Project

General

Profile

News

Batman-adv 2016.2 released

Added by Sven Eckelmann over 3 years ago

June 09th, 2016. Today the B.A.T.M.A.N. team publishes the June 2016 update to batman-adv, batctl and alfred! This release contains the initial patches to get network namespace support for batman-adv. Also several bugfixes, code cleanups and code documentation updates are included in this version. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2016.2/

as well as prepackaged binaries in your distribution.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

  • support latest kernels (3.2 - 4.7)
  • initial, limited support for network namespaces
  • kernel doc updates and coding style cleanups
  • cleanup of legacy kernel compat code
  • support for detection and reporting of complex bridge loops
  • bugs squashed:
    • fix some TT issues: double free for full table request structs (created problems on multi-core systems) and a double put of VLAN objects
    • fix various B.A.T.M.A.N. V issues: fix mac address after address change, ELP orig address on secondary interfaces, null pointer dereference in metric comparison, refcount issues, ...
    • fix skb deref after transmission
    • avoid duplicate neigh_node additions
    • replace WARN with rate limited output on non-existing VLAN
    • fix ICMP RR ethernet header access after skb_linearize
    • fix memleak of untagged vlan when removing interface via rtnl-link
    • fix build against Debian Stretch kernels

batctl

batctl's tcpdump component was enriched with an OGM2 and ELP parser to be able to print relevant B.A.T.M.A.N. V information. Also the new "loopdetect" type of bridge loop avoidance ARP packets is now recognized by the tcpdump component.

alfred

alfred now automatically mounts the debugfs before it reduces its capabilities. This avoids problems when it has to query the state of batman-adv via debugfs.

Happy routing,

The B.A.T.M.A.N. team

Batman-adv 2016.1 released

Added by Sven Eckelmann over 3 years ago

April 21th, 2016. Today the B.A.T.M.A.N. team publishes the April 2016 update to batman-adv, batctl and alfred! This release contains the initial support of the B.A.T.M.A.N. V routing algorithm. Also several bugfixes, code cleanups and code documentation updates are included in this version. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2016.1/

as well as prepackaged binaries in your distribution.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

This release marks the beginning of the public testing phase of the B.A.T.M.A.N. V routing algorithm - the newest evolution in the B.A.T.M.A.N. routing protocol family. Despite its recent nature, B.A.T.M.A.N. V has a vivid history: Back in 2010, initial ideas how to improve B.A.T.M.A.N. IV started flying back and forth. By 2012 the concept had matured enough, to warrant the first prototypes to be developed and tested. And yet, this ambitious project should last another 4 years with major contributions from key developers (including 2 GSoC projects) till we deemed it ready for a wider audience. A major refactoring effort was necessary as the B.A.T.M.A.N. IV algorithm was intertwined with the entire code base and not cleanly separated. The design goal was to have an inner-module API allowing to swap the entire routing algorithm to an alternative while preserving all features like translation table, distributed ARP table, bridge loop avoidance, gateway selection, etc. The invested effort was well worth it: The batman-adv kernel module is now able to run multiple independent mesh networks in parallel on the same host. When a mesh (batX) interface is created, batman-adv can be configured to use the desired mesh protocol (B.A.T.M.A.N. IV or B.A.T.M.A.N. V).

The key differences between B.A.T.M.A.N. IV and B.A.T.M.A.N. V are found in the message types and the metric. B.A.T.M.A.N. V relies on the Echo Location Protocol (ELP) for neighbor discovery. This packet type is never forwarded or rebroadcasted in the mesh. The Originator Messages version 2 (OGMv2) protocol remains responsible for flooding the mesh with link quality information and determining the overall path transmit qualities. The metric transported within the OGMv2 packets is throughput based. In most cases the throughput can be determined automatically, manual overrides are available too. The path throughput between node A and node B is computed as the minimum between the throughput value of all given links on the path between node A and node B (other factors are also included in the computation - for further details please check our OGMv2 wikipage).

As B.A.T.M.A.N. V is not considered 'stable', it needs to be manually enabled to be compiled into the kernel module. Deployment of B.A.T.M.A.N. V in production environments is not recommended. Test feedback is more than welcome!

