You are here

Limiting nodes that may join the mesh

12 posts / 0 new
Last post
WB9WNF
WB9WNF's picture
Limiting nodes that may join the mesh

I’m checking to see if there is there a way to limit the number of nodes that can connect to a given node?  It’s been over two year from what I can research on the website, and the previous aredn.org links are not working.  Dose any one know?

K5DLQ
K5DLQ's picture
Issue/Feature request #211
AA7AU
AA7AU's picture
Somewhat different?

#211 and #212 deal primarily with White-list and Black-list. I think the OP was referring to the *number* of nodes connecting in (like the flood we got here last fall from an OC tunnel into the the LV valley). I'd suggest someone more technical than I write up a feature request to limit based on "distance" and/or connectability so that OLSR (and status pages, etc) doesn't get swamped by very distant links (like from tunnels etc).

- Don - AA7AU

WB9WNF
WB9WNF's picture
Thank you
The white list should work for our application.  I have concern about our ham community using it for personal gain.  I know hams that would exploit such a network.  I do want to have it open for hams to use for legitimate use, nets, testing & emergencies. 

Thank you

Dave-WB9WNF
K7DXS
What do you mean by exploit
What do you mean by exploit it? For what it's worth, I'm against this whitelisting capability because I don't like the idea of the network having a "gatekeeper" so to speak deciding who does and doesn't get to play mesh.
K6AH
K6AH's picture
White listing isn't being
White listing isn't being seriously considered, but black listing is.

Andre, K6AH
 
K7DXS
I have less of an objection
I have less of an objection to that, because I do see a few good use cases for it. However, I'm wondering, how will it be implemented? On one hand, if the list has to be applied to each node in the network, it won't be very effective (since the bad guy could point at a different node), but on the other hand, if it's network-wide, how do we mitigate the issues of a bad guy already on the network:
  • Blacklisting a central node?
  • Blacklisting anybody they want to because they feel like it?
Also, I don't see a way for it to be effective, as it's trivial to spoof a MAC address. callsign/hostname, or just about any other identifier you can come up with.

All that being said, if a sane implementation is thought up, I'd overall be in favor of being able to blacklist certain nodes.
K5DLQ
K5DLQ's picture
there are legal issues
there are legal issues spoofing/changing a callsign that will get the FCC involved.
K7DXS
Not necessarily. I can get
Not necessarily. I can get permission to put up someone else's node at my house and use that instead. Or I could probably put null characters in between my call letters without getting in trouble. But the thing is, I highly doubt the FCC will get involved at all considering how long it took them to do anything at all about 14.313, and that's a channel shared across a much larger geo.
W6RUF
W6RUF's picture
I’ve lived in SE AK

saying something like, “here’s all you gotta do to get free internet is this” is akin to cutting open a bag of cash to observe the ensuing melee.
I loved living in SE AK, it’s a tough place to live requiring becoming resourceful and maintaining tenacity so you can “do what you gotta do”.  
Not trying to say anything negative, just trying to provide prospective.
You can’t just jump in your car and leave, go down to the store and buy a six pack, or hit the Friday Night Walmart Date Scene.
You have to live alongside people you may not like but you learn to get along best you can.
Applying a (blacklist) limit at one node is reasonable. The chance of turning to another node is likely very small if even possible.

KL5T
There will always be those...

There is always the potential for there to be folks to attempt nefarious things.  But I think there is a legitimate need to have a feature of this nature to help with network management.  I've had several situations where if I could have used a blacklist I could have prevented a poor link from clogging up the works without resorting to other network management mechanisms, like frequency management.  Actually, I still have a couple of these coincidental links that pop up.  Simply being able to blacklist a node on a particular node might help cure the problem.  Alternatively, there could be times where I may want the last station on a link to connect to just one other node...hence a whitelist option could be useful. 

For me its less of a "keep the bad actors off" situation, and more of a network management tool to help with throughput.  It's not that I don't want a node on the network, it's that I want to be able to control network flow for efficiency.

Regards,

Kent, KL5T
Anchorage, Alaska

kj6dzb
kj6dzb's picture
There are 2 things i would
There are 2 things i would like to adress... Tunnel users are not pulling down a distant network bandwith. The underline over head of olsrd tables is minimal. Traffic from the far side of a Tunnel isn't going to cost more than a local gateway for extenal internet request. A request from a far side of the Tunnel is going to place a load on the gateway node and nodes back to the target connection. The matter of load balancing and qos on a gateway node's wan is somthing of interest to me. Cisco's meraki has a solution SDwan https://meraki.cisco.com/solutions/sd-wan This will alow a gateway's wan to be micro managed/ tuned / meeter nodes external traffic requests to the internet.

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer