Caspur wi fi open source garr conf 2011

CASPUR Wi-Fi Open Source 10-nov-2011 - GARR Conference 2011Davide Guerri - CASPUR
CASPUR WI-FI
OPEN SOURCE
GARR Conference 2011
Authors: A.Ferraresi, M.Goretti, D.Guerri, M.Latini (CASPUR)
Speaker: Davide Guerri (CASPUR)

Summary
CASPUR and Wi-Fi
Free Italia Wi-Fi
Open Source WISP project
Further activities and work in progress

CASPUR and Wi-Fi

CASPUR and Wi-Fi
CASPUR at a glance
Is an Inter-University computing
consortium founded in 1992 and based in
Rome
it includes eleven italian universities
Hosts a wide range of national and
international carriers (all the major carriers
operating in Italy)
Hosts the NaMeX Internet eXchange Point
one of the main IXPs in Italy
Has been collaborating with many italian
Public Administrations since its foundation

CASPUR and Wi-Fi
With its openWiFi project, CASPUR has build and has been
maintaining some of the main Italian free Wi-Fi networks
Provinciawifi, Province of Rome
Surfinsardinia, Sardinia Region
Freewifigenova, Genova municipality
Pratowifi, Province of Prato
Maremmawifi, Province of Grosseto
ProvinciaGoriziaWiFi, Province of Gorizia

CASPUR and Wi-Fi
Many other Public Administrations have been showing interest in the
CASPUR openWiFi service
Friuli Venezia Giulia Region
Province of Siena
Province of Pistoia (*)
Province of Bari
Napoli municipality
Umbria region
Torino municipality
Pescara chamber of commerce

A few numbers for Provinciawiﬁ
One of the most wide centralized free Wi-Fi network
> 800 access points
> 150.000 registered user
> 500 registrations per day
> 6.000 accesses per day
CASPUR and Wi-Fi

Free Italia Wi-Fi

Free Italia Wi-Fi
Free Italia Wi-Fi has been ofﬁcially launched
on 9 september 2011 in Venice by its promoting
Public Administrations
Province of Rome
Sardinia Region
Venice municipality

Free Italia Wi-Fi
Aims to create a national federation of free public Wi-Fi
network
Users sign-up only once and then they can use any
network within the federation
Federation rules also assure users will have
A minimal amount of free trafﬁc/time for each
federated network
A neutral network access (e.g. without ﬁltering and
shaping)

Free Italia Wi-Fi
Genova municipality
Province of Gorizia
Province of Grosseto
Province of Prato
Torino municipality
Bra municipality
Cesena municipality
Province of Cosenza
Montevago municipality
Province of Pesaro and Urbino
Province of Pistoia
Province of Potenza
Saronno municipality
Tortorici municipality
Province of Trapani
Besides its promoters, at the time of writing Free Italia
Wi-Fi has the following members

From a technical point of view, Free
Italia WiFi is implemented by the IX-
WiFi, that is:
A RADIUS hierarchy (i.e. proxies)
and...
...a bunch of dedicated (and secure)
links between each federated entity
and a central “dispatching” point.
A pretty simple setup that can assure a
very good robustness and a wide
compatibility
Free Italia Wi-Fi

Free Italia Wi-Fi
CASPUR has a central role in Free Italia WiFi:
Is responsible for the technical regulations of
the IX-WiFi;
Holds and runs the IX-WiFi in its data center.

Open Source WISP

Open Source WISP
Since the beginning of 2010 CASPUR has been developing the
OpenWISP project, that is
A software suite that can be used to run a Wireless Internet
Service Provider (WISP)
An open source project. It can be downloaded and used free of
charge
http://openwisp.it/
Technological base on which CASPUR runs its OpenWiFi service
(following the open-source software business model)
http://openwiﬁ.caspur.it/

Open Source Project
OpenWISP includes the following software
OpenWISP User Management System (aka OWUMS)
OpenWISP Manager + OpenWISP Firmware (OWM
and OWF)
OpenWISP Geographic Monitoring (OWGM)
OpenWISP Captive Portals Manager (OWCPM)
OpenWISP MiddleWare (OWMW)

Open WISP User
Management System

Open WISP User Management System
From the users’ perspective
Fast and easy sign-up to the Wi-Fi service
Account management and password recovery
Accesses and trafﬁc stats history browsing
Gorgeous Web UI
Wonderful mobile version (iOS, Android, Symbian, etc...)
Fancy and animated (javascript) graphs for various
statistics

Open WISP User Management System
From the perspective of a Wireless ISP
A powerful Ruby on Rails application that allows a reliable
identiﬁcation of users with one of the following methods
Mobile phone account
Paypal/credit card
ID card digitalized copy acquisition (requires an operator)
Easy yet powerful users base management
Everything an help-desk operator may need and much
more...

Open WISP manager +
ﬁrmware

Open WISP manager
A Ruby on Rails web application for centralized management of
several hundred access points
Template-based access point modeling. Among others the following
access point’s components can be managed
802.11a/bg/n Wi-Fi interfaces (Madwiﬁ-ng and mac80211 driver
support)
Ethernet interfaces
Bridges and 802.1Q VLAN
Layer 2 VPN
Instantaneous conﬁguration changes deploy

Open WISP ﬁrmware
Is a bunch of shell (ash) scripts that sit on top of openWRT
Support any device supported by openWRT with an Atheros WiFi
Radio interface (i.e. mac80211 or Madwiﬁ-ng drivers)
Permits a simple installation of devices with an easy-to-use web based
UI
Has native support for multiple connectivity backhaul with automatic
failover
OLSR mesh over a WPA WiFi ad-hoc network (i.e. IBSS WPA-None)
UMTS/HSDPA connectivity for a limited number of UMTS USB
modem
Beta

Open WISP firmware
The OpenWISP Firmware works behind a firewall,
even if NAT is used
1. At boot time every OWF access point creates a
setup VPN (openVPN) with the OWM server
2. OWF access point requests and downloads its
configuration inside this setup VPN
3. The new configuration is deployed. For
instance another VPN is created for WiFi users
traffic encapsulation
The setup VPN remains up, so it is possible the
monitoring and the administration of the access
point (even if it’s behind a firewall/NAT).
4. Periodically the access point asks the OWM
server if its configuration is changed and, if so,
restarts form the point number 2.

Open WISP Geographic
Monitoring

Open WISP Geographic Monitoring
WiFi network status with many different levels of detail
Access point status on google maps with street view
(v3 API)
Detailed reports and statistics with browsable graphs
Access points can be annotated to keep track of their
history
GeoRSS feed for public maps and for third party
applications

OpenWISP Captive
Portal Manager

OpenWISP Captive Portal Manager
Written from scratch with Ruby on Rails
multiple captive portal support: one per physical/virtual interface
RADIUS / Local authentication
per-user trafﬁc shaping
multiple OS support
IPv4/GNU-Linux (iptables/tc) already implemented
other OS support can be implemented within the proper
subclass
IPv6 support can be easily implemented
Beta

OpenWISP MiddleWare
A Ruby/Sinatra application that implements a
RESTful web service
Provides user/access point-localization-related
informations
Used for OpenWISP applications integration
Permits integration of 3rd party applications
with an OpenWISP WiFi infrastructure

How do OpenWISP applications
interact?

Further activities and
work in progress

Further activities and work in
progress
EDUROAM experimentation in collaboration with
GARR
EDUROAM (EDUcation ROAMing) is the secure,
world-wide roaming access service developed for
the international research and education community.
Uses the state-of-the-art technology for network
security
WPA/WPA2 Enterprise (i.e. 802.1x) with EAP-
TTLS

progress
Our setup for EDUROAM
We use two 802.1Q VLAN
incapsulated into a single (layer
2) openVPN tunnel
One VLAN for auth’ed user
traffic
One VLAN for RADIUS traffic
(i.e. between authenticator and
authentication server)
The authentication server (hosted
by GARR) uses the EDUROAM
proxy server hierarchy for end-
user credential verification

progress
During the experimentation we had the opportunity to fix a couple
of bugs in the openWISP firmware
We would like to thank Claudio Allocchio for his help in fixing a
memory leak
A small set of Provinciawifi’s hotspots are now in production with
this fixed firmware and they are broadcasting EDUROAM eSSID
We’re waiting for the opportunity to spread EDUROAM along
with a Public Administration WiFi networks
We’re technically ready, but...
...high level agreements are WiP and so the resources :)

progress
We also contributed (and we are still contributing), in various ways, to some
open source projects
during the implementation of our software we had developed, tested and
than we released some patches and wrote some documentation
OpenVPN
BackgrounDRB (a Ruby/Rails job server and scheduler)
Rails 3 Italian i18n
RADIUStar (a RADIUS Ruby gem)
Libarchive-ruby (a Ruby gem for various archive formats support)
OpenWRT wiki pages and scripts for some routers re-ﬂashing
procedure

CASPUR WI-FI
OPEN SOURCE
Q&A
Authors: A.Ferraresi, M.Goretti, D.Guerri, M.Latini (CASPUR)
Speaker: Davide Guerri (CASPUR)
Links and further informations
http://openwisp.it/
http://www.freeitaliawifi.it/
http://openwifi.caspur.it/
--
mailto:wifi@caspur.it

Caspur wi fi open source garr conf 2011

More Related Content

What's hot (20)

Similar to Caspur wi fi open source garr conf 2011 (20)

More from Davide Guerri (6)

Recently uploaded (20)

Caspur wi fi open source garr conf 2011