= GEC 9 Demo AP / Client Node Image = {{{ Ubuntu Version: 10.04 Current Image Name: repository1:/export/orbit/image/GEC9DemoAP.ndz }}} Installed software from Baseline Should Include: * HostAPD - Apt Package * Netsnmp - 2 Apt packages * !OpenVswitch - Downloaded from http://openvswitch.org/releases/openvswitch-1.1.0pre1.tar.gz [[BR]]Additional Packages Required: * libssl-dev * pkg-configure (complains SSL is not found if this is not installed) * ''Optional'' python-json * ''Optional'' python-qt4 * ''Optional'' python-zopeinterface * ''Optional'' python-twisted-conch * ''!MadWifi'' - was requested but omitted, I think they just need generic Wireless drivers. Ath5k drivers are installed by default. modprobe ath5k enumerates the devices. * VLC - Apt package * Wimax driver. * Free-nx ---- === Notes === It makes more sense to have a single image with all the necessary components that can change behavior based on scripts. To that end I've merged all the requirements. === 9/10 === Talked with KK, we'll need to iron out the verion of the kernel we're going to use. Currently I'm missing a few tools/package: NX, vlc, snmp, and snmpd === 9/17/2010 === Starting over with 10.04. We've decided we want the Image to be based of ubuntu 10.04 so that our wimax drivers will work with it. We may have to update date the kernel version. So far I have: * hostapd * snmp * snmpd * libssl-dev * build-essential * vlc * freenx - Installed by following instructions from https://help.ubuntu.com/community/FreeNX '''THIS FAILED MISERABLY''' I had to modify the sources back to their original settings cuz they were a giant mess. FreeNx failed to install and the instruction are buggy at best. The packages claim to be broken. They may have to live with VNC which we know works. If we're scripting, why do we need a remote viewer at all? Apparently the following packages don't exist in the repository (this could be due to my sources being messed up. * pkg-configure (complains SSL is not found if this is not installed) * python-json * python-qt4 --- === 10/22/2010 === Starting over yet again, dues to some package corruption bugs. I've changed the source file to source directly from mit meadia labs for the time being to get past some issues. After an update I installed the main stay of packages. {{{ apt-get install hostapd snmp snmpd build-essential libssl-dev pkg-config }}} I'll also need kernel headers for moudle support. {{{ sudo apt-get install linux-headers-$(uname -r) }}} With that stuff setup I'm going to Install OpenVswitch with kernel module support. {{{ ./configure --with-l26=/lib/modules/`uname -r`/build }}} I'm including a copy of config.log for refrence. I ran the usual, make, make install combo. Once run the ovs-* tools should be accessible. From here I simply need to insert the module and see if I can make a virtual switch. Create some virtual interfaces, and add them to the virtual switch. {{{ root@node1-7:/opt/openvswitch-1.1.0pre2# insmod datapath/linux-2.6/openvswitch_mod.ko root@node1-7:/opt/openvswitch-1.1.0pre2# lsmod Module Size Used by openvswitch_mod 61272 0 root@node1-7:/opt/openvswitch-1.1.0pre2# ip link add type veth root@node1-7:/opt/openvswitch-1.1.0pre2# ovs-dpctl add-dp dp0 root@node1-7:/opt/openvswitch-1.1.0pre2# ovs-dpctl add-if dp0 veth0 root@node1-7:/opt/openvswitch-1.1.0pre2# ovs-dpctl show system@dp0: flows: cur:0, soft-max:1024, hard-max:1048576 ports: cur:2, max:1024 groups: max:16 lookups: frags:0, hit:0, missed:0, lost:0 queues: max-miss:100, max-action:100 port 0: dp0 (internal) port 1: veth0 }}} We can verify all the drivers and modules are working with ifconfig. {{{ root@node1-7:/opt/openvswitch-1.1.0pre2# ifconfig -a dp0 Link encap:Ethernet HWaddr 00:23:20:88:f5:b8 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) eth0 Link encap:Ethernet HWaddr 00:0f:ea:4a:8a:fe BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:11 eth1 Link encap:Ethernet HWaddr 00:0f:ea:4a:8a:ff inet addr:10.40.1.7 Bcast:10.40.255.255 