[GRLUG] Mesh networking, localnet and Internet infrastructure

Adam Tauno WIlliams awilliam at whitemice.org
Mon May 18 13:05:58 EDT 2009


On Mon, 2009-05-18 at 12:43 -0400, Michael Mol wrote:
> On Mon, May 18, 2009 at 12:30 PM, Bob Kline <bob.kline at gmail.com> wrote:
> > I wonder whether this is another reason
> > Comcast got a yen for implementing
> > monthly byte quotes.  A router ( I'm
> > assuming this is a router? ) with that kind
> > of range could provide free Internet access
> > to a big piece of a neighborhood if no
> > encryption is used.
> I'm not certain that you actually need a shared key (or even RADIUS
> auth, as in WPA-Enterprise).  Were I to implement something like this,
> I'd want to use WPA2 with a TKIP pairwise cypher, but no key required
> for associating with the AP itself; You get the benefits of encryption
> between the user and the AP, as well as freedom from knowing a shared
> key.

I wonder if a current DD-WRT/Open-WRT box would have the features to
support a mesh network; I thought they added WDS, but I don't know if
they do WDS+AP which would be required for a real mesh.  But I've also
heard horror stories about the compatibility of WDS implementations.

Given the scant resources available on an AP I'd just leave security
entirely out of the network and have the client associate with the
nearest AP and establish a tunnel to the gateway (leaving security
between the client and the gateway).  In relation to clients let the
mesh behave equivalent to an LER in an MPLS network.  That would also
solve any trouble with bearing IPv4 over and IPv6 network, etc...

> Of course, you're still at the mercy of whoever controls the AP
> hardware,

Not if you just tunnel across the network to a "trusted" gateway.

> Comcast has no say or control over it, with the exception that their
> contract almost certainly prohibits resale and sharing of their
> services. (All of the broadband ISPs ostensibly require one to only
> have a certain number of computers hooked up to the Internet
> connection, though their support techs don't really care.

Their techs may not care, but if they catch wind of a large-scale
redistribution their lawyers certainly will.



More information about the grlug mailing list