site-ffm icon indicating copy to clipboard operation
site-ffm copied to clipboard

Published 20 hours ago verified publisher icon freifunkMUC

[IDEA] FFMUC Routed only with B.A.T.M.A.N. inside the local mesh

Open awlx opened this issue 3 years ago • 37 comments

This is a draft idea how we could switch FFMUC to a routed approach without losing functionality of B.A.T.M.A.N. for local meshes.

Problem statement

We want to switch Freifunk Munich to a routed approach towards the gateways, because large layer2 domains pose too many problems. Also we want to get rid of the overhead of VXLAN and B.A.T.M.A.N. towards the gateways.

Idea

  • Use wireguard to connect to the Freifunk Munich gateways

  • Inside wireguard use a calculated link-local address which is derived from the public key

  • v6

    • Run radvd on nodes which have an established wireguard tunnel to announce the v6 /64 inside the local network
    • the local /64 is assigned via wgkex
    • Default route via the wireguard tunnel

  • v4

    • Use a fixed /20 per segment and set the next-hop to the v6 address of the gateway, also NAT on the node itself.
    • The node runs DHCP thus it becomes the default gateway for the local network. Also set B.A.T.M.A.N. GW Mode to server.
    • We need a transfer network between gateway and node

  • Meshing

    • The node runs B.A.T.M.A.N. for local meshing just the same as on "normal" Gluon

  • Why not babel?

    • We want to stay compatible to old nodes, which can just mesh like before.
    • A routing protocol is not needed in this approach, thus we avoid another failure domain.

What needs to be done?

  • Test setup with that approach (two raspberry PIs or smth)
  • Changes to gluon (dhcp-server, radvd, nat)
  • wgkex needs to get a backend database from which transfer v4 addresses are picked
  • wgkex also needs to have an database for v6 /64

Possible issues

  • Kernel of OpenWRT is too old and doesn't support v6 next-hops for v4
  • Meshing freaks out
  • IP address conflicts while roaming

Known Issues

  • No IPv4 Connectivity between clients which are not in the same local mesh
  • Potential IPv4 collisions in spontaneous meshes

Glossar

  • Nodes => Freifunk Router
  • Gateway => Supernode

Discussion

https://chat.ffmuc.net/freifunk/channels/firmware

Comments welcome! 🚀

awlx avatar Apr 06 '21 16:04 awlx