Setting up a WDS Network

In order to have a complete setup you will need a linux x86 based computer with internet access. Not needed but very handy is a second network interface card, this is very handy when trouble shooting and uploading firmware to the routers. To build the firmware you need a full development enviroment installed on your computer, this includes gcc, gcc-c++, binutils, kernel-headers, libgcc, glibc, glibc-devel, m4, bison, autoconf, and automake. If the build fails with all of these installed, there is usually some form of debug output which will inform you of what is needed to compile.

We chose OpenWRT for our test bed because of its modular compiling system. It is based off the original Linksys firmware, with many added improvements. The OpenWRT firmware has the added benefit of a ssh server to allow remote login to all the routers. This was very handy during our research because it allowed us to remotely monitor all of our routers. Download the following firmware ./utsa-wds-firmware.tar.gz Prepare the firmware so it can be uploaded to the router

cd /usr/local/src
wget http://www.cs.utsa.edu/~jwilson/research/utsa-wds-firmware.tar.gz
tar -zxf utsa-wds-firmware.tar.gz
cd buildroot
make menuconfig

Select the needed packages from the 'Package Selection' menu. ./aodv-1.png In our test bed we have tcpdump installed, when you select tcpdump it also selects the dependancies automatically (in this case libpcap). ./aodv-2.png ./aodv-3.png After all the packages which are to be installed are selected, it is time to build the firmware. This process takes quite a bit of time, this is because every part of the firmware is downloaded and then compiled, including the kernel. The following command is all that needs to be ran. make Once make has completed the new firmware will be located in the bin directory. In all of our test beds we used the jffs2 firmware image. The reason for this is that all the files are read/write, if the squashfs firmware is used all the files are read only and soft linked to the proper locations from the /opt partition in the flash memory. ./WRT54GV2_3.01.3_US_code.bin Before installing the firmware you need to login to the router at http://192.168.1.1 (Username: admin / Password: admin) and verify the firmware that is installed. If the firmware is greater than version 3.01.3, you will need to download and install version 3.01.3 ./aodv-4.png To downgrade the firmware installed on the router click on the Administration tab followed by the Firmware Upgrade tab ./aodv-7.png Click the Browse button and then select the WRT54GV2_3.01.3_US_code.bin firmware file. Then click the Upgrade button to downgrade the firmware to version 3.01.3. This process takes about 1-2 minutes ./atftp-0.6.2.tar.gz Once the firmware has been downgraded properly you need to navigate to the Administration tab and select Diagnostics from the submenu. ./aodv-5.png Select the Ping option and a new window will open. ./aodv-6.png Type the following commands into the 'IP Address or Domain Name:' field.

;cp${IFS}*/*/nvram${IFS}/tmp/n
;*/n${IFS}set${IFS}boot_wait=on
;*/n${IFS}commit
;*/n${IFS}show>tmp/ping.log

Put the previous commands in 1 at a time and click the 'Ping' button, there is NO spaces at all, if you type these in by hand ensure there are no spaces. This will enable the boot_wait on the router and allow you to upload a custom firmware. This is also a safety measure, if something goes wrong while uploading the firmware, this will allow you to upload a new firmware to the router. If this step is not taken, the router can become useless in the event of a power failure or something those lines while the router is flashing. Once boot_wait is enabled, it is time to install the new firmware which was compiled in step 3.2. You will need to install atftp or another tftp client on the desktop machine in order to upload the firmware to the router.

wget http://www.cs.utsa.edu/~jwilson/research/atftp-0.6.2.tar.gz
tar -zxf atftp-0.6.2.tar.gz
cd atftp-0.6.2
./configure 
make
make install

At this point you are ready to install the OpenWRT firmware on the Linksys router.

atftp
tftp> connect 192.168.1.1
tftp> mode octet
tftp> trace
tftp> timeout 1
tftp> put openwrt-wrt54g-jffs.bin

