[Commotion-dev] Serval security summary
Jeremy Lakeman
Jeremy.Lakeman at gmail.com
Tue Apr 3 23:08:22 UTC 2012
We (Serval) have some ideas for routing, but we haven't started
implementing anything yet. I have been doing some R&D on some new
ideas for link quality measurements, but we haven't really started
looking at the higher level routing problem yet.
An initial version might work in parallel to some other routing
daemon, eg olsr. The overlay layer would translate from public key to
current IP address, then consult the routing table to work out which
peer is the next hop. In this mode it should be possible for packets
to traverse an existing network without replacing the routing daemon
on every device.
There are some reasons why I don't like olsr / batman layer 3 routing.
The need to sense topology via broadcast packets, since the routing
table would prevent you sending test unicast packets to 2 hop
neighbours, this makes sensing link failures and new links take way
too long IMHO. You have much more flexibility operating at layer 2 or
4.
Eventually we intend to route across different networking protocols
and between networks that might be sharing the same IP addresses. eg
small networks of android phones in hotspot mode all with 192.168.43.X
addresses, with additional bluetooth links between them.
In my own research, with the android phones we have in reasonable
quantities, I've noticed that wifi burst mode consumes waaaaay too
much air time when a link suddenly fails. Though I haven't established
if this is systemic to wifi, or limited to this specific chipset. The
802.11 spec leaves dealing with burst failures up to the implementer.
Linux buffer bloat is also really annoying, it's far too easy to be
reacting to stale topology information.
Combine these two issues and building a map of a highly mobile network
is almost impossible with any reasonable traffic volume. Using BATMAN
for example, with mobile nodes, poor slightly directional antennas,
and obstructions, gives a voice channel that is almost continuously
dropping out.
On Wed, Apr 4, 2012 at 6:40 AM, Josh King <joshking at newamerica.net> wrote:
> Hi all,
>
> I just wanted to share out a document for discussion that I got a while
> back and have been meaning to send out, namely a summary of some of the
> security architecture that the Serval Project is working on for
> Commotion. It's just a general summary at this point, but there will be
> more forthcoming.
>
> One question that I wanted to pose is: the document doesn't talk much
> about routing. Is there a sense of how routing is going to work in the
> secure overlay network, or am I missing that in the document?
>
> Thanks to the Serval folks for providing this!
> --
> Josh King
> Technical Lead
> Open Technology Initiative
> New America Foundation
>
> _______________________________________________
> Commotion-dev mailing list
> Commotion-dev at lists.chambana.net
> http://lists.chambana.net/mailman/listinfo/commotion-dev
>
More information about the Commotion-dev
mailing list