Your SlideShare is downloading. ×
0
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Wireless Hacking Talk
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Wireless Hacking Talk

1,991

Published on

Wireless Kernel Tweaking …

Wireless Kernel Tweaking

or how B.A.T.M.A.N. learned to fly

Kernel hacking definitely is the queen of coding but in order to bring mesh routing that one vital step further we had to conquer this, for us, unchartered territory. Working in the kernel itself is a tough and difficult task to manage, but the results and effectivity to be gained justify the long and hard road to success. We took on the mission to go down that road and the result is B.A.T.M.A.N. advanced which is a kernel land implementation of the B.A.T.M.A.N. mesh routing protocol specifically designed to manage Wireless MANs.

Published in: Economy & Finance, Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,991
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
110
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Introduction Walking down the layers Into kernelspace That's it! Wireless Kernel Tweaking or how B.A.T.M.A.N. learned to y Marek Lindner, Simon Wunderlich December 28, 2007 Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 2. Introduction Walking down the layers Into kernelspace That's it! Outline 1 Introduction what is a (dynamic) routing protocol? the B.A.T.M.A.N. approach 2 Walking down the layers layer 3 vs. layer 2 implementation issues bridging 3 Into kernelspace what's dierent interacting with the kernel 4 That's it! Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 3. Introduction Walking down the layers what is a (dynamic) routing protocol? Into kernelspace the B.A.T.M.A.N. approach That's it! Example scenario - 6:00 Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 4. Introduction Walking down the layers what is a (dynamic) routing protocol? Into kernelspace the B.A.T.M.A.N. approach That's it! Example scenario - 23:00 Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 5. Introduction Walking down the layers what is a (dynamic) routing protocol? Into kernelspace the B.A.T.M.A.N. approach That's it! Example scenario (2) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 6. Introduction Walking down the layers what is a (dynamic) routing protocol? Into kernelspace the B.A.T.M.A.N. approach That's it! Introduction to B.A.T.M.A.N. B.A.T.M.A.N. = better approach to mobile adhoc networks only decide next neighbour, not whole route topology is not used or known by nodes routing decisions are distributed by the nodes designed for lossy networks routing protocols internal is out of scope, we just assume it works ;) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 7. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Layer 3 - isn't that enough? B.A.T.M.A.N. alters routing tables kernel manages routing of payload trac this works only for IP, no IPv6, DHCP, IPX ... users have to make sure that everyone has an unique IP routing into/outside other networks is quite complex Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 8. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Let's try layer 2 write userspace proof-of-concept, then go to kernelspace instead of IPs, use MAC-addresses as identiers (should be[TM] unique per design) we provide a virtual switch-port bat0 to the user virtual Ethernet interface (TAP), all other nodes are just one (virtual) hop away IP, IPv6, DHCP, IPX already works on Ethernet, we have nothing to do can be used as bridge over multiple interfaces (e.g. WiFi and Ethernet) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 9. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Usage provide a virtual switch-port bat0 to the user k e r o :/# i f c o n f i g bat0 bat0 L i n k encap : E t h e r n e t HWaddr 0 0 : 1 3 : 3 7 : 9 1 : 4 2 : 3 7 i n e t 6 addr : f e 8 0 : : 2 1 7 : 1 3 f f : f e 3 7 :4237/64 Scope : L i n k UP BROADCAST RUNNING MULTICAST MTU: 1 4 7 2 M e t r i c : 1 RX p a c k e t s : 0 e r r o r s : 0 dropped : 0 o v e r r u n s : 0 frame : 0 TX p a c k e t s : 4 e r r o r s : 0 dropped : 0 o v e r r u n s : 0 c a r r i e r : 0 c o l l i s i o n s :0 txqueuelen :500 RX b y t e s : 0 ( 0 . 0 B) TX b y t e s : 3 2 8 ( 3 2 8 . 0 B) participants set IP adresses (etc.) on their bat0 interface k e r o :/# i f c o n f i g bat0 i n e t 1 9 2 . 1 6 8 . 1 0 . 2 3 k e r o :/# r o u t e add d e f a u l t gw 1 9 2 . 1 6 8 . 1 0 . 2 3 ( o r even b e t t e r : ) k e r o :/# d h c l i e n t bat0 Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 10. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! All the layer 2 belong to us! B.A.T.M.A.N. transports the Ethernet-Frame to the node with the destination MAC it does not care about IP-adresses etc, just as your switch OGMs and payload are encapsulated in our own Ethernet-Frames (Ethertype 0x0842) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 11. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Implementation TAP-interface bat0 receives/sends Ethernet-Frames from the user we decide which neighbour should receive it, based on the B.A.T.M.A.N. algorithm Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 12. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Bridging support B.A.T.M.A.N. collects MACs of participants behind the Bridge These lists are announced via HNA-Messages and ooded to all B.A.T.M.A.N. nodes With this, we have a decentralized MAC Translation Table Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 13. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Visualization Nice side eect: with the HNA information, the whole topology with the nodes behind the APs becomes visible Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 14. Introduction layer 3 vs. layer 2 Walking down the layers implementation issues Into kernelspace bridging That's it! Great - and now? proof-of-concept implementation in the userspace works quite well the problem is: performance! it should also run well on minimal embedded systems (Access Points, Cell Phones) typical path is: select(): wait for a packet read() it nd next hop, update tables etc. (pretty fast) write() it System Calls for read/write take very long time (switch to kernel mode and back, copy overhead) becomes a problem with high bandwidth usage, peak performance of the NICs can't be reached Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 15. Introduction Walking down the layers what's dierent Into kernelspace interacting with the kernel That's it! Put it into kernelspace No useless message copy (recycle kernel buers) no Syscalls and no user/kernel mode switch kernel works asynchronous and preemptive asynchronous packet handling possible Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 16. Introduction Walking down the layers what's dierent Into kernelspace interacting with the kernel That's it! Living in the kernelspace the proc lesystem # l s / p r o c / n e t /batman−adv / gateways interfaces log log_level originators orig_interval activating batman-adv # echo wlan0 / p r o c / n e t /batman−adv / i n t e r f a c e s deactivating batman-adv # echo quot;quot; / p r o c / n e t /batman−adv / i n t e r f a c e s Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 17. Introduction Walking down the layers what's dierent Into kernelspace interacting with the kernel That's it! Logging merits special attention the log level # c a t / p r o c / n e t /batman−adv / l o g _ l e v e l [ x ] c r i t i c a l (0) [ ] warnings (1) [ ] notices (2) [ ] batman ( 4 ) [ ] routes (8) setting the log level # echo 3 / p r o c / n e t /batman−adv / l o g _ l e v e l # c a t / p r o c / n e t /batman−adv / l o g _ l e v e l [ x ] c r i t i c a l (0) [ x ] warnings (1) [ x ] notices (2) [ ] batman ( 4 ) [ ] routes (8) reading the log # c a t / p r o c / n e t /batman−adv / l o g [ 6 2 6 ] B . A .T.M. A .N. Advanced 0.1− a l p h a ( c o m p a b i l i t y v e r s i o n 1) [ 9 7 1 ] Changing l o g _ l e v e l from : 0 to : 3 Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 18. Introduction Walking down the layers what's dierent Into kernelspace interacting with the kernel That's it! Kernel development don't be scared the kernel is a big library for all your hacking needs debugging techniques: clean programming - think before you insmod printk - tells you what's up kernel oops - gives you the stack trace UML - safer debugging again: don't panic! :-) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 19. Introduction Walking down the layers what's dierent Into kernelspace interacting with the kernel That's it! Battool there is no ICMP on Layer 2 we still want to ping, traceroute etc to debug the network implement own ICMP protocol into batman-adv protocol battool provides ping, traceroute and raw packet dump injects and receives special packets into unix socket (userspace) or device (kernelspace) Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 20. Introduction Walking down the layers Into kernelspace That's it! Links http://open-mesh.net/ https://dev.open-mesh.net/batman Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking
  • 21. Introduction Walking down the layers Into kernelspace That's it! Thank you! Marek Lindner, Simon Wunderlich Wireless Kernel Tweaking

×