SlideShare a Scribd company logo

FFMUC goes wild - Infrastructure recap 2020 #rc3

A
Annika Wickert

#FFMEET #Jitsi Freifunk

Technology
1 of 31
Download to read offline
FFMUC goes wild Tech talk at #rc3 28.12.2020
awlnx ● Annika Wickert ● Senior Network Engineer ● Twitter @awlnx krombel ● Matthias Kesler ● IT Consultant ● Twitter @kr0mbel Who are we? pkoerner ● Peter Körner ● IT since CBM, 2C3, FF 6y, DL9HCZ, working @Red Hat ● Twitter @pkoerner81929
FFMUC? • Freie Netze München e.V. seit 2014 • Community Freifunk München seit 2004 • No registration of nodes • Wifi • #FFMEET • DoH/DoT/DNSCrypt
Jitsi to close the social gap during corona • An upcoming Freifunk Meeting was about to get canceled because of Corona • Many people especially schools seemed in need of an easy to use conference system • “Freifunk verbindet” • Christmas 2020
FFMEET appeared in the press
Technical challenges • Scaling (nginx, prosody etc) • Firefox a WebRTC nightmare • Running on nightly builds • Automation
Many participants and supporters!
Restart of Freie Netze München e.V. • FNMUC was kinda abandoned • We need an entity which can sign contracts and acquire money • Elections in July • Since then many new members, many actions, lots of ideas and high motivation
AS212567 • IPv4: 5.1.66.0/24 + 185.150.99.0/24 • IPv6: 2001:678:e68::/48 + 2001:678:ed0::/48 • When we need to switch datacenters we keep the address space • We can multi-home much easier • More possible sponsors • We can join Internet Exchanges! #PeeringFamily • Abuse handling is done by FNMUC e.V.
Preparing the new datacenter ● Pre-Installing everything possible ● Switching to Ubuntu 20.04 from Debian (mostly) stretch ● Run an overlay network for easier cross-site communication (Nebula) ● Much SaltStack code: https://github.com/freifunkMUC/ffmuc-salt-public
Journey to vienna
Vienna!
We are online!
Use more bandwidth! • New DC has a bigger uplink • Users cannot use it, because fastd does not perform very well • L2TP performs very good but has no encryption • We experimented with Wireguard before and were very happy with it
Wireguard vs fastD • FastD is a single threaded userspace process • Wireguard runs in kernel space thus has to be multithreaded • Wireguard cannot transport Layer2 Protocols - B.A.T.M.A.N. is one ... • We need another encapsulation which solves this problem => VXLAN WireguardVXLANB.A.T.M.A.N.
Gateways • Everything is automated with Saltstack • systemd-networkd takes care of all interfaces • 800 - 1000 Nodes per Gateway are easy • We run whole FFMUC on just two gateways
We are pioneering much stuff • There was no systemd-networkd integration for B.A.T.M.A.N. => So we wrote it: https://github.com/systemd/systemd/pull/17252 • There was no firmware integration => So we wrote it: https://github.com/freifunk-gluon/community-packages/pull/6 • There was no daemon to accept wireguard keys => So we wrote it: https://github.com/freifunkMUC/wgkex
How does it work? • Wireguard Peers on the gateways are created by wgkex • Allowed IP is derived from the publickey of the node • VXLAN Forwarding database entry are created by wgkex
WGKex?
Debugging … Flamegraphs and Bugs • Wireguard performs well but we have too much load on our gateways. Why?
Community • Freifunk Darmstadt and Freifunk Regensburg helped a lot during development of wgkex! • B.A.T.M.A.N. developers helped a lot during debugging the performance issue and created many bugfixes • Everything is opensource and available on Github https://github.com/freifunkMUC • More background and all fixes: https://ffmuc.net/freifunkmuc/2020/12/03/wireguard-firmware/
So is it faster?
Other Services • Chat for our Community (and people interested in Jitsi ;) ) https://chat.ffmuc.net • Public DoH/DoT/DNSCrypt resolver https://doh.ffmuc.net
Encrypted DNS • As we appeared in c’t much growth the last month (link in appendix)
New datacenter in munich
Much code ...
Feedback, comments Wir freuen uns über jede konstruktive Kritik:
Community & Social Media
We need members and supporters • We have monthly costs for data centers, IP space etc. • We have a association called Freie Netze München e.V. • We only have a few number of admins at the moment • New ideas christmas presents https://ffmuc.net/freifunkmuc/2020/12/12/weihnachtsaktion/ => We need more people! Sign up here: https://ffmuc.net/wiki/doku.php?id=ev:start “Das andere Weihnachts geschenk!”
FFMUC at #rC3 • Jitsi/FFMUC Meet Raum 24/7: https://meet.ffmuc.net/ffmuc-rc3 • FFMUC Chat (Mattermost): https://chat.ffmuc.net/ • Wireguard background: https://ffmuc.net/freifunkmuc/2020/12/03/wireguard-firmware/ • FFMUC Wiki Knowledge Base: https://ffmuc.net/wiki/doku.php
More links • Freifunk München Map: https://map.ffmuc.net • Freifunk München: https://ffmuc.net • Freifunk: https://freifunk.net • Freifunk Karte: https://freifunk-karte.de • RIPE Anchor: https://atlas.ripe.net/probes/6886/ • RIPE Stats: https://stat.ripe.net/as212567

Recommended

Annesso 5 trascrizioni_ris
Annesso 5 trascrizioni_risAnnesso 5 trascrizioni_ris
Annesso 5 trascrizioni_risilfattoquotidiano.it
 
Surat RASMI KEPADA PPD
Surat RASMI KEPADA PPDSurat RASMI KEPADA PPD
Surat RASMI KEPADA PPDUPSI
 
Proposal sponsorship
Proposal sponsorshipProposal sponsorship
Proposal sponsorshipAlby Alyubi
 
Borang hakim relay akhir
Borang hakim relay akhirBorang hakim relay akhir
Borang hakim relay akhirmuhdjaijita
 
Kertas konsep pertandingan bercerita dan mengeja
Kertas konsep pertandingan bercerita dan mengejaKertas konsep pertandingan bercerita dan mengeja
Kertas konsep pertandingan bercerita dan mengejamuhammad hilmi
 
AT: Fionna & Cake - "The Star" (2)
AT: Fionna & Cake - "The Star" (2)AT: Fionna & Cake - "The Star" (2)
AT: Fionna & Cake - "The Star" (2)iggycraig
 
Surat kuasa menunaikan cek
Surat kuasa menunaikan cekSurat kuasa menunaikan cek
Surat kuasa menunaikan cekFATIMAH OTHMAN
 
Kertas kerja prog thn 6 2016
Kertas kerja prog thn 6 2016Kertas kerja prog thn 6 2016
Kertas kerja prog thn 6 2016cikgunafizah
 

Recommended

Annesso 5 trascrizioni_ris
Annesso 5 trascrizioni_risAnnesso 5 trascrizioni_ris
Annesso 5 trascrizioni_risilfattoquotidiano.it
 
Surat RASMI KEPADA PPD
Surat RASMI KEPADA PPDSurat RASMI KEPADA PPD
Surat RASMI KEPADA PPDUPSI
 
Proposal sponsorship
Proposal sponsorshipProposal sponsorship
Proposal sponsorshipAlby Alyubi
 
Borang hakim relay akhir
Borang hakim relay akhirBorang hakim relay akhir
Borang hakim relay akhirmuhdjaijita
 
Kertas konsep pertandingan bercerita dan mengeja
Kertas konsep pertandingan bercerita dan mengejaKertas konsep pertandingan bercerita dan mengeja
Kertas konsep pertandingan bercerita dan mengejamuhammad hilmi
 
AT: Fionna & Cake - "The Star" (2)
AT: Fionna & Cake - "The Star" (2)AT: Fionna & Cake - "The Star" (2)
AT: Fionna & Cake - "The Star" (2)iggycraig
 
Surat kuasa menunaikan cek
Surat kuasa menunaikan cekSurat kuasa menunaikan cek
Surat kuasa menunaikan cekFATIMAH OTHMAN
 
Kertas kerja prog thn 6 2016
Kertas kerja prog thn 6 2016Kertas kerja prog thn 6 2016
Kertas kerja prog thn 6 2016cikgunafizah
 
[Maxiprocesso di Palermo, Istruttoria] - Volume 23
[Maxiprocesso di Palermo, Istruttoria] - Volume 23[Maxiprocesso di Palermo, Istruttoria] - Volume 23
[Maxiprocesso di Palermo, Istruttoria] - Volume 23WikiMafia - Libera Enciclopedia sulle Mafie
 
Pelancongan baharu di malaysia
Pelancongan baharu di malaysiaPelancongan baharu di malaysia
Pelancongan baharu di malaysiafarahfasci
 
Surat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulumSurat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulumChiew Gin Siong
 
Kertas kerja ppda 2014
Kertas kerja ppda 2014Kertas kerja ppda 2014
Kertas kerja ppda 2014Nik Roslina Mohamad
 
Berita acara lomba
Berita acara lombaBerita acara lomba
Berita acara lombaMembangun city
 
15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuarat15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuaratl Hakim
 
Sijil ajk pibg 25
Sijil ajk pibg 25Sijil ajk pibg 25
Sijil ajk pibg 25naziza
 
contoh surat permohonan lawatan
contoh surat permohonan lawatancontoh surat permohonan lawatan
contoh surat permohonan lawatanHayati Abdul Aziz
 
Kertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematikKertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematikSuhaily Soh
 
Kertas Kerja Sukan Tahunan
Kertas Kerja Sukan TahunanKertas Kerja Sukan Tahunan
Kertas Kerja Sukan Tahunansoulmoon
 
Proposal Kegiatan OSIS.docx
Proposal Kegiatan OSIS.docxProposal Kegiatan OSIS.docx
Proposal Kegiatan OSIS.docxSmpMiftahulUlumBoard
 
Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014SHAHIBOL
 
Borang b3 2021
Borang b3 2021Borang b3 2021
Borang b3 2021MAGISPERAN MUTHIAH
 
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melakaPJM30621MooneegaAPGr
 
FFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOFFFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOFAnnika Wickert
 
DevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsDevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsCrocodile WebRTC SDK and Cloud Signalling Network
 
Challenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of viewChallenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of viewbrouer
 
Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?Kranky Geek
 
FFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuardFFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuardAnnika Wickert
 
ESP8266 and IOT
ESP8266 and IOTESP8266 and IOT
ESP8266 and IOTdega1999
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspectiveshwetank
 
Videoconferencing Technology Workshop
Videoconferencing Technology WorkshopVideoconferencing Technology Workshop
Videoconferencing Technology WorkshopVideoguy
 

More Related Content

What's hot

Pelancongan baharu di malaysia
Pelancongan baharu di malaysiaPelancongan baharu di malaysia
Pelancongan baharu di malaysiafarahfasci
 
Surat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulumSurat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulumChiew Gin Siong
 
15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuarat15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuaratl Hakim
 
Sijil ajk pibg 25
Sijil ajk pibg 25Sijil ajk pibg 25
Sijil ajk pibg 25naziza
 
contoh surat permohonan lawatan
contoh surat permohonan lawatancontoh surat permohonan lawatan
contoh surat permohonan lawatanHayati Abdul Aziz
 
Kertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematikKertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematikSuhaily Soh
 
Kertas Kerja Sukan Tahunan
Kertas Kerja Sukan TahunanKertas Kerja Sukan Tahunan
Kertas Kerja Sukan Tahunansoulmoon
 
Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014SHAHIBOL
 
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melakaPJM30621MooneegaAPGr
 

What's hot (14)

[Maxiprocesso di Palermo, Istruttoria] - Volume 23
[Maxiprocesso di Palermo, Istruttoria] - Volume 23[Maxiprocesso di Palermo, Istruttoria] - Volume 23
[Maxiprocesso di Palermo, Istruttoria] - Volume 23
 
Pelancongan baharu di malaysia
Pelancongan baharu di malaysiaPelancongan baharu di malaysia
Pelancongan baharu di malaysia
 
Surat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulumSurat akuan kebenaran waris menyertai aktiviti kokurikulum
Surat akuan kebenaran waris menyertai aktiviti kokurikulum
 
Kertas kerja ppda 2014
Kertas kerja ppda 2014Kertas kerja ppda 2014
Kertas kerja ppda 2014
 
