Meetings and Meeting Notes

Althea L1 Development
1

This thread is for storing results of meetings and developer updates.

3

2018-04-01
Miscellaneous firmware targets:

  • Ease of use/installation
  • Ad-hoc configurability (e.g. we’d like to choose in a UI menu, and not waste
    an hour for recompiling or even more for manual configs debugging)
  • More configuration from the device as opposed to compile-time
  • Auto-setup:
    • Setup API - you talk to an exit and configure yourself to work with it
    • User config API - a webpage served from router accessible to users; used to
      configure WiFi pass, ports and Althea-specific stuff; “Easy Mode”

Payment Channels:

  • Payment glue code for Rita (run on an interval)
  • Guac’s supposed to be a passive module

Exits:

  • Gateways should want to provide access to as many exits as possible

TCRs:

  • What’s compelling evidence of fraud?
    • Word gets out quick in a small community
    • Extreme attack: politics and sabotage

Food for thought:

  • Mobile management app?
  • Large-scale node management (Routers calling home for updates)

Intuition:

2 Likes
4

Justin TODO week of 2018-04-02

  • Firmware flasher and behind the scenes packages/firmware work to make that possible
  • Start user interface integration into althea_rs and the router firmware
  • Take over some of the testing/stabilization for openwrt rita from @kindiana
  • On board @drozdziak1 goals are to improve testing situation as well as introduce to the rust codebase.

Open Pull Requests:

5

2018-04-05 Quick call

Participants:

  • Justin
  • Ben
  • Stan
  • Deborah (briefly)

Process changes:

  • Switch to single dev branch (pre-0.1.0); careful with force-pushes!

High-level TODO:

  • Stop crashing daemons for non-critical reasons
  • Add default configs to our daemons
  • Identify small bugs & annoyances
  • Refactor (eliminate warnings, implement best practices etc.)
6

2018-04-06 Quick call

General subject

Integrating althea_rs with OpenWRT

Participants

  • Justin
  • Ben
  • Stan

Rust <-> Firmware integration:

  • Move interface config out of Babel
  • Make sure we don’t assign an fe80 address more than once
  • Rita’s init script
  • Exit installer playbook:
    • Pin wireguard version
    • rita_exit setup
    • diesel command “diesel migration run” (db setup)
  • Exit signup details:
    • ZIP code (location)
    • e-mail
  • Firewall defaults (for everything Althea but the Babel management socket)
    • Rita hello port (4876)
    • Exit signup (currently 4876; needs to be changed)
  • Port reuse - whenever a peer connects to rita it’ll open a tunnel on a port
    above port 60 000 (we’re not reusing them which is bad; we merely increment it)
  • Benchmarking:
    • Memory usage
  • uhttpd config
  • We need Jehan to integrate the new signup workflow (and get us the JS involved)
7

2018-04-09 Dev Meeting

Participants

  • Justin
  • Stanislaw
  • Ben

Notes/Agenda

Finding out what’s up with kindiana’s pre-0.1.0 tip

  • Probable cause: Use of feature branches and attempting a possibly convoluted merge
  • Lessons learned: That’s why we don’t make feature branches yet and why we try to merge things quickly; We should use Gerrit (GerritHub).

The simplified Althea config dashboard todo

  • Put it on /althea if it’s not too complicated to do
  • How LuCI works ATM:
    • LuCI has a trivial HTML file that redirects <router_ip>:80 to its CGI script in /www/cgi-bin using <meta> tags
  • Solutions:
    • Easy: Change the redirection target to our own index.html and add a link to original LuCI in our own WebUI
    • Mid: Set the different route on server (uhttpd) side
8

2018-04-12 Quick call

Participants

  • Jehan
  • Justin
  • Ben
  • Stan

What we talked about

  • Implementing mockup interfaces similar to debt_keeper’s mod.rs in other parts of althea_rs
  • Giving Jehan a firmware image
9

2018-04-13 Quick call

Participants

  • Justin
  • Ben
  • Stan

Things Ben and Justin were breaking

  • Exit ports

Tests

  • Traffic watcher and tunnel manager need tests badly
  • Random topology in tests and “smart” generated meshes in general - not a great idea for CI, cool nonetheless

HW Release Process

  • At some point we’re going to ask a hardware distributor to flash a couple hundred/thousand devices with Althea
10

2018-04-16 Dev Meeting Notes

Participants

  • Justin
  • Ben
  • Stan

Things we talked about

  • OpenWRT Firewall rules:

    • UCI seems to get subnet firewall rules wrong
    • Limited to IPv6 rules
    • We’ve got a possibly hacky solution, we need a proper one in the future

  • Stan’s TODO:

    • Integrate althea-dash with althea-firmware
    • Slay warnings in althea_rs

  • Ben’s TODO:

    • Deal with fe80 addresses (Wireguard doesn’t add them automatically)
    • Support for exit routing:
      • We probably explicit need tunnel routes

  • Justin’s TODO (highest to lowest priorities):

    • Continue testing the progress of our software
    • Look at restricting prefixes to /128
    • Stop Amazon from complaining about us being a proxy
    • Add IPv6 router LANs

  • Why less than /128 addresses might cause problems:

