Monday, December 20, 2010

The second node

The tower pc that was the subject of the previous post is going to be placed in the garage. It will be always ON and it has to be accessed from the comfort of the living room. Did I mention that the electrician did a beautiful job? The garage, the rooms and the roof are wired. The guy of the WISP mounted their router in the roof. So, at the moment my tower pc is inside the house, but when I move it in the garage I will not need to do any change.
As suggested in a comment, I had a look at chkconfig, update-rc.d, sysv-rv-conf, ... There are many tools to configure/enable/disable a service as NetworkManager. Since Ubuntu has update-rc.d installed by default I will try and use it.
But all this is not quite on-topic.

Let's go back to netsukuku. My next installation will be on a netbook that will stay in the apartment. It is a Dell Mini 9. It will be connected to the WISP-router and to the tower pc via its wired interface eth0. As with the previous install, the netbook will be able to reach netsukuku nodes and Internet nodes directly.
Then, the netbook will use its radio interface, by creating an ad-hoc wi-fi network, managing it only with netsukuku.

Installation steps

Firstly, I followed the instructions in the wiki page that I recently blogged about. This way I installed the dependencies, got the code to run the netsukuku daemon and configured ANDNA. I did not run the daemon immediately.

Secondly I followed the same steps as for the desktop pc in order to get rid of NetworkManager. I assigned a static IP to the eth0 interface and a default route via the router of my WISP.

sudo stop network-manager
sudo killall dhclient

sudo ip a del 192.168.1.193/24 dev eth0
sudo ip r flush table main

sudo ip a add 192.168.1.193 dev eth0
sudo ip r add 192.168.1.0/24 dev eth0
sudo ip r add default via 192.168.1.1 dev eth0
sudo tee /etc/resolv.conf <<EOF >/dev/null
nameserver 8.8.8.8
EOF

Thirdly, I created an ad-hoc wireless network. The BSSID is luca-ntk. I use no security on it because, AFAIK, the driver of the wireless chip in my laptop has some problems with it.

sudo ip link set eth1 down
sleep 1
sudo iwconfig eth1 mode ad-hoc essid luca-ntk channel 11
sleep 1
sudo ip link set eth1 up

Finally I run netsukuku this way:

cd netsukuku/pyntk
sudo /opt/stackless/bin/python2.6 ntkd -i eth0 eth1 -vvvv

and, on another terminal:

sudo tee /etc/resolv.conf <<EOF >/dev/null
nameserver 127.0.0.1
EOF

A look at the routing that ntkd is imposing

If you are not much interested in technical bits, feel free to skip this section.

The command "ip a" tells us that interface eth0 has 2 IP addresses, the one we set manually to use our ISP and the one assigned automatically by netsukuku. Furthermore, interface eth1 (my radio chip is identified with this name) has only one address, the same one of eth0 in the class 10.0.0.0/8.
Note: since this is the second node of a network, when it detects the presence of the other one, one of them is going to change its address and join the network created by the other one. Hence, if you run the command "ip a" immediately after the launch of pyntk, you might see an address that is not the final one. Just wait 15 seconds and you should be safe.

The commands "dig www.linux.com" and "dig -x 140.211.167.55" show that we can do lookup and inverse lookup on Internet names.
Note: the discrepancy that I noticed in the previous test still apply. The command "dig -x 74.125.232.113" returns NXDOMAIN when using a real DNS whilst it returns SERVFAIL when using our wrapper. If you have experience in DNS protocol and you're willing to help with this, you are welcome.

As before, the commands "ip r" and "ip rule" show that no routing rules are modified in the main table, but the new table "ntk" has been added. Its content is listed by the command "ip r list table ntk".
There is a route for the local neighbour 10.207.249.92 which has been detected on interface eth0. When we communicate with it we prefer to be identified by our address 10.62.80.193. This is important because the other address of ours (192.168.1.194) would not be guaranteed to be unique nor reachable from any other node of this netsukuku realm.

There is also a route for the class 10.192.0.0/11. Packets destined to this class's addresses will be routed via 10.207.249.92.
That class is a g-node of level 7. Indeed, in its default configuration pyntk will deploy a network with 8 levels of g-nodes and with 8 nodes per each g-node. This will consume the whole class 10.0.0.0/8 and provides 8^8 = 16 millions of places but requires only 8x8 = 64 destinations in the routing tables of the nodes.
As it was expected, our address (10.62.80.193) is not part of that class, whilst the address of the neighbour (10.207.249.92) is part of it.