Mask:255.255.0.0 inet6 addr: fe80::20f:eaff:fe4a:8aff/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:89811 errors:0 dropped:0 overruns:2 frame:0 TX packets:6729 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:68247118 (68.2 MB) TX bytes:1171359 (1.1 MB) Interrupt:10 eth2 Link encap:Ethernet HWaddr 00:0e:35:9e:52:e6 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:7 Base address:0xa000 Memory:eb018000-eb018fff lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) veth0 Link encap:Ethernet HWaddr b2:13:3e:6a:16:bc UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) veth1 Link encap:Ethernet HWaddr a2:da:ae:0c:31:c9 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) wlan0 Link encap:Ethernet HWaddr 00:60:b3:ac:a1:ce BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) }}} Finally We can start the openflow client in deamon mode with: {{{ root@node1-7:/opt/openvswitch-1.1.0pre2# ovs-openflowd dp0 tcp:10.50.0.13 --out-of-band --detach Sep 22 19:56:05|00001|openflowd|INFO|Open vSwitch version 1.1.0pre2 Sep 22 19:56:05|00002|openflowd|INFO|OpenFlow protocol version 0x01 Sep 22 19:56:05|00003|ofproto|INFO|using datapath ID 000000232080fc2d Sep 22 19:56:05|00004|rconn|INFO|dp0<->tcp:10.50.0.13: connecting... }}} ---- === 9/30/2010 === Making the node behave as an access point from the ssugrim-node-1-7-2010-09-22-20-04-54.ndz image. Edit ''/etc/default/hostapd'', enable debugging, and dameon mode, and the conf file: {{{ RUN_DAEMON="yes" DAEMON_CONF="/etc/hostapd/hostapd.conf" DAEMON_OPTS="-dd" }}} Edit ''/etc/hostpad/hostapd.conf'', add or enable the following lines: {{{ interface=wlan0 bridge=br0 driver=nl80211 ssid=ANSSID hw_mode=b (to start with) channel=1 }}} Make a ''/var/run/hostapd'' directory. Insert the kernel module, from the ''/opt/openvswitch-1.1.0pre2'' directory run: {{{ insmod datapath/linux-2.6/openvswitch_mod.ko }}} should see: {{{ lsmod Module Size Used by openvswitch_mod 61272 0 }}} Initialize the database: {{{ ovsdb-tool create /usr/local/etc/ovs-vswitchd.conf.db vswitchd/vswitch.ovsschema }}} Start the switch database server: {{{ ovsdb-server /usr/local/etc/ovs-vswitchd.conf.db --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,managers --private-key=db:SSL,private_key --certificate=db:SSL,certificate --bootstrap-ca-cert=db:SSL,ca_cert --detach }}} initialize the database using ovs-vsctl (only needs to be done once, ever): {{{ ovs-vsctl --no-wait init }}} start the switch server: {{{ ovs-vswitchd unix:/usr/local/var/run/openvswitch/db.sock --detach }}} You should be able to see the running process's {{{ ps -ef | grep ovs root 865 1 0 20:30 ? 00:00:00 ovsdb-server /usr/local/etc/ovs-vswitchd.conf.db --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,managers --private-key=db:SSL,private_key --certificate=db:SSL,certificate --bootstrap-ca-cert=db:SSL,ca_cert --detach root 870 1 0 20:32 ? 00:00:00 ovs-vswitchd unix:/usr/local/var/run/openvswitch/db.sock --detach }}} Make a bridge with ovs-vsctl: {{{ ovs-vsctl add-br br0 ovs-vsctl add-port br0 wlan0 ovs-vsctl add-port br0 eth0 }}} You should be able to check it's ports: {{{ ovs-vsctl list-ports br0 eth0 wlan0 }}} Finally start the hostapd serivce. {{{ serivce hostapd start }}} There should be some messages in dmesg pertaining to all the software wakening up: {{{ [ 15.473431] ath5k phy0: Atheros AR5212 chip found (MAC: 0x56, PHY: 0x41) [ 15.473447] ath5k phy0: RF5112B multiband radio found (0x36) [ 15.473469] cfg80211: Calling CRDA for country: CO [ 15.524393] cfg80211: Regulatory domain changed to country: CO [ 15.524408] (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp) [ 15.524422] (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2700 mBm) [ 15.524434] (5170000 KHz - 5250000 KHz @ 20000 KHz), (300 mBi, 1700 mBm) [ 15.524447] (5250000 KHz - 5330000 KHz @ 20000 KHz), (300 mBi, 2300 mBm) [ 15.524459] (5735000 KHz - 5835000 KHz @ 20000 KHz), (300 mBi, 3000 mBm) [ 16.312894] skge eth1: Link is up