Under the hood things changed too: The batman-adv reference counting implementation (based on atomic_t) was converted to the in-kernel kref based reference counting. The batman-adv module checks in different situations if a new device is already on top of a different batman-adv device. The check did not handle veth devices properly which are actually a pair of two devices linked to each other, thus froze the system. This has been fixed. A crash has been addressed which is caused due to accessing the encapsulated ethernet and VLAN header without checking whether these are part of the same skb buffer. The shutdown of an batman-adv interface can happen with one of its slave interfaces still being in the BATADV_IF_TO_BE_ACTIVATED state. A change has been introduced to set the interface state to BATADV_IF_INACTIVE, otherwise the batman-adv interface will never reduce its usage counter and thus never gets shutdown. The code also benefited from the usual set of code beautifications and checkpatch cleanups.

batctl

batctl imported some minor updates from the kernel header files. These include only the packet structure definitions of the B.A.T.M.A.N. V packet types.

alfred

alfred gained support on master servers to receive push_data packets from unix socket clients with foreign source addresses. The old/default mechanism of alfred to write its own MAC address is still supported, by setting the source MAC address to 00:00:00:00:00:00, as previous clients did. Note that this feature is not supported on slave servers. Also various code cleanups have been performed, and a invalid EUI64 addresses are ignored now.

Happy routing,

The B.A.T.M.A.N. team

The B.A.T.M.A.N. project endorses the Battle of the Mesh v9

Added by Simon Wunderlich over 3 years ago

The Wireless Battle of the Mesh is an event that aims to bring together people from across the globe to test the performance of different routing protocols for ad-hoc networks, like Babel, B.A.T.M.A.N., BMX, OLSR, and 802.11s.

Many developers and community networkers will join the event to hack, test, discuss, explain and learn.

If you are interested in dynamic routing protocols or wireless community networks you can't miss this event!

The battlemesh is free of charge and open for all, every year we strive to keep participation costs low by negotiating deals for accommodation and food.

This year the event will take place from Sunday 1st to Saturday 7th of May 2015 in Porto, Portugal.

The B.A.T.M.A.N. project endorses and supports the Battle of the Mesh v9 because of the efforts made by its community to advance the field of wireless mesh networking and foster the development of grassroots community networks.

The B.A.T.M.A.N. project will support the event by:

  • help to promote the event
  • numerous members of the B.A.T.M.A.N. community have already confirmed their attendance
  • help organizing the event
  • help setting up the testbed for protocol testing
  • will organize workshops to discuss integration and new features with other communities
  • test our new algorithm B.A.T.M.A.N. V

Many other communities endorse and support the Wireless Battle of The Mesh v9, an up to date list of the endorsers of the Battlemesh v9 can be found at the main Battlemesh website.

If you are interested in coming join the event's Mailing List to stay up to date with the latest news.

Batman-adv 2016.0 released

Added by Marek Lindner over 3 years ago

January 19th, 2016. Today the B.A.T.M.A.N. team publishes its first release in 2016! This release contains mostly bugfixes, code cleanups and code documentation updates, providing a safe and pleasant update for everyone. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2016.0/

as well as prepackaged binaries in your distribution.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

A long standing feature request has been addressed by implementing a list of unique single hop neighbors per hard-interface. As this neighbor list is maintained by each routing protocol independently, the necessary protocol abstractions have been put in place. The neighbor list is made available to user space via debugfs. This release also comes with a massive code documentation (kernel doc) update concerning literally every component. Missing symbols were added, obsolete descriptions removed, names and code pointers updated and the style unified. The batman-adv kernel module also gained the ability to react to interface type changes allowing batman-adv to detect when an interface transitions from a supported type to non-supported and vice-versa.

Batman-adv's mutual exclusion mechanism 'read-copy-update' (rcu) to access data structures shared among various threads was re-organized to avoid recursive code paths of rcu delayed memory frees that could bypass safeguards meant to prevent freed memory access. Especially on multi-core systems these recursive rcu calls might have led to random kernel crashes.
The bridge loop avoidance' wait time for broadcast suppression has been increased to 60 seconds, in order to grant the loop avoidance mechanism sufficient time to detect all backbone neighbors even on networks with lossy links. Additionally, batman-adv will clear all internal states and purge data-structures immediately upon bridge loop avoidance deactivation to ensure a clean state, in case the system toggles the bridge loop avoidance activation/deactivation within a few seconds.
Following an interface shut down, batman-adv re-organizes its internal routing structures and - in the process - might copy data to new structures. In that process wrong data can be copied to the new location due to a bogus memory address calculation. This has been fixed.

