Archive for June, 2011

MapServer improvement – GSoC 2011

Thursday, June 2nd, 2011

Wireless communities around the world are growing rapidly and year after year more and more people are interested in joining the new open wireless infrastructure. As more people join the various communities, new necessities arise. One of the key necessity in is to have a map server which is not only powerful and efficient but also easy to use for new comers.

This project will deal with Map Server for Wireless Community Networks (WCNs).
Map Servers are valuable tools for WCNs for monitoring and debugging networks as well as they could act as meeting point for inserting new nodes position and contacting other neighbor nodes. For this reason almost all WCNs have one map server that fits their needs  (e.g. Freimap, Nodewatcher, WNMAP etc).

However some of those map servers provide detailed information about the status of the network (such as collisions, information gathered through SNMP or light-weight CGI) that, depending on how these information are presented, could confuse new comers and web-site visitors.

On the other side, some other map servers (such as WNMAP) adopt a different philosophy and provide nice and simple interface.
Those map servers can be used even by non-tech users to i) signal their locations as “potential nodes” ii) contact other neighbor nodes to set up links and iii) measure distances between nodes in an easy way. The drawback is that these “easier” map servers usually fail in providing in-depth network information that could be really useful for network participant for monitoring and debugging purposes.

In this project I will blend some of the existing map server technologies and improve usability and interface in order to produce a powerful map server that is also easy to use.

The map server front-end will use Python for its back-end, leveraging on the Django Framework and on the NodeWatcher project.
The front end will be rebuild from scracth starting from the “easy” WNMAP interface and using HTML and Javascript. In particular, I will use the Jquery javascript library.

The produced work will have the following features:

– Big and nice map in which users could put their position and sign up as “Potential Node”. Once a node is up, it will be visualized on the map as an “Active Node”.
– Potential/Active nodes can be contacted via email, so that, using the map server, users could easily contact their neighbor for creating new links.
– Distance calculation between nodes.
– List of nodes, possibility of search a node or an address in the map.
– VPN topology map
– OLSR topology map

– Integration with a monitoring system to draw quality of links.
– Integration with a monitoring system to provide nodes information (devices, mac, ip, ssid, configurations).
– Try to implement some of the features of the proprietary Ubiquity Air Control such as web interface speed test for network link.

Source code ->

For more feature, news and implementatios ->

Contacs: Student Angelo & Mentor Lorenzo

L-VN Lite Virtual Network – GSoC 2011

Wednesday, June 1st, 2011

Most of the existing VPN solutions are based on user space tunneling (OPENVPN, TINC) and consume a large amount of CPU on copying packets from/to user space. Kernel based solutions (e.g.: IPsec VPNs) are more efficient in terms of CPU load but still consume CPU resources on cryptographic operations which sometimes are not even required. In many cases in facts, when the goal is simply the creation on a hub-and-spoke overlay network with a central server and several clients behind NAT, the preferred solution is to use OPENVPN with NULL CIPHER.

The idea of L-VN is to exploit the IP/UDP encapsulation kernel module proposed for GSoC 2010 to develop a VPN/Overlay tool based on IP/UDP encapsulation performed in kernel space with no “security services” for the encapsulated packets (i.e. no confidentiality, no authentication). The goal is to provide a lightweight overlay network tool that might be preferable to other VPN/Overlay solutions for devices with limited computational resources. The project is a proposal, and is sponsored by the Google Summer of Code 2011 program.

In details, this project requires 2 main tasks:

1) the IP/UDP encapsulation Kernel module needs to be finished and improved as for different technical details described in this README. Moreover, the incoming packets are currently intercepted with a NETFILTER hook and then decapsulated. To be eligible for a possible integration in the Linux Kernel, a different solution has to be found and implemented.

2) a client/server application for authentication, automatic tunnel establishment and NAT traversal has to be designed and developed. This application will basically provide the following features: a) (optional) mutual authentication; b) NAT reflexed address discovery and automatic tunnel establishment; c) NAT binding keep alive; d) automatic inactive tunnel de-allocation.

The source code will be publicly available through the ninux svn repository: Comments, remarks or any kind of support will be truly appreciated.