    • Babel redistributes them
    • People might want to share custom xroutes of their own
    • In Althea 99.9% of sub-/128 prefixes will be attackers
11

2018-04-23 Quick call
Participants

Justin
Ben
Stan

TODOs

Stan:
    Further dashboard integration
    Stabilizing Rita
    Firewall rules research (ping floods resistance etc.)
Ben:
    Fixing bugs and tests in Rita for the forseeable future
Justin:
    Automatic firmware flasher improvements
    Testing Rita and trying to break it
    Version migration tests

Other stuff we discussed

Router upgrade scenarios
Migrations during upgrades (Once we go mass scale we need to handle data model changes responsibly)
Router statistics:
    Load averages
    Errors
    Uptimes
    General resource usage
    A dashboard integration
    Data collection for a non-user-facing database on the exit
Supplier relationships:
    We need someone agile enough to agree to sell us relatively few devices and also be able to satisfy a bigger demand in the future
    Some of the stuff we’re interested in:
        Ubiquiti devices
        TP-Link (e.g. C7v2’s, with stress on the v2)
        Any hardware that meets our software’s requirements
        We’d like to consider the premium range in the future, e.g.:
            Turris Omnia
12

2018-04-23 Quick call

Participants

  • Justin
  • Ben
  • Stan

TODOs

  • Stan:
    • Further dashboard integration
    • Stabilizing Rita
    • Firewall rules research (ping floods resistance etc.)
  • Ben:
    • Fixing bugs and tests in Rita for the forseeable future
  • Justin:
    • Automatic firmware flasher improvements
    • Testing Rita and trying to break it
    • Version migration tests
  • Unassigned:
    • Sort out device-specific dependencies in configs - Verify that the configs are correct, likely by hand

Other stuff we discussed

  • Router upgrade scenarios
  • Migrations during upgrades (Once we go mass scale we need to handle data model changes responsibly)
  • Router statistics:
    • Load averages
    • Errors
    • Uptimes
    • General resource usage
    • A dashboard integration
    • Data collection for a non-user-facing database on the exit
  • Supplier relationships:
    • We need someone agile enough to agree to sell us relatively few devices and also be able to satisfy a bigger demand in the future
    • Some of the stuff we’re interested in:
      • Ubiquiti devices
      • TP-Link (e.g. C7v2’s, with stress on the v2)
      • Any hardware that meets our software’s requirements
      • We’d like to consider the premium range in the future, e.g.:
        • Turris Omnia
13

Daily report 2018-04-30

Done

  • Understood and eliminated (with Ben’s help) actix crashes on my router (an old, wrong ubus command inserted by git stash pop with my changes)
  • Applied Ben’s snippet for testable babel_monitor, adjusted rest of the code for it. However, the new code prevents Rita from passing interfaces to Babel’s config socket.

Doing

  • Debugging the new Babel trait problem (above)

TODO

  • Mock WiFi settings data so that a router is no longer critical for interacting with them
  • API calls on React side for the dashboard
  • Add tests to the traffic watchers
  • Usual warning hunting
  • The firewall ping flood mitigation research
14

Daily report 2018-04-30

Done

  • improve error handling in network endpoints using actix extractors
  • Adding general settings api endpoint
  • Add api for own info

Doing

  • Making integration tests more extensive (test client -> gateway -> exit end to end)

TODO

  • Fix issues with rita whenever they come up
  • Add geoip for signup endpoint
  • Test all settings endpoints
  • Add more api commands to configure everything
15

Daily report 2018-04-30

Done

  • Patched up that annoying debug message in Babel causes log spam and memory usage (since logs are in ram)
  • Got another chance to test autoflasher with a out of box edgerouter some more fixes there

Doing

  • Wrapping up some better error handling and tracing for kernel interface
  • Building and uploading a full compliment of firmwares
  • Fixing the nat firewall

TODO

  • Dedicate some time to playing around with actix and moctapus
  • write this weeks update
  • Try and make sure we hit the target ‘done’ date for this stage of the firmware, this friday.
16

Daily report 2018-05-01

Done

  • reshffle guac_rs
  • implement some channel update validation logic

Doing

  • Implementing more of guac

TODO

  • figure out implementation details of guac, specifically structuring
  • geoip stuff for rita exit signup endpoint
17

Daily report 2018-05-01

Done

  • Make Babel into a trait
  • remove all warnings from babel_monitor

Doing

  • traffic_watchers tests
  • Multiexit support

TODO

  • Usual warning hunts
  • ping flood mitigation research
18

Daily report 2018-05-01

Done

Doing

  • Testing firmware changes, looking into opkg difficulties.

TODO

  • Write blog post
  • Do some actix/moctapus practice
19

Done
Handed off payment channels to kindiana

Doing
Not programming today

To do
Catch up on implementing api calls and sign up flow in dashboard

20

Daily report 2018-05-02

Done

  • Review Justin’s warnings cleansing
  • Stop using standalone Babel writes (now issuing a command is tied to a result of that command)

Doing

  • Implementing traffic_watcher tests:
    • Debugging nasty I/O stuff connected to mocking a Babel stream (The funny thing is integration tests work alright while the tests don’t :smile: )

TODO

  • ping flood mitigation research