The regular set of checkpatch cleanups & code refactoring complement this release.

batctl

To conveniently retrieve the single hop neighbor table, support to fetch said table from the kernel module was added. Furthermore, typographical errors in the code comments were fixed as well as a bogus length check upon debugfs path assembly.

alfred

Typographical errors in the manpage were fixed as well as a bogus length check upon debugfs path assembly.

Happy routing,

The B.A.T.M.A.N. team

B.A.T.M.A.N. V leaves the nest

Added by Marek Lindner over 3 years ago

For those following the mailing list and other events around the B.A.T.M.A.N.
team the term 'B.A.T.M.A.N. V' probably sounds all too familiar. It has been
more than 5 years since the first ideas for improving the routing protocol
were exchanged. In the following years we had several GSoC projects dedicated
to pull this topic forward, countless hack & brainstorming sessions (including
sleepless nights at each battlemesh). Turns out, replacing a mature protocol
like B.A.T.M.A.N. IV takes more effort than you might think.

Another hurdle we kept running into was the missing separation between routing
logic and feature code preventing any developer and/or tester to quickly
switch from one protocol to the other. Now we have finally completed hiding
all routing logic behind an internal API allowing to change the routing
protocol while still benefiting from all the layer2 features.

With this mail the B.A.T.M.A.N. team announces the availability of the latest
protocol revision: B.A.T.M.A.N. V. Major features are its throughput based
path metric and packet type separation. For a high level overview about the
differences to B.A.T.M.A.N. IV feel invited to continue reading[1]. Technical
protocol specs also are available [2][3].

The code has already undergone stability and performance testing[4], thus is
considered ready for a wider audience testing. In the coming weeks said
patches will be included in the main source tree and sent upstream to the
kernel maintainers. Comments and feedback are welcome!

Next steps involve finishing the throughput meter[5] to enrich B.A.T.M.A.N. V
with an automatic link throughput detection when other mechanisms fail.

Happy routing,

The B.A.T.M.A.N. team

Batman-adv 2015.2 released

Added by Marek Lindner almost 4 years ago

the B.A.T.M.A.N. team is excited to announce the release of batman-adv 2015.2, the December 2015 update to batman-adv, batctl and alfred. The batman-adv kernel module has undergone significant polishing in this cycle to deliver stability and reliability. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2015.2/

as well as prepackaged binaries in your distribution.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

While operating a mesh network with various nodes being configured with different VLANs, the translation table (TT) could enter an inconsistent state, leading to payload traffic never arriving at the destination. The TT consistency check was extended to no longer assume an identical VLAN configuration on every node in the network. Another corner case is triggered when a non-mesh client is detected via listening to payload traffic ('speedy join') and then roaming to a nearby mesh node before the previous mesh node ever officially announced the presence of said non-mesh client. Because this case also could lead to payload traffic being sent to limbo, the internal non-mesh client TT state is cleared before changing from 'speedy join' client to officially announced client. The memory footprint was reduced by switching to single linked list header for TT operations.
The distributed ARP table (DAT) received a fix preventing invalid stack access when searching for eligible DAT candidates causing a kernel crash. Also, DAT cache replies were able to fool the 'speedy join' mechanism of other mesh participants, as these replies were interpreted as non-mesh client payload data. This confusion is prevented with a proper packet type check.
Under specific circumstances the bridge loop avoidance (BLA) was able to provoke a 'network storm' of constantly repeating BLA claim tables synchronize requests due to missing locking and multiple writes to the same CRC checksum when adding/removing entries. This has been fixed by adding proper locking to the CRC checksum calculation.
The gateway list entry purging was at the origin of long delays on kernel module unload. The artificially introduced delay through a 'deleted' attribute has been replaced with modern RCU-style locking and reference counting. The gateway bandwidth calculation on 32Bit CPU systems could lead to an integer overflow which has been fixed. If parsing the provided gateway bandwidth is unsuccessful an error code is now communicated back to user space.
To avoid packet transmission issues when slave devices encapsulate packets without having enough room for the encapsulation header the required header size is updated each time a slave device is added and/or deleted. Memory access on forced kernel module unload was re-ordered to prevent a system crash. The code also benefited from the usual set of code beautifications and checkpatch cleanups.

