_adjustment/12.09/ you can expand them with meshaddones belated.
In that case replace:

Devel.Folder:                                     File on Router (replace this):
------------                                      ---------------
package/mac80211/files/lib/wifi/mac80211.sh       /lib/wifi/mac80211.sh
package/luci-mesh/wifi.lua                        /usr/lib/lua/luci/model/cbi/admin_network/wifi.lua

After that go to bin/TARGET_NAME/packages and install this packages on your router:

ath9k-nohwcrypt_*.ipk   authsae_*.ipk        libconfig_*.ipk   libnl_*.ipk
libopenssl_*.ipk        openssl-util_*.ipk   zlib_*.ipk

comment:10 Changed 3 years ago by Thomas.Wagner@…

Next Version of Mesh-Addons for Attitude Adjustmunt (Stable-Version) is avaiable here:

Prepere building like explained in comment above.
But then select these packages:

    LuCI -->
      luci-mesh
      luci-mesh-authsae 
    Libraries  --->   
      libiw
    Network  --->
       wificonfig-mesh
       authsae      
       ath9k-nohwcrypt 

comment:11 Changed 3 years ago by etienne.champetier@…

Hi Thomas,

I have not tested your patch, but i'm pretty sure it will not get integrated:
-new feature are added first on trunk (BB) and not on stable (AA)
-you have to send many small patches, not bomb :)
-you have to submit them to the devel mailing list
see https://dev.openwrt.org/wiki/SubmittingPatches

There are some pending patch for authsae integration:
http://patchwork.openwrt.org/patch/3711/
http://patchwork.openwrt.org/patch/3845/
http://patchwork.openwrt.org/patch/3847/

once integrated you can rework your luci part

see also already integrated patches (mesh param & HT)
https://dev.openwrt.org/changeset/36639
https://dev.openwrt.org/changeset/36640
the mesh_param one take a different approach, it's not a list,
it's many 'mesh_*' parameters.

Thanks for sharing your work
Etienne

comment:12 Changed 3 years ago by etienne.champetier@…

Hi,

Authsae is now in openwrt trunk!
see (if someone want to backport it to AA):
[37523] (add elliptic curve compiltion option to openssl)
[37524]
[37552] (move libconfig to trunk, so authsae doesn't need packages feed to compile)
[37553] (add authsae daemon)
[37554] (adapt uci script to use authsae)

see also (mesh param & ht):
[36639]
[36640]

If you can rewrite your luci part and send it
to the devel mailing list it would great :)

comment:13 Changed 3 years ago by Thomas.Wagner@…

Hi,

at RheinMain University
of Applied Sciences (HS-RM) we plan to build AuthSAE-tiny which is a special version optimized for useage with OpenWRT.
This will be done within a bachelor thesis and should be done within the next 4 mounths.

AuthSAE-tiny won't need libconfig (and it's dependency zlib) and uses libnl-tiny.

It is also planed to optimize the LuCI integration of 802.11s. Currently the network type is displayed as unknown and connections are displayed as established even when AuthSAE authentication fails.

I'm going to submit te current state of my luci integration for 11s networks.

comment:14 Changed 3 years ago by anonymous

Hi

AuthSAE use libnl-tiny in openwrt (see https://github.com/cozybit/authsae/commit/358d177911eb7ad8f78a406cb43b24e606ee2aac).
The best thing would be to have an authsae compile option to not use libconfig.
Having a separate project (authSAE-tiny) double the work (it's cool to fork, but don't forget to merge ;) )

The awsome thing would be finishing hostap-sae, and merging it in hostap
(but it seems lot of work, has they don't want openssl as dependency)
see:
http://lists.shmoo.com/pipermail/hostap/2011-March/022853.html
https://github.com/cozybit/hostap-sae

looking towards your luci integration.

comment:15 Changed 2 years ago by wbr@…

Any updates here? This patch is as close as it gets to a "user-friendly" mesh for OpenWrt. Can we get this - or some similar solution - added to trunk? Even if it's not the perfect solution yet, it is still better than having to write a bunch of init and hotplug scripts to manually configure 80211s.

comment:16 Changed 2 years ago by anonymous

Hi,

no updates for 8 months now.. is there any progress? I think that the luci integration would be a really great enhancement for OpenWRT.

comment:17 Changed 2 years ago by jow

  • Milestone changed from Attitude Adjustment 12.09 to Barrier Breaker 14.07

Milestone Attitude Adjustment 12.09 deleted

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.