tomeshnet / toronto-community-network Goto Github PK
View Code? Open in Web Editor NEWOrganization, planning, and information related to Toronto's community network operation
Home Page: https://tomesh.net/
Organization, planning, and information related to Toronto's community network operation
Home Page: https://tomesh.net/
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Establish an understanding and relationship with BAI and tomesh
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: Thursday
๐ฏ Success criteria: Decide on router model at woolner
...
Select topology and hardware used for node
Option 2 and 3 need some one to donate resources
Needs to be ready for deployment by thursday
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: A valuable service is selected for development, deployment and maintenance on the Toronto Community Network
There have been a variety of services proposed for delivering value on the mesh. This task is concerned with identifying a long-list of candidate services and then convening a process for collaboratively submitting service definitions, narrowing down and prioritizing the alternatives and finally agreeing on a service to design, deploy, and operate/maintain on the mesh.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: 7/24/2020
๐ฏ Success criteria: Nodes are up and running and ready to receive connections
Location: https://goo.gl/maps/qvdh4f49L7tQpPKt6 (200 Woolner Ave)
NOTE We will be limiting the amount of people on the roof to about 2 at a time.
If your interested in participating (on the roof or on the ground) please make sure you get in touch with us ([email protected])
COVID NOTICE: If you will be attend please bring a mask or face covering.
We will be deploying along side the CITY FREE WIFI PROJECT on Thursday, July 23 and Friday July 24th.
The project window will be between 9-5 on each day.
Toronto mesh will attend
Goal is to have everything operational by end of Friday.
Weather outlook shows possible thunderstorms on Thursday. For safety reasons we will NOT be on the roof if there is any evidence of severe weather.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Open functional online store.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Identify limitations and uses of EdgerRouter family (including EdgePoint)
EPโR6 is a nice 5 port outdoor router with poe that should be compatible with EdgeRouter X.
https://www.ui.com/edgemax/edgepoint/
EdgeRouter X SFP doubles as a 5 port POE switch.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Establish an understanding and relationship with beanfield and tomesh
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Purchase of NEMA cabinet
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Decide on POE switch to use
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #24
๐
Due date: N/A
๐ฏ Success criteria: Implement a BIA Link
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: 7/22/2020
๐ฏ Success criteria: Stickers ready to be applied to hardware.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Decide on monitoring software.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Have an updated and accurate project page on website.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: 7/24/2020
๐ฏ Success criteria: Collect data from different points about strenght and speed of node.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Active note at Hack Lab connected.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Hardware ready for deployment
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
Montreal-based organization Queertech is working with Toronto clinic Sherborne Health to come up with a solution to providing internet access to those that do not have it as during the pandemic many of their traditionally in-person services have been moved online. They'll be looking into this issue and trying to connect Sherborne Health with solutions as part of their PrideHacks 2020 event and have asked that we remain available to answer questions that event participants may have.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #6
๐
Due date: N/A
๐ฏ Success criteria: Establish Toronto local exit node.
โ Blocked By: #10 #123
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: 1 Page flyer available in github repo
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date:
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: instructions on how to setup and run tunneldigger
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: asap
๐ฏ Success criteria: Establish onboarding workflow for new contributors.