at 1000 Mbps, full duplex, flow control rx only [ 16.313169] ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [ 26.340042] eth1: no IPv6 routers present [ 1510.062100] Open vSwitch 1.1.0pre2, built Sep 22 2010 19:35:08 }}} and ifconfig should have a wlan0 monitor interface: {{{ mon.wlan0 Link encap:UNSPEC HWaddr 00-60-B3-AC-A1-CE-30-30-00-00-00-00-00-00-00-00 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:710 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:58973 (58.9 KB) TX bytes:0 (0.0 B) }}} Finally instruct the virtual switch to talk to the controller: {{{ ovs-vsctl set-controller br0 tcp:10.50.0.13:6634 --datapath-id=0000000fea4a8afe }}} '''NOTE'''': There are 4 extra zeros perpended on the DPID from what snac reports. ---- === 10/3/2010 === I've discovered a bug where after a client associates to the AP, a short while after packets get dropped. It seems to have something to do with ARPs but I can't isolate it. I've rolled all the startup commands into a script called start_ap.rb (I use ruby to wrap the exec calls). The start ap script assumes the database has already been primed with the bridge interfaces, etc... And that hostapd starts on reboot, it also has to bring up eth0 (nothing in the bridge does this). Currently it does not accept any paramters, it does however Invoke some calls. At some point I might need to adjust this to fix the SSID. I've saved an image and am trying to push it out to multiple nodes so that I can run some more tests. === 10/05/2010 === After some experiments we discovered that the arp replies never get transmitted by the clients them selves. This is apparently a design feature intended to prevent arp table poisoning, and merging of the wireless and wired Ethernet broadcast domains. It's then the job of the access point, (the bridge in specific) to answer arps on behalf of the hosts on opposite sides of the bridge. This was confirmed by running a capture in the air and on the wire simultaneously, then originating a ping from the wired side in the winlab network with CISCO ap. On the originating client I can see an arp request go out and an arp reply come back, but in the air an independent listener sees the arp request but not the reply. The next step was to check if the Linux bridge tools did this as well. I installed a baseline system and then installed hostapd and bridge-utils. I modified hostapd in a similar fashsion, and used brctl to create br0 and added the interfaces to it. Initally this did not work but looking at the [http://en.gentoo-wiki.com/wiki/Atheros_Ath5k_Wireless_Access_Point refrence] , it was pointed out that I needed assign an ip to the bridge interface as well. I guess the bridge interface needs an IP to craft packets IP packet responses, even tho this ip had nothing to do with the subnet I was passing traffic for. This was apparently the problem in the case of openVswitch as well. Once the interface was assigned an ip, ping packets make it to the wired host. TODO: * Fix script to set and IP for br0 * figure out why the virtual switch no longer shows up in snac '''DONE''' * fix the startup scripts to not stat the ap with out the bridge. (remove hostapd from startup) * perhaps rebuild on the new 5.2 baseline. * Compute a DPID and SSID from current IP. ---- Apparently if the bridge interface is up (which will be the case if you give it an ip address) then the virtual switch can't register with snac. (why this is is a great questions but we'll have to save that for later (an e-mail to openvswitch group). === 10/13/2010 === We're abondonning the openvswithc software in favor of standfords home brew swtich stuff. Starting from 5.2 baseline: {{{ root@node1-7:~# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 9.10 Release: 9.10 Codename: karmic }}} 1. Get the build tools and hostpad {{{ apt-get install build-essential hostapd git-core autoreconf libtool }}} 1. Get their software switch {{{ git clone git://openflowswitch.org/openflow }}} 1.