There is, finally, the route for the whole class 10.0.0.0/8 which states "unreachable".
Hence, if we try to ping 10.1.1.1 we get immediately the error "Network is unreachable". If we try to ping 10.192.1.1 our node does not know if this exists, so it sends the packets to the gateway 10.207.249.92 and it answers back to us: "Destination Host Unreachable".

The command "ip rule" shows also another table. It has no name and its number is 199. This table is not looked up for all packets, instead it is looked up for packets marked with 0xc7.
As we see with the command "ip r list table 199", that table has a rule that states to drop (that's the meaning of blackhole) the packets destined to the afore mentioned class/g-node.
But, who marks the packet with 0xc7? We can see it with the command "sudo iptables -t mangle -L PREROUTING". It tells us that the kernel will mark the packets which have been sent to us by a particular MAC.
All this intricate bits are part (not the whole) of a mechanism that netsukuku uses to avoid the formation of looping paths. Perhaps I will blog later on the details of that, if the readers are curious. For the moment it is not much important, considered the aim of this blog.

The actual commands and their output as seen in my netbook were:

luca@luca-dell:~/netsukuku/pyntk$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
    link/ether 00:21:70:c8:0d:c0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.193/32 scope global eth0
    inet 10.62.80.193/32 scope global eth0
    inet6 fe80::221:70ff:fec8:dc0/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:23:08:1f:90:ba brd ff:ff:ff:ff:ff:ff
    inet 10.62.80.193/32 scope global eth1
    inet6 fe80::223:8ff:fe1f:90ba/64 scope link 
       valid_lft forever preferred_lft forever
luca@luca-dell:~/netsukuku/pyntk$ dig www.linux.com

; <<>> DiG 9.7.1-P2 <<>> www.linux.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44927
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.linux.com.   IN A

;; ANSWER SECTION:
www.linux.com.  2 IN A 140.211.167.55

;; Query time: 105 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:46:23 2010
;; MSG SIZE  rcvd: 47

luca@luca-dell:~/netsukuku/pyntk$ dig -x 140.211.167.55

; <<>> DiG 9.7.1-P2 <<>> -x 140.211.167.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17442
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;55.167.211.140.in-addr.arpa. IN PTR

;; ANSWER SECTION:
55.167.211.140.in-addr.arpa. 68 IN PTR fossology.org.

;; Query time: 106 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:46:49 2010
;; MSG SIZE  rcvd: 72

luca@luca-dell:~/netsukuku/pyntk$ ip r
192.168.1.0/24 dev eth0  scope link 
default via 192.168.1.1 dev eth0 
luca@luca-dell:~/netsukuku/pyntk$ ip rule
0: from all lookup local 
32764: from all fwmark 0xc7 lookup 199 
32765: from all lookup ntk 
32766: from all lookup main 
32767: from all lookup default 
luca@luca-dell:~/netsukuku/pyntk$ ip r list table ntk
10.207.249.92 dev eth0  scope link  src 10.62.80.193 
10.192.0.0/11 via 10.207.249.92 dev eth0  src 10.62.80.193 
unreachable 10.0.0.0/8 
luca@luca-dell:~/netsukuku/pyntk$ ping 10.1.1.1
connect: Network is unreachable
luca@luca-dell:~/netsukuku/pyntk$ ping 10.192.1.1
PING 10.192.1.1 (10.192.1.1) 56(84) bytes of data.
From 10.207.249.92 icmp_seq=1 Destination Host Unreachable
From 10.207.249.92 icmp_seq=2 Destination Host Unreachable
From 10.207.249.92 icmp_seq=3 Destination Host Unreachable
From 10.207.249.92 icmp_seq=4 Destination Host Unreachable
From 10.207.249.92 icmp_seq=5 Destination Host Unreachable
^C
--- 10.192.1.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 3999ms

luca@luca-dell:~/netsukuku/pyntk$ ip r list table 199
blackhole 10.192.0.0/11 
luca@luca-dell:~/netsukuku/pyntk$ sudo iptables -t mangle -L PREROUTING
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
MARK       all  --  anywhere             anywhere            MAC 00:16:76:B6:A7:24 MARK xset 0xc7/0xffffffff 
luca@luca-dell:~/netsukuku/pyntk$ 

Testing the achievements

I can use the Internet from both my machines as usual.