batctl

The batctl utility was enriched with a 'routing algorithm' option, allowing to display all configured batman-adv mesh interfaces with their respective mesh protocol information, as well as setting the mesh protocol for the next mesh interface to be created.

alfred

In addition to fixing a few typos, the README now correctly mentions the libpcap dependency.

Happy routing,

The B.A.T.M.A.N. team

Batman-adv 2015.1 released

Added by Marek Lindner about 4 years ago

August 10, 2015. The B.A.T.M.A.N. team today releases batman-adv 2015.1 focusing on code cleanups, stability and bugfixes. Since no major code changes were introduced upgrading to this version should bear minimal risks. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2015.1/

as well as prepackaged binaries in your distribution.

Important changes

The default settings for enabling Network Coding and the bridge loop avoidance have been changed. If you are using either feature, please verify that your setup still behaves as expected after the upgrade.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

With this release the source directory structure has been modified to align with the batman-adv directory structure in the Linux kernel. This should facilitate proposing and applying patches based on the code base shipped with Linux kernel. In parallel to this restructuring effort, the compat layer (needed to support older Linux kernel versions) also has been modernized. The single compat include file has been divided into separate header files named after their up-to-date counterparts. Previously needed explicit compat includes could be removed, thus further reducing the difference between the Linux kernel code and the out-of-tree repository.

To make the first time deployment a better experience the default configuration has been changed: Network Coding support has been disabled due to its dependency on WiFi promiscuous mode that not all WiFi chips/drivers support. The bridge loop avoidance mechanism (BLA) has been enabled to prevent accidental bridge loops from being created.

The batman-adv module came with its own Jenkins hash implementation used by all sorts of components like the originator table, the translation table and more. That implementation has been replaced with the in-kernel Jenkins hash which provides better optimized code. The debugfs components aren't compiled into the module anymore when debugfs is not compiled into the kernel. The initialization upon detection of a batman-adv gateway has been fixed as it could cause the kernel to hang on module unload. Various race conditions triggered by concurrent delete events in the translation table code have been fixed as well. Payload broadcast packets scheduled to be forwarded right on batman-adv disable or module onload are now properly purged to prevent memory leaks. With enabled distributed ARP table (DAT) batman-adv might have answered an ARP request for a local client. An additional mac address check prevents confusing switches in the LAN which rely on ARP to learn behind which port the client is located. Quite some effort was spent to improve the overall code readability, cleanups and coding style issues.

batctl

To support building batctl in combination with the musl C library the if_ether.h header file is now included from the 'netinet' folder instead of the 'linux' folder because musl does not allow mixing includes from 'netinet' and 'linux' at the same time.

alfred

Interfaces with more than one link-local addresses are now supported by alfred binding to specific an interfaces and its link-local EUI64 address. All outgoing alfred packets will be originating from that single address.

The size of the maximum alfred payload was slightly reduced. This ensures that the UDP/IPv6 stack is able to transfer the push data packets between different alfred servers.

Happy routing,

The B.A.T.M.A.N. team

2015-05-16 Introducing AlfredA

Added by Simon Wunderlich over 4 years ago

AlfredA is a re-implementation of the alfred data-exchange protocol as native Java library for Android. The library aims to provide the slave functionality of A.L.F.R.E.D. (the almighty lighweight fact remote exchange daemon) to pull and push data from alfred masters running somewhere in the network. This is especially useful in case the Android device (for example a smartphone) wishes to share its GPS location with the network. Other AlfredA-enabled apps or a central visualization server can fetch the location data to draw their location on a map. Also the reverse is possible: The network could provide information useful to the mobile clients like latest community network news or WiFi usage statistics for debugging/monitoring purposes, thus avoiding a central monitoring server.

