Poster for “Life on the Edge: New Abstractions for Edge Network Distributed Computing”

Here is a draft copy of the A1 poster I’ll be presenting at the 2nd Annual Oxbridge Women in Computer Science Conference in Oxford. The poster abstract is in a previous post. Any feedback would be greatly appreciated.

version 1 (9:20 11/3)

women@cl poster


version 2 (10:50 11/3)

now with left alignment of text on the left and right alignment of text on the right, gateway text on black router removed

women@cl poster


VERSION 3 (11:00 11/3)

now with bolded keywords

women@cl poster (3)


FINAL VERSION (11:23 11/3)

new text for the aim box

women@cl poster (4)

Audio & Slides from “Lost in the Edge: Finding Your Way with DNSSEC Signposts”

Anil’s talk at 3rd USENIX Workshop on Free and Open Communications on the Internet (FOCI’13) is now available at and the slides are here

Signpost Planning

Over the new few months, I’ll be working on the DNS artitecture of Signposts.

Techincal Setup

  • Setting up suitable machines for development
  • Installing OCaml compiler, toolclain, package manager
  • Get the appropirate libraries, plus the docs/source
  • Set up the version control and project docs: code on github, signposts organisation maybe, issues tracking on Github issues
  • Finish reading “Real World OCaml” and look at examples of the libraries in use
  • Become familiar with the the setup of similar projects: The use of OASIS, OPAM, structure and syntax of Makefiles

Describing Artitecture

  • Why use DNS for naming ? what have other related systems used ?
  • This is an unusaul use of DNS, how does it affect the infastructure ?
  • How do middleboxes manipulate DNS packets ?
  • How does TTL 0 affect caching, performance etc ?
  • This is the 3rd prototype, how is it different to the first two
  • Security properties of the artitecture
  • Components of Signposts Naming and interface with tactics engine


  • Extending the functionality of ocaml-dns : adding a lwt client resolver, EDNS0 extensions, DNSSEC extension (using Cryptokit), any DNS stuff for Signposts that may be useful to other applications
  • Using, test and extend the signpost-test-tool, developed by Haris
  • Extending the functionality of ocaml-crypto-key, ready for use in Signpost

Signposts – The installation

This is a guide to the installation of Signpost on a 64 bit edition of ubuntu 12.04.

The steps of the installation process are:

1    install OCaml
2    install and set up OPAM
3    use OPAM to install the latest OCaml compiler and switch to this new compiler version
4    Add the remote repositories required for signposts to OPAM
5    Install the libraries required using OPAM
6    Download the code for signpost
7    Set up vswitch
8    Generate and place keys
9    Install iodine and set up password
10    Run Signposts


OCaml 3.12.1 is available from the ubuntu repositories, this is not a up to date version of the compiler but it will do to bootstrap the process.

$ sudo apt-get install ocaml


OPAM is a useful package manager for OCaml code such as signposts. To download the initialize:

$ git clone git://
$ cd opam && ./configure && make
$ sudo make install
$ opam init
$ eval ‘opam config -env’
$ echo “$ which opam && eval ‘opam config -env'” >> ~/.profile


To see the compiler versions avaliable on OPAM use:

$ opam switch -list

To see the version of the OCaml compiler that is currently in use, use

$ ocaml -version

Then switch the OCaml 4.00.1 using

$ opam switch 4.00.1
$ eval ‘opam config -env’

This process may take quite a while. You can now check the version of OCaml again, it it should show that the PATH is now pointing towards a new OCaml compiler version


To view the current remote respositories that OPAM is using, enter:

$ opam remote -list

This should give you the following output:

[curl]     default

To add the remote respositories required for signposts enter the following:

$ opam remote -kind git -add dev
$ opam remote -kind git -add mirage git://

Checking the current remote repositories as before, now returns

[git]       mirage     git://
[git]   mirage-dev     git://
[curl]     default


To install the required packages from OPAM and the package manager use:

$ opam install lwt cstruct mirage mirage-net ocamlgraph uri rpc oasis ssl
$ sudo apt-get install libnfnetlink-dev libnl-3-dev libnl-cli-3-dev libnl-genl-3-dev libnl-nf-3-dev libnl-route-3-dev

Some the packages here are not the most upto date, to get the updates

$ git clone
$ cd mirage-platform/
$ make all install
$ git clone
$ cd mirage-net/
$ make all install
$ git clone
$ cd ocaml-openflow/
$ make all install
$ git clone
$ cd ocaml-dns/
$ make all install
$ git clone
$ cd ocaml-crypto-keys/
$ make all install

In the future, you update your packages using:

$ opam update
$ opam upgrade


To download a copy of the Signpost Code using:

$ git clone
$ cd signpostd
$ make


$ sudo wget -O /lib/modules/`uname -r`/extra/openvswitch_mod.ko
$ sudo wget -O /lib/modules/`uname -r`/extra/brcompat_mod.ko
$ sudo depmod -a
$ modprobe openvswitch_mod
$ sudo modprobe brocompat_mod
$ sudo ovs-vsctl add-br br0
$ sudo ovs-vsctl add-port br0 eth0
$ sudo ifconfig eth0 up
$ sudo ifconfig br0 up
$ sudo ovs-vsctl set-fail-mode br0 standalone
$ sudo ovs-vsctl set-controller br0 tcp:localhost
$ sudo ln -s /etc/init.d/openvswitch-switch /etc/rcS.d/S10openvswitch-switch
$ sudo chmod 777 /etc/network/interfaces
$ echo “pre-up ifconfig eth0 up” >> /etc/network/interfaces


For the each client we wish to add to the signposts personal cloud we need to generate a private and associated key. To generate these key we will be using onpenssl. On each client we need to generate the private key and place it into the signposd/conf directory when we need to generate the public key from this and place on the server un signpostd/conf/authorized_keys

on the client

$ openssl genrsa -out conf/signpost.pem 2046

and on the server

$ openssl rsa -in conf/signpost.pem -pubout -out conf/authorized_keys/


To install iodine from the ubuntu package manager
sudo apt-get install iodine

Lots of things to be getting on with …

Friends often wonder what I’m working (and so do I sometimes) so here’s my to-do list for the rest of this week:


  • Review some examples of ocaml code and hows its documented
  • Investigate if ocamldoc is worth implementing
  • using ocaml-dns as an example of documentation
  • put together a blog post of methods of documenting OCaml code and decide a style of documentation that you be useful in Signposts
  • Next week, work through the core signposts core, adding documentation


  • working through the process of installing signposts from a scratch, currently do as far as key generation
  • Generate the keys required for signpost and potential write a script to help automate the process
  • Run Signposts on my main machine, test client and server implementation
  • Next week, follow documentation to set up signposts on an Eee PC  
  • Produce a clear set on instruction on how to install, set up and run signposts
  • Research the UPnP interface provided by routers
  • Review the other signposts tactics to generate an outline of the API for implementing tactics
  • Next week, Write a tactic in OCaml for signposts that makes use of UPnP, use the method of documenting OCaml highlights earlier


  • finish reading and taking notes on “Usage Patterns in an Urban Wi-Fi network”
  • Produce a draft outline of the framework for analyzing urban Wi-Fi
  • Next week, reading though some other papers in the area and add detail to framework


  • once permission for the network is granted, set up the router using the provided interface
  • install and set-up OpenWRT on the router
  • Investigate best firmware for ftp, ssh and vpn on the router
  • produce results and share, before 15th Nov


  • consider the overlap of signposts & paws
  • find use cases that highlight the potential for inter connection
  • produce some slides/blog post on findings and ideas, before 15th Nov

(Testing) Network Data collection – Demo Pt 5.3

I am going to work through my last article, where I explained how to generate the required files to run my Java code here 


I connect my laptop and android phone to the same Wi-Fi network and get there private IP addresses:

  • The server (my laptop) –
  • The client (my android phone) –


If ./adb shell returns error:device not found then wait a few seconds before trying again. This is because there can be a slight delay between plugging an android device and its being recognised.

Terminal 1
heidi@ubuntu:~$ cd Downloads/android-sdk-linux/platform-tools/
heidi@ubuntu:~/Downloads/android-sdk-linux/platform-tools$ ./adb shell
# iperf -u -c -t 100
Client connecting to, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  110 KByte (default)
[  3] local port 52285 connected with port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-100.0 sec  12.5 MBytes  1.05 Mbits/sec
[  3] Sent 8918 datagrams
[  3] Server Report:
[  3]  0.0-100.0 sec  12.5 MBytes  1.05 Mbits/sec   1.783 ms   10/ 8918 (0.11%)

Terminal 2
heidi@ubuntu:~$ cd TestingSignpostAppOutput/
heidi@ubuntu:~/TestingSignpostAppOutput$ iperf -s -u >> IperfOutput.txt