Do not hit enter to put the firmware just yet.. Unplug the router and while plugging it back in hit enter to put the firmware onto the router. Usually it will fail 1-2 times then catch it and start the upload process. However sometimes it may just not catch it in time, this is because there is only a 5 second window which was enabled with boot_wait. If it doesnt upload the first time unplug the router and plug it back again and attempt to put the firmware again. Once the firmware has been uploaded to the router it will take about 2 minutes to flash. During this process it is vital not to unplug the router. This will cause bad bad things to happen. When the flashing process is complete the power light will be on solid, the DMZ light will be off, and the WLAN light will probably be blinking quite a bit. At this point it is safe to unplug the router and plug it back in. The reason for this is the flash memory is read only at this point and we need to set a root password on the router, this can only be done when the filesystem is mounted read/write. When the router is done rebooting, telnet into it. telnet 192.168.1.1 Once inside the router set the root password, this enables SSH and disables telnet. passwd When all the password tokens have been updated reboot the router. reboot At this point the router is a fully functional linux machine, SSH has been enabled so telnet will no longer work. By default the router has a built in firewall which will prohibit SSH access from the WAN port, however you can SSH in from any of the LAN ports and the WLAN ports. If you wish to disable the firewall, login to the router and remove the firewall script from the startup scripts and flush iptables.

rm -rf /etc/init.d/S45firewall
iptables --flush

While it is possible to configure the router to use WDS, OLSR, Static Routing, and AODV at this point, we will only be covering the WDS parameters in this document. ./wds-setup.tar.gz The file listed above is a shell script which needs to be copied to the router and ran. The contents of the script is as follows:

1.  #!/bin/sh
2.  echo "Setting up filesystem..."
3.  mkdir -p /root/.ssh
4.  cat << /root/.ssh/authorized_keys >> EOF
5.  ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAo/lxjrvjtukTKXN6wMeUNXcfPFuyl+fD+6SRWiqylwjUqWcXl51IVXt
K8W64aws/oTYHX4fhVi52O26iitPg9KhuMOXqzl+hBXMTxibIxgUxGmEILngNECmkhs3m43gZa0riPiI6rBwAaoJBxB
X9SJYLQ9K4Q0qgv3Cqp+7ibbU= root@gig00
6.  EOF
7. 
8.  cat << /root/.ssh/config >> EOF
9.  StrictHostKeyChecking no
10. EOF
11.
12. echo "Setting up root directory in passwd..."
13. sed -i 's/\/tmp/\/root/' /etc/passwd
14. 
15. echo "Setting up NVRAM for WDS..."
16. echo -n "Enter Wifi Address: "
17. read IPADDR
18. nvram set lan_ipaddr=$IPADDR
19. echo -n "Enter Wifi Netmask: "
20. read NETMASK
21. nvram set lan_netmask=$NETMASK
22. nvram set lan_stp=1
23. echo -n "Enter Hostname: "
24. read HOSTNAME
25. nvram set wan_hostname=$HOSTNAME
26. nvram set wan_proto=static
27. echo -n "Enter WAN address: "
28. read IPADDRW 
29. nvram set wan_ipaddr=$IPADDRW
30. echo -n "Enter WAN Netmask: "
31. read NETMASKW
32. nvram set wan_netmask=$NETMASKW
33. echo -n "Enter WAN Gateway: "
34. read GATEWAY
35. nvram set wan_gateway=$GATEWAY
36. nvram set wl0_closed=1
37. nvram set wl0_channel=8
38. nvram set wl0_ssid=resmesh
39. nvram set wl0_lazywds=1
40. nvram set wl0_wep=1
41. nvram set wl0_key1=1234567890abcdef1234567890
42. nvram set wl0_wep=on
43. nvram set wl0_key=1
44. nvram commit
29. echo "Prepairing to reboot..."
30. sleep 5 
31. reboot

The text on line 5 should all be on 1 line, even though it appears to be on 3 lines lan_ifname: The name of the linux interface which is assigned to the lan ports (4 port switch on back of router). lan_ifnames: We are removing this setting, it is not needed for AODV. wifi_ifname: The name of the linux interface which is assigned to the wireless antennas. wifi_proto: This can be static of dhcp. wifi_netmask: This is the netmask of the wireless interface. wifi_ipaddr: The ipaddress assigned to the wireless interface. This address must be unique on the network. wl0_mode: ap = Access Point (master mode), sta Client mode. wl0_infra: 0 = Ad Hoc mode, 1 = normal AP/Client mode. wl0_ssid: ESSID Once the firmware is installed there are some NVRAM settings which need to be enabled in order to use WDS on the Linksys router. You will need to ssh into the router in order to define these settings.