AlfredA has been implemented as part of Bastian Rosners Bachelor Thesis to distribute location data in wireless mesh networks. The library as well as more information can be found on AlfredA's github repository page as well as the bachelor thesis paper [written in German]. Another outcome of the thesis is a wireshark dissector which can be used for debugging A.L.F.R.E.D. communication. In the process, the A.L.F.R.E.D developer team has also added extensive A.L.F.R.E.D. protocol documentation in our wiki to help Bastian with his implementation

We hope this work will inspire other Android app developers to use A.L.F.R.E.D. to store and receive data from their wireless mesh networks and will be useful to many projects. :)

Sample app using the AlfredA library:

Happy Routing,
the B.A.T.M.A.N team

The Joker attacks

Added by Simon Wunderlich over 4 years ago

After laying low for quite some time, the Joker finally makes its appearance! "The Joker" - a penetration testing and research tool to test security aspects of batman-adv networks - was developed by security researchers Pedro Larbig and Alexander Oberle at TU Darmstadt (Germany), and we finally got permission to release the source code to the public.

The tool currently supports the following tests:

  • Peer/Route flooding: flood fake OGMs
  • Blackhole: announce to neighbors that the best route is via the attacker node
  • Loop Forming: create local loops on multi-hop paths
  • Fuzzing: modify packets randomly to create malformed packets

Pedro & Alexander developed the tool in order to facilitate their mesh network security research. Their work focuses on B.A.T.M.A.N. Advanced version 2011.1.0 and concluded that this version was performing pretty well in the Peer/Route and fuzzing tests. Albeit not being able to prevent maliciously provoked loops/blackholes entirely, B.A.T.M.A.N. Advanced did recover quickly when needed, according to their study.

To instigate further interest in mesh network security the 'Joker' code base is being published alongside this announcement. Hopefully, the Joker inspires security researchers as well as developers to investigate and fix issues in the B.A.T.M.A.N. protocol and/or implementation. We will also accept contributions for the Joker through the usual channels. Note that the tool does currently not work with the more recent versions 2013.4.0 or 2014.4.0 and later - patches are welcome.

Happy routing,

The B.A.T.M.A.N. team

Batman-adv 2015.0 released

Added by Sven Eckelmann over 4 years ago

The B.A.T.M.A.N. team is pleased to announce the immediate availability of batman-adv 2015.0 - a bugfix and maintenance release introducing only fixes and and minor cleanups, providing a safe and pleasant update for everyone. As the kernel module always depends on the Linux kernel it is compiled against, it does not make sense to provide binaries on our website. As usual, you will find the signed tarballs in our download section:

https://downloads.open-mesh.org/batman/releases/batman-adv-2015.0/

as well as prepackaged binaries in your distribution.

Thanks

Thanks to all people sending in patches:

and to all those that supported us with good advice or rigorous testing:

batman-adv

The batman-adv compat code has been freed of a problem on old Linux kernel versions (< 2.6.39) causing a malfunction of packet forwarding to the assigned bridge. Packets entering the batman-adv mesh via the batX interface were not considered for interface bonding due to an erroneous comparison. This regression introduced by the routing code abstraction has been fixed. Also addressed has been a false warning triggered by the network coding lockdep class when running lockdep to find problems in the locking routines. The code also benefited from the usual set of kernel enhancements and checkpatch cleanups.

batctl

batctl imported some minor updates from the kernel header files. These include only code style cleanups and some misspelled words in comments.

alfred

alfred gained the ability to execute a specified command whenever the managed data changes (either new data arrived, stale data was purged or an update with an actual change was triggered). The executed command receives the IDs of the changed data as arguments.

The alfred server process now automatically drops privileges after the initial setup phase. This is a standard security practice to reduce the potential damage of a malicious attack in case an exploitable flaw were to be discovered. Documentation explaining how to start alfred as non-root process is available. In light of these changes, the packet validation code underwent additional scrutiny which led to improved checks on valid packet length and header validation.

Dataset version numbers are now correctly changed when the data is only updated and not added. This can be tested with the new verbose mode of the alfred client. It shows the version information of each received dataset.

Happy routing,

The B.A.T.M.A.N. team

(21-30/92)

Also available in: Atom