Signpost Planning

Over the new few months, I’ll be working on the DNS artitecture of Signposts.

Techincal Setup

  • Setting up suitable machines for development
  • Installing OCaml compiler, toolclain, package manager
  • Get the appropirate libraries, plus the docs/source
  • Set up the version control and project docs: code on github, signposts organisation maybe, issues tracking on Github issues
  • Finish reading “Real World OCaml” and look at examples of the libraries in use
  • Become familiar with the the setup of similar projects: The use of OASIS, OPAM, structure and syntax of Makefiles

Describing Artitecture

  • Why use DNS for naming ? what have other related systems used ?
  • This is an unusaul use of DNS, how does it affect the infastructure ?
  • How do middleboxes manipulate DNS packets ?
  • How does TTL 0 affect caching, performance etc ?
  • This is the 3rd prototype, how is it different to the first two
  • Security properties of the artitecture
  • Components of Signposts Naming and interface with tactics engine

Preparation

  • Extending the functionality of ocaml-dns : adding a lwt client resolver, EDNS0 extensions, DNSSEC extension (using Cryptokit), any DNS stuff for Signposts that may be useful to other applications
  • Using, test and extend the signpost-test-tool, developed by Haris
  • Extending the functionality of ocaml-crypto-key, ready for use in Signpost

Signposts – The installation

This is a guide to the installation of Signpost on a 64 bit edition of ubuntu 12.04.

The steps of the installation process are:

1    install OCaml
2    install and set up OPAM
3    use OPAM to install the latest OCaml compiler and switch to this new compiler version
4    Add the remote repositories required for signposts to OPAM
5    Install the libraries required using OPAM
6    Download the code for signpost
7    Set up vswitch
8    Generate and place keys
9    Install iodine and set up password
10    Run Signposts

1 INSTALLING OCAML

OCaml 3.12.1 is available from the ubuntu repositories, this is not a up to date version of the compiler but it will do to bootstrap the process.

$ sudo apt-get install ocaml

2 INSTALLING & SET UP OPAM

OPAM is a useful package manager for OCaml code such as signposts. To download the initialize:

$ git clone git://github.com/OCamlPro/opam.git
$ cd opam && ./configure && make
$ sudo make install
$ opam init
$ eval ‘opam config -env’
$ echo “$ which opam && eval ‘opam config -env'” >> ~/.profile


3 SWITCH TO LATEST OCAML COMPILER

To see the compiler versions avaliable on OPAM use:

$ opam switch -list

To see the version of the OCaml compiler that is currently in use, use

$ ocaml -version

Then switch the OCaml 4.00.1 using

$ opam switch 4.00.1
$ eval ‘opam config -env’

This process may take quite a while. You can now check the version of OCaml again, it it should show that the PATH is now pointing towards a new OCaml compiler version

4 REMOTE REPOSITORIES

To view the current remote respositories that OPAM is using, enter:

$ opam remote -list

This should give you the following output:

[curl]     default     http://opam.ocamlpro.com

To add the remote respositories required for signposts enter the following:

$ opam remote -kind git -add dev https://github.com/mirage/opam-repo-dev.git
$ opam remote -kind git -add mirage git://github.com/mirage/opam-repo.git

Checking the current remote repositories as before, now returns

[git]       mirage     git://github.com/mirage/opam-repo.git
[git]   mirage-dev     git://github.com/mirage/opam-repo-dev.git
[curl]     default     http://opam.ocamlpro.com


5 INSTALL LIBRARIES

To install the required packages from OPAM and the package manager use:

$ opam install lwt cstruct mirage mirage-net ocamlgraph uri rpc oasis ssl
$ sudo apt-get install libnfnetlink-dev libnl-3-dev libnl-cli-3-dev libnl-genl-3-dev libnl-nf-3-dev libnl-route-3-dev

Some the packages here are not the most upto date, to get the updates

$ git clone https://github.com/crotsos/mirage-platform.git
$ cd mirage-platform/
$ make all install
$ git clone https://github.com/crotsos/mirage-net.git
$ cd mirage-net/
$ make all install
$ git clone https://github.com/crotsos/ocaml-openflow.git
$ cd ocaml-openflow/
$ make all install
$ git clone https://github.com/crotsos/ocaml-dns.git
$ cd ocaml-dns/
$ make all install
$ git clone https://github.com/crotsos/ocaml-crypto-keys.git
$ cd ocaml-crypto-keys/
$ make all install

In the future, you update your packages using:

$ opam update
$ opam upgrade

6 GET SIGNPOST CODE

To download a copy of the Signpost Code using:

