Hi,
I know I asked this question some time ago but I didn´t got it till now so I have to ask again. I know that Batman advanced does the meshing on layer 2 and has nothing to do with layer 3.
We have a wonderfull working Batman advanced network now which we use with IPv4. Communication inside the networks works verry well and everything is fine.
Now I want to go from the Batman advanced mesh network to the internet. Therefor we have several gateways which I can use to get into the internet. To use one of the gateways, I only have to set the default route of the mesh- client to the gateways IPv4 address.
How can I do this automatically and how can I automatically choose the best gateway for my client? I know that Batman advanced does not do this for now but I already saw something that sounded like made for this in the trunk version and on the manpage of batctl. The function is called gw_mode.
*How do you this? *What do you recommend for this task? *What´s about the funktion in trunk? Is the function made for this? **If so why do you mix Layer 2 and Layer 3 now? **When do you think this function will be in the stable release?
Sorry for so many questions but I´m a bit confused^^ Clemens
Hi,
I know I asked this question some time ago but I didn´t got it till now so I have to ask again.
some mails get lost in this stream, so just keep bothering us until you have your answers. :)
How can I do this automatically and how can I automatically choose the best gateway for my client? I know that Batman advanced does not do this for now but I already saw something that sounded like made for this in the trunk version and on the manpage of batctl. The function is called gw_mode.
Yes, there is such a functionality. The online manpage shows the version of the trunk.
*How do you this? *What do you recommend for this task? *What´s about the funktion in trunk? Is the function made for this?
It requires each gateway to have a DHCP server running. The clients will select their gateway and relay the dhcp requests via unicast to the selected gateway only. You only need to activate the gateway / client mode and have a dhcp server running.
**If so why do you mix Layer 2 and Layer 3 now?
If you don't want to mix layer2 / layer3 then just don't use this feature. It is disabled per default. If you have a better idea how to handle multiple gateways in a layer2 mesh we are very open to your suggestions. :)
**When do you think this function will be in the stable release?
Unfortunately, we did not get around finishing it to the point that we feel comfortable with releasing this feature. I think the trunk is quite stable but still lacks some things. E.g. blacklisting / whitelisting gateways, IPv6, etc.
Regards, Marek
Am Dienstag 06 Juli 2010, 22:15:45 schrieb Marek Lindner:
It requires each gateway to have a DHCP server running. The clients will select their gateway and relay the dhcp requests via unicast to the selected gateway only. You only need to activate the gateway / client mode and have a dhcp server running.
Okay I did this but I have some questions left:
Does the DHCP server on the gateway need to distribute IP-Adresses? If so I think they have to be distributet on the batman interface right?
Does the Batman advanced interface on the clients need to request an IP-Adress from the DHCP server or can I also set a static IP adress?
If the clients need to request an IP adress from the DHCP server, where is the difference between requesting an IP without Batman advanced and with Batman advanced? Does Batman advanced say from wich server to request the IP or which default route to choose?
**If so why do you mix Layer 2 and Layer 3 now?
If you don't want to mix layer2 / layer3 then just don't use this feature. It is disabled per default. If you have a better idea how to handle multiple gateways in a layer2 mesh we are very open to your suggestions. :)
Sry for this question we just discussed this on the last community meeting and somebody wondered if this is the most beautiful way. Maybe it´s not but you are right there is no other way.
Unfortunately, we did not get around finishing it to the point that we feel comfortable with releasing this feature. I think the trunk is quite stable but still lacks some things. E.g. blacklisting / whitelisting gateways, IPv6, etc.
Okay but it will likely be usable without crashing right?
Last but not least: How can I configure batman advanced in /etc/config/batman-adv to enable gw server/client mode?
Greetings Clemens
On Tuesday, July 06, 2010 23:46:36 Clemens John wrote:
Okay I did this but I have some questions left:
No problem. :)
Does the DHCP server on the gateway need to distribute IP-Adresses?
The server should distribute IP addresses and a default route to itself. I'm not sure whether you will find a dhcp server which does not distribute IPs but default routes.