Recall that my first node has hostname = luca-desktop. My netbook has hostname = luca-dell.
If I issue a "dig luca-dell.ntk" from both the machines I now get the correct address. The same goes for luca-desktop.ntk.
If I issue a "dig -x 10.207.249.92" from both the machines I now get the correct hostname. The same goes for 10.62.80.193.

luca@luca-dell:~/netsukuku/pyntk$ dig luca-desktop.ntk

; <<>> DiG 9.7.1-P2 <<>> luca-desktop.ntk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15669
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;luca-desktop.ntk.  IN A

;; ANSWER SECTION:
luca-desktop.ntk. 299 IN A 10.207.249.92

;; Query time: 128 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:50:09 2010
;; MSG SIZE  rcvd: 50

luca@luca-dell:~/netsukuku/pyntk$ dig luca-dell.ntk

; <<>> DiG 9.7.1-P2 <<>> luca-dell.ntk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26160
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;luca-dell.ntk.   IN A

;; ANSWER SECTION:
luca-dell.ntk.  299 IN A 10.62.80.193

;; Query time: 111 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:50:20 2010
;; MSG SIZE  rcvd: 47

luca@luca-dell:~/netsukuku/pyntk$ dig -x 10.207.249.92

; <<>> DiG 9.7.1-P2 <<>> -x 10.207.249.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13233
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;92.249.207.10.in-addr.arpa. IN PTR

;; ANSWER SECTION:
92.249.207.10.in-addr.arpa. 2592000 IN PTR luca-desktop.NTK.

;; Query time: 375 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:50:32 2010
;; MSG SIZE  rcvd: 74

luca@luca-dell:~/netsukuku/pyntk$ dig -x 10.62.80.193

; <<>> DiG 9.7.1-P2 <<>> -x 10.62.80.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44114
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;193.80.62.10.in-addr.arpa. IN PTR

;; ANSWER SECTION:
193.80.62.10.in-addr.arpa. 2592000 IN PTR luca-dell.NTK.

;; Query time: 71 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Dec 20 22:50:41 2010
;; MSG SIZE  rcvd: 70

luca@luca-dell:~/netsukuku/pyntk$ ping luca-desktop.ntk
PING luca-desktop.ntk (10.207.249.92) 56(84) bytes of data.
64 bytes from luca-desktop.NTK (10.207.249.92): icmp_req=1 ttl=64 time=0.407 ms
64 bytes from luca-desktop.NTK (10.207.249.92): icmp_req=2 ttl=64 time=0.476 ms
64 bytes from luca-desktop.NTK (10.207.249.92): icmp_req=3 ttl=64 time=0.457 ms
64 bytes from luca-desktop.NTK (10.207.249.92): icmp_req=4 ttl=64 time=0.470 ms
64 bytes from luca-desktop.NTK (10.207.249.92): icmp_req=5 ttl=64 time=0.468 ms
^C
--- luca-desktop.ntk ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4002ms
rtt min/avg/max/mdev = 0.407/0.455/0.476/0.034 ms
luca@luca-dell:~/netsukuku/pyntk$ 

I issued the following commands on the deskop:

luca@luca-desktop:~/netsukuku/pyntk$ ping luca-dell.ntk
PING luca-dell.ntk (10.62.80.193) 56(84) bytes of data.
64 bytes from luca-dell.NTK (10.62.80.193): icmp_req=1 ttl=64 time=0.259 ms
64 bytes from luca-dell.NTK (10.62.80.193): icmp_req=2 ttl=64 time=0.278 ms
64 bytes from luca-dell.NTK (10.62.80.193): icmp_req=3 ttl=64 time=0.275 ms
64 bytes from luca-dell.NTK (10.62.80.193): icmp_req=4 ttl=64 time=0.275 ms
64 bytes from luca-dell.NTK (10.62.80.193): icmp_req=5 ttl=64 time=0.275 ms
^C
--- luca-dell.ntk ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 0.259/0.272/0.278/0.016 ms
luca@luca-desktop:~/netsukuku/pyntk$ 

I activated the "remote desktop" on the netbook and tried to access from the desktop, by using the name luca-dell.ntk. Here's a little shot of the result. You can see the result of one lookup (from the name luca-dell.ntk to the IP) and one reverse lookup (from the calling IP to the name luca-desktop.NTK)



If I have a look with another device to the wireless networks, I see the ad-hoc network named luca-ntk. Obviously, if I try to connect to it with a laptop/smartphone/xxx that has not netsukuku installed and running, then the connection will fail because the laptop searches for a DHCP server and there isn't.

That's it for the second node. Stay tuned for more!

No comments:

Post a Comment