Chantilly MESH

Prepare for the inevitable, and have fun doing it!

Stuart D. Gathman <stuart@gathman.org>

Last updated: Mar 25, 2020

Originally begun as a part (one I know something about) of responding to the threat of EMP, Chantilly MESH is a challenging project in its own right, and extremely important for decentralization in general.

Other decentralization pages

What is a MESH Network?

If your device has multiple "peers" (connections to different nodes), any of which can reach any other node in the network, it is part of a mesh. A typical internet consumer has only one connection to an ISP (Internet Service Provider). Or they might connect to a wifi router, which then has only one "upstream" connection (that can reach the rest of the internet) to an ISP. The internet backbone forms a mesh, because the backbone nodes have multiple peers - so that the rest of the internet remains accessible when a node goes down or is disconnected. A well connected ISP will also have multiple "peerings" (connections to the backbone).

The goal of this project is to interest people in a local mesh for Chantilly, VA which connects homes and businesses in a neighborhood. The cost is trivial, a basic router capable of running the mesh protocols is $26 (plus a place for it to live - outdoor models are $200). The difficulty is in explaining the benefit to neighbors.

Design of Chantilly Mesh

The base mesh protocol is BATMAN-ADV. This is a "layer-2" protocol that scales to about 1000 nodes. Layer-2 means it is like a neighborhood wide local LAN. The layer 3 protocols that run on top can connect neighborhoods, or to the global internet. The LAN itself does not connect to the internet. Joining the LAN should not entail any liability involved in connecting to the internet should someone do something illegal (but I Am Not A Lawyer - I will try to link some sites discussing legal aspects of mesh networks).

Since non-technical users won't know how to install BATMAN-ADV protocol, the routers also offer a common WiFi Access Point with SSID "chantilly-meshap". Users can connect to any of the WAPs to access the mesh LAN.

The mesh LAN is, of course, untrusted. Some of the neighbors or people walking by may be Not Nice. This is no different that using the Wifi at a restaurant.

BATMAN-ADV is link agnostic. Nodes can be connected via Ad-hoc Wifi, wired ethernet, a Wifi AP or client, or something geeky like an infrared link. The ad-hoc WiFi SSID is "chantilly-mesh".

Currently, the ad-hoc Wifi and WAPs are unencrypted. There seemed little point since the key would need to be advertised and widely known. But some people have advised me that it can help legally to have it encrypted - even if somewhat pointlessly. This will be done by using an SSID of "chantilly-emesh" for the encrypted ad-hoc WiFi, and simply adding a password to any WAPs that wish to. The encrypted and unencrypted ad-hoc links can co-exist just fine on the BATMAN-ADV mesh.

IPv4

There is a 10.0.0.0/8 network for the LAN. There is no long term goal of coordinating IPs. IP4 is obsolete, and IPv6 has better tools for doing this without a central authority. Anyone is free to put a DHCP4 server on the LAN, and many devices will use any results. I suggest a unique 10.0.0.0/24 for each WAP or administrative domain (family) connected to the MESH. Sending out a DHCP4 request and monitoring LAN traffic should show what is already used. If this gets popular and that gets unwieldy, we will have a paper registry of 10.0.0 networks. But really, IPv4 is obsolete.

IPv6

Routers have a unique IPv6 network in the FD00::/8 range tied to their MAC address. These will be advertised by default. Devices use the variety of methods for host part assignment provided by IPv6. E.g. SLAAC, CGA, Privacy Enhanced (random), DHCP6, static assignment by a human. This makes all devices on the LAN reachable by IPv6 with zero configuration (unless you are using static assignment).

Cjdns

Cjdns is an IPv6 mesh VPN protocol. Nodes will automatically find peers on the LAN by default, so there is zero configuration. The address of a node is the cryptographic hash of an elliptic curve public key in the FC00::/8 range. This is a variation on CGA address assignment. Packages are available for at least Fedora linux, Apple Mac, Windows. This will connect you to Hyperboria - a global VPN mesh. As the packets are end to end encrypted, and complete opaque to relay nodes, this should also not entail any legal liability - but again IANAL.

A Cjdns node can provide a tunnel to "clearnet" (the familiar global internet). This can be a secure way for savvy users to access the internet through their home ISP (or any other Cjdns node that grants their public key access) from anywhere on the mesh LAN (or anywhere else in the world). There are even VPN companies that do this commercially.

Internet Gateways

Someone may want to offer an internet gateway, like you would find in a coffeeshop or library. This is done by simply advertising a default route via DHCP4 and/or DHCP6. Clients will generally use the first DHCP offer they receive - and this will generally be the closest.

As this is in the US, gateway admins are advised to implement a captive web portal which makes clients click a button that says, "I promise not to do anything illegal in the US or State of Virginia via this internet connection." (Check, e.g. the wifi at a public library for the full legal text of such an agreement.) You could also have a paywall, if you wanted to be annoying - Cjdns is the better protocol for paid access to clearnet from the mesh LAN as mentioned above.

As mentioned before, the mesh is untrusted. This is particularly important for naive users of an internet gateway. A gateway operator might provide DNS service, and the DNS service they provide can lie. Or be misconfigured. Or get hacked. This can and does happen with coffeeshop WiFi also. The SSL (e.g. https) and TLS protocols are designed to verify the endpoint of a connection, despite lying/broken DNS servers.

Somewhat offtopic, but SSL/TLS has been subverted by CDNs (Content Distribution Networks), and you can't rely on it for authentication either. This is another reason not to use centralized services - but difficult to explain to neighbors.

Applications

  • How to Decentralize Common Apps - article on Fedora Magazine
  • Adam's notes on decentralized applications, and incremental steps in that direction.
  • Astroport - a decentralized application stack.
  • Secure ScuttleButt - a fully decentralized facebook/twitter workalike. Like Cjdns, this works with zero configuration when there are other SSB nodes active on the LAN.