Hi all,
I have three nodes (connected through wifi) running batman-adv,
node_1 ------ node_2 ------node_3
They have ip address ipv4 10.42.43.1 , 2 , 3 respectively.
Now, all the nodes are connected to each other.
To see the bandwidth and jitter patterns through relaying, I decided to disconnect node_1 and node_3.
In node_1 ,
sudo iptables -A INPUT -s 10.42.43.3 -j DROP
When, I now run batman-adv protocol, node_1 still finds node_3 without node_2 being involved.
Though they cannot ping and avahi doesn't run, batman-adv shows them as 1 hop neighbors.
How can I disconnect node_1 from node_3 so that I can see the 2 hop patterns.
Thankyou in advance.
Max
On Monday, July 04, 2011 14:45:57 Max Ip wrote:
sudo iptables -A INPUT -s 10.42.43.3 -j DROP
When, I now run batman-adv protocol, node_1 still finds node_3 without node_2 being involved.
Though they cannot ping and avahi doesn't run, batman-adv shows them as 1 hop neighbors.
How can I disconnect node_1 from node_3 so that I can see the 2 hop patterns.
batman-adv operates on layer 2 - the mac address layer. IP addresses are irrelevant for the mesh to work. You can remove all IP addresses and the nodes still find each other (try batctl ping or batctl traceroute when you have no IP addresses configured). Therefore blocking the IP traffic does not interrupt anything. You'd have to block mac addresses via ebtables or similar tools.
Regards, Marek
Hi all,
This is something to be posted in other forums. But just wanted to know if you faced the same problem.
I tried to drop the connections between the end users (node_1 and node_3) of
node_1 ----node_2-----node_3
iptables -t raw -A PREROUTING -i wlan0 -m mac --mac-source 00:13:a9:c3:ae:8f -j DROP
but the protocol still doesn't show the two hop environment.
On Mon, Jul 4, 2011 at 2:55 PM, Marek Lindner lindner_marek@yahoo.de wrote:
On Monday, July 04, 2011 14:45:57 Max Ip wrote:
sudo iptables -A INPUT -s 10.42.43.3 -j DROP
When, I now run batman-adv protocol, node_1 still finds node_3 without node_2 being involved.
Though they cannot ping and avahi doesn't run, batman-adv shows them as 1 hop neighbors.
How can I disconnect node_1 from node_3 so that I can see the 2 hop patterns.
batman-adv operates on layer 2 - the mac address layer. IP addresses are irrelevant for the mesh to work. You can remove all IP addresses and the nodes still find each other (try batctl ping or batctl traceroute when you have no IP addresses configured). Therefore blocking the IP traffic does not interrupt anything. You'd have to block mac addresses via ebtables or similar tools.
Regards, Marek
On Mon, Jul 04, 2011 at 06:06:19PM +0200, Max Ip wrote:
Hi all,
This is something to be posted in other forums. But just wanted to know if you faced the same problem.
I tried to drop the connections between the end users (node_1 and node_3) of
node_1 ----node_2-----node_3
iptables -t raw -A PREROUTING -i wlan0 -m mac --mac-source 00:13:a9:c3:ae:8f -j DROP
This will not work because in this way you are blocking IP datagram with source mac address equal to 00:13:a9:c3:ae:8f. Batman packets are not IP datagram, so you can't block them by means of iptables.
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
Regards,
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
What about using a bridge over the actual device to simulate the bad link together with ebtables? This would resolve the problem that batman-adv must be ebtables aware.
Kind regards, Sven
On Mon, Jul 04, 2011 at 08:29:14PM +0200, Sven Eckelmann wrote:
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
What about using a bridge over the actual device to simulate the bad link together with ebtables? This would resolve the problem that batman-adv must be ebtables aware.
You mean enslave wlan0 (e.g.) to br0 and then put br0 into bat0? If so, it sounds good, because at that point you can use ebtables against frames going through br0.
Regards,
I tried ebtables to block the mac address of the neighboring node.
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP sudo ebtables -I INPUT -s 00:1b:77:06:1c:15 -j DROP
But the batctl o command still shows 00:1b:77:06:1c:15 as one of the originators.
My question is won't the enslaving wlan0 to br0 have the same problem because the mac address for both br0 and wlan0 will be the same?
On Mon, Jul 4, 2011 at 8:39 PM, Antonio Quartulli ordex@autistici.org wrote:
On Mon, Jul 04, 2011 at 08:29:14PM +0200, Sven Eckelmann wrote:
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
What about using a bridge over the actual device to simulate the bad link together with ebtables? This would resolve the problem that batman-adv must be ebtables aware.
You mean enslave wlan0 (e.g.) to br0 and then put br0 into bat0? If so, it sounds good, because at that point you can use ebtables against frames going through br0.