If someone says they want to help, we need a standardized way to quickly engage and onboard them into our spaces and workflow. I imagine getting their email and send an onboarding templated email that includes steps to get onto our working groups on GitHub, chat, etc. followed by a peer session to explain how to use the tools and our collaboration practices.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #7
๐
Due date: N/A
๐ฏ Success criteria: Setup phone number
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Deploy SDR
Look into the possibility of a SDR on a roof top.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Figure out how to build L2TP Tunnels
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: PR accepted
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Selection on router hardware
P2P
Device directly connected to a computer
Routed
Device between two computers routing across subnets
WG P2P
Device WG to another Device
WG Routed
Device GW to another device and an PC Routed across that link
Devices | P2P | Routed | WG P2P | WG Routed | L2TP P2P | L2TP Routed |
---|---|---|---|---|---|---|
EspressoBin | โ๏ธ 931 | โ 335/403 | โ 213/335 | -- | -- | |
AtomicPi | โ๏ธ 923 | โ๏ธ 837 | โ๏ธ 895 | ๐จ 665 | โ๏ธ 767/863 | โ๏ธ 798/705 |
WRT1900ACV1 | โ๏ธ 920 | โ๏ธ 879 | ๐จ 350/450 | โ 280/338 | -- | -- |
EdgerouteX | 356/533 | 750/510 | -- | -- | -- | -- |
EdgerouteX HW OFFLOAD | 913/927 | 217/180 | 180/211 | -- | -- | |
OmniTik POE | 900 |
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Be ready to deploy IPs to production network.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Publish an update website that features this project with clear ways to participate, and is not confused with previous projects.
The website has led to a lot of confusion between the many projects that tomesh worked on. Let's try to redesign the website to present things clearly, and emphasize the existing project.
Most of the changes will happen on https://github.com/tomeshnet/tomesh.net
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
In a Gateway node where a tunnel interface that relies on the internet, and babeld traffic get routed causing conflict.
static route only the l2tp tunnel ip to the local gateway. This will allow babeld to install the correct route
ip route delete 0.0.0.0/0
ip route add 123.123.123.123/32 via 1921.68.1.1
Make babled put all its routes into a separate route table
This will keep the local route table and babeld's route table separate
Add this to babeld.conf
export-table 10
Route all incoming traffic on specific interfaces to use the babeld route table instead of the os master
(this includes the 0.0.0.0/0 selected by babeld)
put it in rc.local
ip rule add iif ens19 table 10
ip rule add iif tun0 table 10
ip rule add iif l2tpeth61 table 10
I had to add the routes for the local interfaces including openvpn
ip route add 100.64.21.0/24 dev ens19 table 10
ip route add 100.127.253.0/24 dev tun0 table 10
Create a mesh
VRF and assign it Routing Table 10
ip link add name mesh type vrf table 10
ip link set dev mesh up
Allow TCP and UDP port to be accessable from the VRFs (so you can SSH into the box)
/sbin/sysctl -w net.ipv4.tcp_l3mdev_accept=1
/sbin/sysctl -w net.ipv4.udp_l3mdev_accept=1
Add interfaces to the VRF that should be routing over babeld's routes
ip link set dev ens19 vrf mesh up
ip link set dev tun0 vrf mesh up
ip link set dev l2tpeth61 vrf mesh up
Create a rule that puts all incoming and outgoing packets on the interfaces to use the vrf's routing table (table 10). This is needed to forward packets
ip rule add iif ens19 table 10
ip rule add oif ens19 table 10
ip rule add iif tun0 table 10
ip rule add oif tun0 table 10
ip rule add iif l2tpeth61 table 10
ip rule add oif l2tpeth61 table 10
Add the following in babeld to use table 10 to read and write routes
export-table 10
import-table 10
ip vrf exec mesh traceroute 100.64.10.1
<- run traceroute (on any exec) in mesh vrfIPv6 addresses disappear :( and need to be re-added)
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Establish a policy for data usage.
...
In the absence of written (or uniformly followed) policies, the implementation then becomes the defacto policy.
i.e. code is the law. If I have the permission to change a particular type of content (e.g. website) whatever changes I make to the website becomes the public facing communication for Toronto Mesh.
Simple: If I change content on the website within my permission capabilities, but without coordination with other communication activities, the website content could become out of sync with organizational priorities.
Complicated: If I am a new member and have been added to Toronto Mesh Element chat, can I take any member to member content including jokes and sarcastic comments, and publish it on another public website out of context?