If so I think they have to be distributet on the batman interface right?
Correct.
Does the Batman advanced interface on the clients need to request an IP-Adress from the DHCP server or can I also set a static IP adress?
That depends on your needs. Any interface which is supposed to use the gateway feature has to run a dhcp client. If the batX interface on the client does not need it you can give it a static address. If you just want to define the IP address of a specific host you can also work with aliases / multiple IPs per interface.
If the clients need to request an IP adress from the DHCP server, where is the difference between requesting an IP without Batman advanced and with Batman advanced? Does Batman advanced say from wich server to request the IP or which default route to choose?
Normal dhcp requests are broadcasted through the entire network. Every dhcp server that receives this request will answer. If the client receives multiple answers it depends on the implementation to choose its "favorite" dhcp server. Most clients simply use the first server that answered. If you enable the gateway client this request will not be broadcasted but directly sent to the chosen gateway. The other dhcp servers will not receive this dhcp request.
Sry for this question we just discussed this on the last community meeting and somebody wondered if this is the most beautiful way. Maybe it´s not but you are right there is no other way.
We had this layer2/layer3 discussion quite often and this is the compromise we managed to achieve. It only works when enabled and indirectly via dhcp. It is not "beautiful" but it works. :)
Okay but it will likely be usable without crashing right?
No, it should not crash. I'm using it on a daily basis without problems.
How can I configure batman advanced in /etc/config/batman-adv to enable gw server/client mode?
Since it was not part of an official release it also is not supported by the uci scripts. You would have add it yourself.
Regards, Marek
Thank you a lot for you answers!
I still got two question left that I remembered when I read your answers: We discussed our networksetup on IRC (you remember?) and we decided to choose the setup with tinc an not sending batman advanced packages over VPN.
Now batman advanced nodes behind the VPN does not get listet in the originator tables of nodes on the other side of the VPN. But do they get listed on the gateway list? Can Batman advanced choose a gateway behind the VPN?
I can not test this at the moment so I have to ask.
Last one: Is it right that the trunk version of batman advanced is not compatible with Batman advanced 0.2.1? Is trunk compatible with 2010.0.0?
Thank you Clemens
Am Mittwoch 07 Juli 2010, 00:06:51 schrieb Marek Lindner:
On Tuesday, July 06, 2010 23:46:36 Clemens John wrote:
Okay I did this but I have some questions left:
No problem. :)
Does the DHCP server on the gateway need to distribute IP-Adresses?
The server should distribute IP addresses and a default route to itself. I'm not sure whether you will find a dhcp server which does not distribute IPs but default routes.
If so I think they have to be distributet on the batman interface right?
Correct.
Does the Batman advanced interface on the clients need to request an IP-Adress from the DHCP server or can I also set a static IP adress?
That depends on your needs. Any interface which is supposed to use the gateway feature has to run a dhcp client. If the batX interface on the client does not need it you can give it a static address. If you just want to define the IP address of a specific host you can also work with aliases / multiple IPs per interface.
If the clients need to request an IP adress from the DHCP server, where is the difference between requesting an IP without Batman advanced and with Batman advanced? Does Batman advanced say from wich server to request the IP or which default route to choose?
Normal dhcp requests are broadcasted through the entire network. Every dhcp server that receives this request will answer. If the client receives multiple answers it depends on the implementation to choose its "favorite" dhcp server. Most clients simply use the first server that answered. If you enable the gateway client this request will not be broadcasted but directly sent to the chosen gateway. The other dhcp servers will not receive this dhcp request.
Sry for this question we just discussed this on the last community meeting and somebody wondered if this is the most beautiful way. Maybe it´s not but you are right there is no other way.
We had this layer2/layer3 discussion quite often and this is the compromise we managed to achieve. It only works when enabled and indirectly via dhcp. It is not "beautiful" but it works. :)
Okay but it will likely be usable without crashing right?
No, it should not crash. I'm using it on a daily basis without problems.