Regards,
-- Antonio Quartulli
..each of us alone is worth nothing.. Ernesto "Che" Guevara
This one is useless because batman-adv use broadcast as destination and moreover your are dropping a mac address that is not on your machine as source in OUTPUT chain this doesn't make sense
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP
you can use also iptables that is already installed do to this with --mac-source option without installing ebtables
2011/7/6 Max Ip ipmax2011@googlemail.com:
I tried ebtables to block the mac address of the neighboring node.
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP sudo ebtables -I INPUT -s 00:1b:77:06:1c:15 -j DROP
But the batctl o command still shows 00:1b:77:06:1c:15 as one of the originators.
My question is won't the enslaving wlan0 to br0 have the same problem because the mac address for both br0 and wlan0 will be the same?
On Mon, Jul 4, 2011 at 8:39 PM, Antonio Quartulli ordex@autistici.org wrote:
On Mon, Jul 04, 2011 at 08:29:14PM +0200, Sven Eckelmann wrote:
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
What about using a bridge over the actual device to simulate the bad link together with ebtables? This would resolve the problem that batman-adv must be ebtables aware.
You mean enslave wlan0 (e.g.) to br0 and then put br0 into bat0? If so, it sounds good, because at that point you can use ebtables against frames going through br0.
Regards,
-- Antonio Quartulli
..each of us alone is worth nothing.. Ernesto "Che" Guevara
On Wed, Jul 06, 2011 at 11:47:36AM +0200, Gioacchino Mazzurco wrote:
This one is useless because batman-adv use broadcast as destination and moreover your are dropping a mac address that is not on your machine as source in OUTPUT chain this doesn't make sense
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP
you can use also iptables that is already installed do to this with --mac-source option without installing ebtables
As already mentioned, this will not work. iptables only affects IP packets. All the traffic below the IP-level will not be blocked.
Regards,
For the three nodes:
mac_a ------ mac_b ------mac_c
I bridged the eth1 interface for both mac_a and mac_c.
iface br0 inet dhcp bridge_ports eth0 eth1
ifup br0
However, for mac_b I didn't bridge since there we are not supposed filter connection to mac_b.
Now, I installed batman-adv2011.1.0 on mac_a and mac_c and filtered the mac address using:
ebtables -I INPUT -s MAC -j DROP
As predicted, the batctl ping mac had no reply for these nodes. Also, the nodes didn't detect each other.
Now, I installed batman-adv-2011.1.0 on mac_b.
After running batman on mac_b,
mac_a could see OGM from mac_c through neighbors and the pinging command also worked between the end users.
So, the multihop environment runs well with ebtables now. Thanks to all who replied.
Now, I want test the bandwidth, CPU usage and throughput usage in single hop and double hop cases.
I found the tool iperf for bandwidth measurement but it is IP based again. Is there any tool to measure bandwidth via mac address?
What I am thinking is to assign IP address to bat0 interface for each nodes and use iperf or jperf.
Also, what bandwidth pattern can I expect for the single hop and double hop cases?
Thanks in advance.
Max
On Wed, Jul 6, 2011 at 11:50 AM, Antonio Quartulli ordex@autistici.org wrote:
On Wed, Jul 06, 2011 at 11:47:36AM +0200, Gioacchino Mazzurco wrote:
This one is useless because batman-adv use broadcast as destination and moreover your are dropping a mac address that is not on your machine as source in OUTPUT chain this doesn't make sense
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP
you can use also iptables that is already installed do to this with --mac-source option without installing ebtables
As already mentioned, this will not work. iptables only affects IP packets. All the traffic below the IP-level will not be blocked.
Regards,
-- Antonio Quartulli
..each of us alone is worth nothing.. Ernesto "Che" Guevara
On Wed, Jul 06, 2011 at 11:41:53AM +0200, Max Ip wrote:
I tried ebtables to block the mac address of the neighboring node.
sudo ebtables -I OUTPUT -s 00:1b:77:06:1c:15 -j DROP sudo ebtables -I INPUT -s 00:1b:77:06:1c:15 -j DROP
These commands won't have effect on not-bridge interfaces. That's why you are still able to see 00:1b:77:06:1c:15 in your originator table.
But the batctl o command still shows 00:1b:77:06:1c:15 as one of the originators.
My question is won't the enslaving wlan0 to br0 have the same problem because the mac address for both br0 and wlan0 will be the same?
Why do you care about the wlan0/br0 mac address? Am I missing something?
Regards,
On Monday, July 04, 2011 20:22:56 Antonio Quartulli wrote:
As Marek suggested, you should use something like ebtables. But honestly I remember that ebtables support has been removed from batman some time ago.
You can still filter all packets from a certain mac address with ebtables. The batman-adv ebtables support was to filter specific batman-adv packets.
Cheers, Marek
b.a.t.m.a.n@lists.open-mesh.org
-
Antonio Quartulli -
Gioacchino Mazzurco -
Marek Lindner -
Max Ip -
Sven Eckelmann