Complex: If we want to be an open organization, whose processes are replicable, should we record video of all meetings? On one hand it males it available to members who could not attend the meeting, but it also limits discussion for those concerned about privacy or quotes taken out of context [add existing video policy discusion here]
Establish clear criteria for a membership list and types of members
This will document who has permission to do what.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Get or Reject a tomesh AS
To gain ownership of an IPv4 or IPv6 Public Internet IP Space you must register with a Regional Internet Registry. The North America registry is called ARIN. Once registered we can apply for a IP address size for both IPv4 and IPv6.
When applying for a IP range we will also be given an AS number. This AS number is used to announce the location of these IP addresses to the internet.
When using multiple exit nodes, the ability to announce the same IP address for each one will allow for more resilience on the mesh. Just like outbound connections could use any exit node, inbound connections could also be routed through any exit node.
Possibly not as important when using NAT
With an assigned AS we can router the IPv4 addresses into our mesh. The means that members can be given a publicly routable IPv4 IP address that lives on the mesh and is reachable from the internet.
Additionally publicly routable IPv6 addresses could also be handed out inside the mesh to every user.
To peer with TORIX you require your own IP range to announce. Torix is a "short cut" to many of the larger organizations that have presence in Toronto. This shortcut would lower the dependence on our internet egress.
IPv4 are a rare commodity and many transit contacts may not wish to donate theirs. By being able to bring our own IPv4 addresses, it may be easier to ask for service since it would not require depleting their ipv4 pools.
By owning an AS and an IP range we could be seen as more then a few hobbits and serious players in the "internet" game.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: 6/23/2020
๐ฏ Success criteria: Create relationship with Free Geek, submit ISOC grant, complete all admin tasks to be able to access funds.
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Access to a Exit Node
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Send out formal proposal to all contacts.
Create proposal for longer vision of toronto mesh.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Have relevant documentation added to https://docs.tomesh.net from the list below.
Keep operational and technical documentation in a well-structured book for anyone to easily find current information. Currently they are spread across multiple spaces and hard to discover/navigate.
These need to be fit into the docs chapters in the next section.
Please edit this comment to add sections. Use of subchapters is encouraged.
Docs are being worked on in the toronto-community-network-docs repo.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Deploy NTP server
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Have a clear map of first super node
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Define a policy for secret keeping.
Who has access to what credentials, accounts, etc.
Where are they stored.
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: asap
๐ฏ Success criteria: Agree on a set of terms we will use consistently across different spaces.
I would like us to agree on a set of terms and use them consistently across different spaces. Any deviation should be treated as an error and fixed. Otherwise, it is massively confusing for new people coming onboard to understand our communications, when the same thing is referred to in many ways. (e.g. Is Toronto Mesh same as TOMesh? What is the relation between Toronto Mesh, Toronto Community Network, Free WiFi Project?)
I propose the following, and stick to it religiously. If there is any disagreement or new term we need to define, let's list them here and we agree on their use.
Toronto Mesh
Written upper case T and upper case M.
This is how this group is formally referred to in different spaces (e.g. on our website timeline, CoC, all external communications and articles written by others). It is not TOMesh
, TO Mesh
, or Toronto Meshnet
.
Toronto Community Network
Written upper case T, upper case C, and upper case N.
The name of this particular initiative. It is the name we agreed on and put into all proposal material shared with collaborators.
City of Toronto's Free WiFi Project
/ Toronto Free WiFi Project
The working title of the project that the City is working on with its partners to offer free WiFi to neighbourhoods in need, as emergency response to the covid-19 pandemic.
tomeshnet
Written all lower case.
This is our account handle on different services and social media (e.g. Twitter, GitHub).
tomesh
Written all lower case.
Sometimes used as a short form to refer to Toronto Mesh in informal situations. This short form should never be used on published documents or official communication.
tomesh.net
Written all lower case.
Our website. It is without the www.
in front.
supernode
A supernode
is an actively maintained relaying node that supports high bandwidth point-to-multipoint (PTMP) connectivity. Currently all supernodes are managed by the Network Planning, Design and Operations working group at Toronto Mesh, but other groups may also operate their own supernodes on the Toronto Community Network.
toronto-community-network
(this name is confusing esp. since we have deployment
repo)This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Arrive at model for E2E VPN Criteria
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Deploy DNS server
...