$ git clone https://github.com/crotos/signpostd
$ cd signpostd
$ make

7 VSWITCH

$ sudo wget https://www.dropbox.com/s/4n0hwgoycm3838g/openvswitch_mod.ko?dl=1 -O /lib/modules/`uname -r`/extra/openvswitch_mod.ko
$ sudo wget https://www.dropbox.com/s/f7ivv8upe0bfurf/brcompat_mod.ko?dl=1 -O /lib/modules/`uname -r`/extra/brcompat_mod.ko
$ sudo depmod -a
$ modprobe openvswitch_mod
$ sudo modprobe brocompat_mod
$ sudo ovs-vsctl add-br br0
$ sudo ovs-vsctl add-port br0 eth0
$ sudo ifconfig eth0 up
$ sudo ifconfig br0 up
$ sudo ovs-vsctl set-fail-mode br0 standalone
$ sudo ovs-vsctl set-controller br0 tcp:localhost
$ sudo ln -s /etc/init.d/openvswitch-switch /etc/rcS.d/S10openvswitch-switch
$ sudo chmod 777 /etc/network/interfaces
$ echo “pre-up ifconfig eth0 up” >> /etc/network/interfaces

8 KEY GENERATION

For the each client we wish to add to the signposts personal cloud we need to generate a private and associated key. To generate these key we will be using onpenssl. On each client we need to generate the private key and place it into the signposd/conf directory when we need to generate the public key from this and place on the server un signpostd/conf/authorized_keys

on the client

$ openssl genrsa -out conf/signpost.pem 2046

and on the server

$ openssl rsa -in conf/signpost.pem -pubout -out conf/authorized_keys/clientname.pub

9 IODINE

To install iodine from the ubuntu package manager
sudo apt-get install iodine

Lots of things to be getting on with …

Friends often wonder what I’m working (and so do I sometimes) so here’s my to-do list for the rest of this week:

DOCUMENTING OCAML 

  • Review some examples of ocaml code and hows its documented
  • Investigate if ocamldoc is worth implementing
  • using ocaml-dns as an example of documentation
  • put together a blog post of methods of documenting OCaml code and decide a style of documentation that you be useful in Signposts
  • Next week, work through the core signposts core, adding documentation

SIGNPOSTS INSTALLATION

  • working through the process of installing signposts from a scratch, currently do as far as key generation
  • Generate the keys required for signpost and potential write a script to help automate the process
  • Run Signposts on my main machine, test client and server implementation
  • Next week, follow documentation to set up signposts on an Eee PC  
  • Produce a clear set on instruction on how to install, set up and run signposts
UPnP TACTIC FOR SIGNPOSTS
  • Research the UPnP interface provided by routers
  • Review the other signposts tactics to generate an outline of the API for implementing tactics
  • Next week, Write a tactic in OCaml for signposts that makes use of UPnP, use the method of documenting OCaml highlights earlier

FRAMEWORK FOR ANALYSIS OF URBAN WI-FI

  • finish reading and taking notes on “Usage Patterns in an Urban Wi-Fi network”
  • Produce a draft outline of the framework for analyzing urban Wi-Fi
  • Next week, reading though some other papers in the area and add detail to framework

PAWS ROUTER TRIAL SETUP

  • once permission for the network is granted, set up the router using the provided interface
  • install and set-up OpenWRT on the router
  • Investigate best firmware for ftp, ssh and vpn on the router
  • produce results and share, before 15th Nov

INTERLEAVING OF SIGNPOSTS & PAWS

  • consider the overlap of signposts & paws
  • find use cases that highlight the potential for inter connection
  • produce some slides/blog post on findings and ideas, before 15th Nov

(Testing) Network Data collection – Demo Pt 5.3

I am going to work through my last article, where I explained how to generate the required files to run my Java code here 

SETUP

I connect my laptop and android phone to the same Wi-Fi network and get there private IP addresses:

  • The server (my laptop) –  192.168.14.245
  • The client (my android phone) – 192.168.14.47

IperfOutput.txt 

If ./adb shell returns error:device not found then wait a few seconds before trying again. This is because there can be a slight delay between plugging an android device and its being recognised.

Terminal 1
heidi@ubuntu:~$ cd Downloads/android-sdk-linux/platform-tools/
heidi@ubuntu:~/Downloads/android-sdk-linux/platform-tools$ ./adb shell
# iperf -u -c 192.168.14.245 -t 100
————————————————————
Client connecting to 192.168.14.245, UDP port 5001
Sending 1470 byte datagrams
UDP buffer size:  110 KByte (default)
————————————————————
[  3] local 192.168.14.47 port 52285 connected with 192.168.14.245 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-100.0 sec  12.5 MBytes  1.05 Mbits/sec
[  3] Sent 8918 datagrams
[  3] Server Report:
[  3]  0.0-100.0 sec  12.5 MBytes  1.05 Mbits/sec   1.783 ms   10/ 8918 (0.11%)
[Ctrl-C]

Terminal 2
heidi@ubuntu:~$ cd TestingSignpostAppOutput/
heidi@ubuntu:~/TestingSignpostAppOutput$ iperf -s -u >> IperfOutput.txt
[Ctrl-C]