How can I configure batman advanced in /etc/config/batman-adv to enable gw server/client mode?
Since it was not part of an official release it also is not supported by the uci scripts. You would have add it yourself.
Regards, Marek
On Wednesday, July 07, 2010 00:21:38 Clemens John wrote:
I still got two question left that I remembered when I read your answers: We discussed our networksetup on IRC (you remember?) and we decided to choose the setup with tinc an not sending batman advanced packages over VPN.
Oh yeah, I remember. Did you document your setup somewhere ? Others might find it useful to see why & how you did it.
Now batman advanced nodes behind the VPN does not get listet in the originator tables of nodes on the other side of the VPN. But do they get listed on the gateway list? Can Batman advanced choose a gateway behind the VPN?
No, because the gateway information travel with the OGMs which you don't have on your VPN. Sending dhcp requests via unicast also does not work because the VPN interfaces are not controlled by batman.
Last one: Is it right that the trunk version of batman advanced is not compatible with Batman advanced 0.2.1? Is trunk compatible with 2010.0.0?
No, the trunk is not compatible with any stable version. This has a very simple reason: It contains features which either change the packet format or change the behaviour or both. For instance, the gateway feature changes the packet format ...
Cheers, Marek
Am Mittwoch 07 Juli 2010, 00:30:30 schrieb Marek Lindner:
On Wednesday, July 07, 2010 00:21:38 Clemens John wrote:
I still got two question left that I remembered when I read your answers: We discussed our networksetup on IRC (you remember?) and we decided to choose the setup with tinc an not sending batman advanced packages over VPN.
Oh yeah, I remember. Did you document your setup somewhere ? Others might find it useful to see why & how you did it.
Yes we did some verry little documentation [1] but this is still the pure configuraion without explenations because we are currently testing some different configurations for example some IPv6 stuff and a script which can automatically announce tinc installations with configuration and certificates on a central server for automatic tinc installations etc..
I hope this will get better in the next time.
[1] http://wiki.freifunk- ol.de/index.php?title=OpenWrt_Freifunk_Standartkonfiguration
Now batman advanced nodes behind the VPN does not get listet in the originator tables of nodes on the other side of the VPN. But do they get listed on the gateway list? Can Batman advanced choose a gateway behind the VPN?
No, because the gateway information travel with the OGMs which you don't have on your VPN. Sending dhcp requests via unicast also does not work because the VPN interfaces are not controlled by batman.
Mhh... The only way to solve this would be to send whole batman advanced frames over Tinc VPN right (we called this solution 3 in the irc session)?
Would this be possible? I know that we than have the MTU problem again and higher traffic load (what would not be so fatal because we have no cetral server with tinc).
Our current setup makes not much sense if we use Batman advanced with gateway mode because we do not have a gateway in each cloud and it would be difficult to get one to each cloud. The best way would be a solution that can use all gateways available in the network without extra configuration for each cloud.
Can you give me a short example of how to fix the mtu problem with this method? Offcourse we are going to document both solutions ;)
Thank you Clemens
On Wednesday, July 07, 2010 01:45:30 Clemens John wrote:
Yes we did some verry little documentation [1] but this is still the pure configuraion without explenations because we are currently testing some different configurations for example some IPv6 stuff and a script which can automatically announce tinc installations with configuration and certificates on a central server for automatic tinc installations etc..
I hope this will get better in the next time.
That would be great!
Our current setup makes not much sense if we use Batman advanced with gateway mode because we do not have a gateway in each cloud and it would be difficult to get one to each cloud. The best way would be a solution that can use all gateways available in the network without extra configuration for each cloud.
This sounds overly complicated. I don't fully understand your setup & requirements yet which is also one reason for asking for documentation. What your are trying to solve is this (I'm guessing here):
wifi client <> batman node <> VPN <> batman node <> batman with internet
And you have several of these "batman with internet" but not in each cloud and want each client to choose its best ?