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Document how to build a prometheus server
...
Tasks for next time some one goes up onto the roof of Woolner
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Create a functional lab network for the mesh
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: ...
We will be using IPv4 and IPv6 Ip addresses for the mesh
Fun Fact: IPv6 Address is in the fd::/8 range. The bytes of 74 6F 6D 73 86 converted into ASCII spell TOMSH (lowe case for backhaul range)
IPv4 subnets that will be used
Used for super nodes and core controlled network components
IPv6: FD54:4f4d:5348::/48
Address: 100.64.0.0 01100100.01 000000.00000000.00000000
Netmask: 255.192.0.0 = 10 11111111.11 000000.00000000.00000000
Wildcard: 0.63.255.255 00000000.00 111111.11111111.11111111
=>
Network: 100.64.0.0/10 01100100.01 000000.00000000.00000000 (Class A)
Broadcast: 100.127.255.255 01100100.01 111111.11111111.11111111
HostMin: 100.64.0.1 01100100.01 000000.00000000.00000001
HostMax: 100.127.255.254 01100100.01 111111.11111111.11111110
Hosts/Net: 4194302
IPv6: FD74:6F6D:73:86::/48
Used for community hubs and non-core devices
Address: 10.0.0.0 00001010 .00000000.00000000.00000000
Netmask: 255.0.0.0 = 8 11111111 .00000000.00000000.00000000
Wildcard: 0.255.255.255 00000000 .11111111.11111111.11111111
=>
Network: 10.0.0.0/8 00001010 .00000000.00000000.00000000 (Class A)
Broadcast: 10.255.255.255 00001010 .11111111.11111111.11111111
HostMin: 10.0.0.1 00001010 .00000000.00000000.00000001
HostMax: 10.255.255.254 00001010 .11111111.11111111.11111110
Hosts/Net: 16777214 (Private Internet)
The supernode hostname is snXyY
and where X
is assigned by the Network Planning, Design and Operations working group, and yY
is chosen by the node operator to identify network components within the node. For example a1
for antenna 1 and r1
for router 1.
All hostnames will be unique across the mesh.
The supernode devices will also use a domain in the format operator.tcn.tomesh.net
. A DNS and reverse DNS entry will be made for each device with such a domain name. For simplicity a super node will also carry an entry with the domain of nodename.tcn.tomesh.net
For example a FQDN (fully qualified domain name) will be sn1a1.core.tcn.tomesh.net
for a device operated by the core team at Toronto Community Network. The node will also answer as sn1a1.tcn.tomesh.net
Public SSID will not extend the BABELD protocol. They are standard access points connections for the public to access the mesh.
Format
tomesh.net
Mesh SSID are used to extend the mesh network. They have BABELD running on them. They can be one of several protocols.
Format
tomesh
-(protocol)
[-(meshid)
]
parameters
tomesh-
is a constant and never changes
(protocol)
is he protocol name the SSID is running. This could be for example airmaxac
,80211s
,adhoc
(meshid)
Optional part of the string when SSIDs need to be isolated. PtP and PtMP antennas will use their hostnames
Example
a tomesh node with hostname of sn1a1 runing airmax-ac protocol would be
tomesh-airmaxac-sn1a1
a tomesh node with running 80211s would be
tomesh-80211s
This initial comment is collaborative and open to modification by all.
๐๏ธ Re-ticketed from: #
๐
Due date: N/A
๐ฏ Success criteria: Instructions to build a working espressoBIN router for babeld
๐ Found u-boot hung a few times. I was messing with it at the time but still not a good thing
โ๏ธ Able to re-flash from uboot
โ๏ธ Almost full gig transfer when direct connection
โ๏ธ Almost full gig transfer when bridging
โ Routed dropped down to ~350Mbps
โ A reboot can cause it to enter into a UBOOT freeze and requires to be power cycled.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.