During the development of the WDS network we ran into a slight problem with bandwidth, in order to solve that problem we had to figure out a way to 'shape' the bandwidth, Frottle was the answer. In order to use Frottle, some firewall configuation steps must be taken.

iptables -A INPUT -p UDP --sport 999 -j ACCEPT  	# Allow control packets in
iptables -A OUTPUT -p UDP --dport 999 -j ACCEPT 	# Allow control packets out
iptables -A OUTPUT -p ALL -o eth1 -j QUEUE 	# where eth1 is the wireless interface
iptables -A FORWARD -p ALL -o eth1 -j QUEUE 	# where eth1 is the wireless interface

Once the firewall is properly setup, Frottle needs to be configured to run properly on the router.

# Run in client mode
clientmode 1
# Daemonise, ie run in the background (optional)
# (Quit frottle with 'killall -TERM frottle' if you use this)
daemon 1
# The IP of the master
# (use the other end of your /30 to HH)
masterip 10.60.0.2
# Specify any ports you want to be high priority
# (This only effects your outgoing traffic)
hiports 22,53,7001,5223
# Set your wireless interface
winterface eth1
# If an http server is available,
# set a filename for a stats file output (optional)
statsfile /var/www/html/frottle.html

Next we have to configure the gateway router, this also requires some firewall rulesets.

iptables -A INPUT -p UDP --dport 999 -j ACCEPT  	# Allow control packets in
iptables -A OUTPUT -p UDP --sport 999 -j ACCEPT 	# Allow control packets out
iptables -A OUTPUT -p ALL -o eth1 -j QUEUE 	# where eth1 is the wireless interface
iptables -A FORWARD -p ALL -o eth1 -j QUEUE 	# where eth1 is the wireless interface

Once the firewall is configured, Now the configuration file must be setup.

# Run in master mode
mastermode 1
# Run as a self client as well
selfclient 1
# Daemonise, ie run in the background (optional)
# (Quit frottle with 'killall -TERM frottle' if you use this)
daemon 1
# Sepcify any ports you want to be high priority
# (This only effects your outgoing traffic)
hiports 22,53,7001,5223
# If a http server is available,
# set a filename for an info file output (optional)
infofile /var/www/html/frottle-master.html
# If a http server is available,
# set a filename for a stats file output (optional)
statsfile /var/www/html/frottle-stats.html

The firmware itself has a auto start script for Frottle, below is an example of the startup script.

#!/bin/sh
IPQ=`cat /etc/modules | grep ip_queue`
LOG=/tmp/frottle.log
MOD=/lib/modules/2.4.29/ip_queue.o
MOD_FILE=/etc/modules
CONF_FILE=/etc/frottle.conf

if [ ! -f "$MOD" ]; then
        echo "ip_queue.o no installed" >> $LOG
fi

if [ "$IPQ" = "" ]; then
        echo ip_queue >> $MOD_FILE
fi

if [ ! -f "$CONF_FILE" ]; then
        echo "frottle.conf not found in /etc/" >> $LOG
        exit 0
fi

/usr/sbin/frottle

The research was conducted by: boppana@cs.utsa.edu sdesilva@cs.utsa.edu jwilson@cs.utsa.edu xsu@cs.utsa.edu Additional Information http://www.openwrt.org http://www.seattlewireless.net/index.cgi/LinksysWrt54g http://www.linksys.com/gpl/ http://www.draytek.co.uk/support/kb_wlan_wds.html http://pcl.cs.ucla.edu/projects/glomosim/