Regards, Marek
Am Mittwoch 07 Juli 2010, 13:16:11 schrieb Marek Lindner:
Our current setup makes not much sense if we use Batman advanced with gateway mode because we do not have a gateway in each cloud and it would be difficult to get one to each cloud. The best way would be a solution that can use all gateways available in the network without extra configuration for each cloud.
This sounds overly complicated. I don't fully understand your setup & requirements yet which is also one reason for asking for documentation. What your are trying to solve is this (I'm guessing here):
wifi client <> batman node <> VPN <> batman node <> batman with internet
And you have several of these "batman with internet" but not in each cloud and want each client to choose its best ?
Right and the wifi clients have no batman advanced installed. Currently they are getting their IP and defaultroute from a central dhcp server.
Thank you Clemens
On Wednesday, July 07, 2010 13:25:51 Clemens John wrote:
Right and the wifi clients have no batman advanced installed. Currently they are getting their IP and defaultroute from a central dhcp server
Wow - when it comes to your setup and requirements you know how to keep your answer short. I hoped you would say a bit more ... :)
At this point I don't see why you would need to use the gateway feature at all. There is nothing to optimize.
Regards, Marek
Am Mittwoch 07 Juli 2010, 14:10:33 schrieb Marek Lindner:
On Wednesday, July 07, 2010 13:25:51 Clemens John wrote:
Right and the wifi clients have no batman advanced installed. Currently they are getting their IP and defaultroute from a central dhcp server
Wow - when it comes to your setup and requirements you know how to keep your answer short. I hoped you would say a bit more ... :)
At this point I don't see why you would need to use the gateway feature at all. There is nothing to optimize.
Yes the network is working well but in this setup the central dhcp server is the only gateway because I only get the defaultroute of this server.
What if I have more gateways? I know that I can set the defaultroute to this server by hand but a "normal" user can´t do this. I need a method to choose the gateway individually and automatically so that the user gets the best gateway available.
Are there any ideas to do this? Or am I completely on the wrong way?
Thank you Clemens
On Wed, Jul 07, 2010 at 02:33:53PM +0200, Clemens John wrote:
Am Mittwoch 07 Juli 2010, 14:10:33 schrieb Marek Lindner:
On Wednesday, July 07, 2010 13:25:51 Clemens John wrote:
Right and the wifi clients have no batman advanced installed. Currently they are getting their IP and defaultroute from a central dhcp server
Wow - when it comes to your setup and requirements you know how to keep your answer short. I hoped you would say a bit more ... :)
At this point I don't see why you would need to use the gateway feature at all. There is nothing to optimize.
Yes the network is working well but in this setup the central dhcp server is the only gateway because I only get the defaultroute of this server.
What if I have more gateways? I know that I can set the defaultroute to this server by hand but a "normal" user can´t do this. I need a method to choose the gateway individually and automatically so that the user gets the best gateway available.
Are there any ideas to do this? Or am I completely on the wrong way?
If I'm not wrong, at this point you could put a dhcp server on each gateway and use the gw-mode feature of batman, so that each gw will anounce itself as gw and a dhcp request, becoming from a client, will be redirected to the best gw in the mesh.
Please someone corrects me if I am wrong.
Thank you Clemens
Regards
Am Mittwoch 07 Juli 2010, 14:44:17 schrieb Antonio Quartulli:
Yes the network is working well but in this setup the central dhcp server is the only gateway because I only get the defaultroute of this server.
What if I have more gateways? I know that I can set the defaultroute to this server by hand but a "normal" user can´t do this. I need a method to choose the gateway individually and automatically so that the user gets the best gateway available.
Are there any ideas to do this? Or am I completely on the wrong way?
Marek asked me to describe our setup a bit more particularly so I´ll try to:
We have several clouds that can not see each other via WLAN. These clouds are connected to each other with Tinc VPN via the Internet. Batman runs only on WLAN, not on the VPN. The clients usually have no Batman advanced but connecting via a wlan interface which is bridged with bat0. The Tinc VPN interface is bridged with bat0 too.
All Nodes which are not a gateway have a link local IPv6 address only. We have a node with a DHCP server which is also gateway. This node has an IPv4 address and distributes IPv4 addresses with DHCP. Clients now get an IPv4 address from this node and set their default route to this node to get Internet.
The exact setup (only configurationfiles) is listed here: http://wiki.freifunk-ol.de/index.php?title=OpenWrt_Freifunk_B.A.T.M.A.N- advanced_konfiguration_2
With Tinc we are now well decentralised but we currently have the centralised gateway solution left so we would also like to decentralize the Gateway thing. That means multiple gateways with DHCP servers in different clouds (but not in every cloud). Each client should in theory have access to any gateway, but in practice they always get automatically access to the internet via the best possible gateway.
The question why the traffic is in some cases first routet through the VPN and then headed to the Internet is pretty easy to answer: We have 3 clouds. In two of them are people who are confident (the whole is indeed always a matter of law) with offering a gateway. The third cloud now in theory is connected to the Internet. But the person who offers the connection to the VPN does not want to head the traffic of the network through his connection direcly to the internet (because of reasons of law) so clients in this cloud have to use a gateway on the other side of the VPN.
If I'm not wrong, at this point you could put a dhcp server on each gateway and use the gw-mode feature of batman, so that each gw will anounce itself as gw and a dhcp request, becoming from a client, will be redirected to the best gw in the mesh.
Please someone corrects me if I am wrong.
This sounds interesting. Is this practicalbe? Has somebody tried this already or does someone know a better solution?
Btw.: Big thank you for so much patience ;) I´m also online on irc so maybe we can discuss these questions there?
Greetings Clemens
Am Mittwoch 07 Juli 2010, 00:30:30 schrieb Marek Lindner:
Now batman advanced nodes behind the VPN does not get listet in the originator tables of nodes on the other side of the VPN. But do they get listed on the gateway list? Can Batman advanced choose a gateway behind the VPN?
No, because the gateway information travel with the OGMs which you don't have on your VPN. Sending dhcp requests via unicast also does not work because the VPN interfaces are not controlled by batman.
I just had another Idea but I´m not shure if this will work.
If we don´t use the Batman advanced gateway feature but run a DHCP Server on gateways only, would a client always choose the "nearest" DHCP server?
So if I´m connected wireless to a router that is a gateway and runs a dhcp server would my laptop always choose this router as defaultroute also if there are other routers in the network with a dhcp server running?
If this works I can not choose the "best" gateway, but I would always have the nearest gateway.
If this works, is it possible that all dhcp servers distribute the same ip range? Will a client/server notice which IP´s are already assigned to clients?
Thank you Clemens
On Wed, Jul 07, 2010 at 12:33:47PM +0200, Clemens John wrote:
Am Mittwoch 07 Juli 2010, 00:30:30 schrieb Marek Lindner:
Now batman advanced nodes behind the VPN does not get listet in the originator tables of nodes on the other side of the VPN. But do they get listed on the gateway list? Can Batman advanced choose a gateway behind the VPN?
No, because the gateway information travel with the OGMs which you don't have on your VPN. Sending dhcp requests via unicast also does not work because the VPN interfaces are not controlled by batman.
I just had another Idea but I?m not shure if this will work.
If we don?t use the Batman advanced gateway feature but run a DHCP Server on gateways only, would a client always choose the "nearest" DHCP server?
It will likely choose the first to reply. You cannot guarantee the first to reply is the nearest, it depends on what else they are is doing at the same time, e.g. the nearest could be busy moving packets between networks so has higher latency than an idle device a bit further away.
If this works, is it possible that all dhcp servers distribute the same ip range? Will a client/server notice which IP?s are already assigned to clients?
Not recommended. Often the server will test to see if the address is in use by ping'ing it, but this is not always implemented and is not a guaranteed to work in all conditions. It is much better to allocate to each server a unique range of addresses. These can however be inside the same subnet.
Andrew
b.a.t.m.a.n@lists.open-mesh.org
-
Andrew Lunn -
Antonio Quartulli -
Clemens John -
Marek Lindner