Berita acara lomba
Berita acara lombaBerita acara lomba
Berita acara lomba
 
15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuarat15933414 contoh-minit-mesyuarat
15933414 contoh-minit-mesyuarat
 
Sijil ajk pibg 25
Sijil ajk pibg 25Sijil ajk pibg 25
Sijil ajk pibg 25
 
contoh surat permohonan lawatan
contoh surat permohonan lawatancontoh surat permohonan lawatan
contoh surat permohonan lawatan
 
Kertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematikKertas kerja karnival sains dan matematik
Kertas kerja karnival sains dan matematik
 
Kertas Kerja Sukan Tahunan
Kertas Kerja Sukan TahunanKertas Kerja Sukan Tahunan
Kertas Kerja Sukan Tahunan
 
Proposal Kegiatan OSIS.docx
Proposal Kegiatan OSIS.docxProposal Kegiatan OSIS.docx
Proposal Kegiatan OSIS.docx
 
Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014Kertas kerja pertandingan sepak takraw 2014
Kertas kerja pertandingan sepak takraw 2014
 
Borang b3 2021
Borang b3 2021Borang b3 2021
Borang b3 2021
 
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
179585446 kertas-kerja-lawatan-sambil-belajar-ke-melaka
 

Similar to FFMUC goes wild - Infrastructure recap 2020 #rc3

FFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOFFFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOFAnnika Wickert
 
Challenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of viewChallenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of viewbrouer
 
Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?Kranky Geek
 
FFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuardFFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuardAnnika Wickert
 
ESP8266 and IOT
ESP8266 and IOTESP8266 and IOT
ESP8266 and IOTdega1999
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspectiveshwetank
 
Videoconferencing Technology Workshop
Videoconferencing Technology WorkshopVideoconferencing Technology Workshop
Videoconferencing Technology WorkshopVideoguy
 
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOT
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOTAndrea De Gaetano - An Adventure with ESP8266 firmwares and IOT
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOTCodemotion
 
Dc ch01 : data communications, data networks, and the internet
Dc ch01 : data communications, data networks, and the internetDc ch01 : data communications, data networks, and the internet
Dc ch01 : data communications, data networks, and the internetSyaiful Ahdan
 
FFMEET: running a non-profit conference system
FFMEET: running a non-profit conference systemFFMEET: running a non-profit conference system
FFMEET: running a non-profit conference systemAnnika Wickert
 
Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Kieran Kunhya
 
Marchand leny mass digitization systems and open source software
Marchand leny mass digitization systems and open source softwareMarchand leny mass digitization systems and open source software
Marchand leny mass digitization systems and open source softwareFIAT/IFTA
 
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012Benjamin Cabé
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security GLC Networks
 
Building the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBuilding the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBenjamin Cabé
 
Dc ch02 : protocol architecture
Dc ch02 : protocol architectureDc ch02 : protocol architecture
Dc ch02 : protocol architectureSyaiful Ahdan
 
Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveGLC Networks
 

Similar to FFMUC goes wild - Infrastructure recap 2020 #rc3 (20)

FFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOFFFMUC presents #ffmeet - #virtualUKNOF
FFMUC presents #ffmeet - #virtualUKNOF
 
DevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSocketsDevCon 5 (July 2013) - WebSockets
DevCon 5 (July 2013) - WebSockets
 
Challenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of viewChallenges and experiences with IPTV from a network point of view
Challenges and experiences with IPTV from a network point of view
 
Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?Kranky Geek WebRTC 2015 - What's next for WebRTC?
Kranky Geek WebRTC 2015 - What's next for WebRTC?
 
FFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuardFFMUC: Half a year with WireGuard
FFMUC: Half a year with WireGuard
 
ESP8266 and IOT
ESP8266 and IOTESP8266 and IOT
ESP8266 and IOT
 
WebRTC: A front-end perspective
WebRTC: A front-end perspectiveWebRTC: A front-end perspective
WebRTC: A front-end perspective
 
Videoconferencing Technology Workshop
Videoconferencing Technology WorkshopVideoconferencing Technology Workshop
Videoconferencing Technology Workshop
 
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOT
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOTAndrea De Gaetano - An Adventure with ESP8266 firmwares and IOT
Andrea De Gaetano - An Adventure with ESP8266 firmwares and IOT
 
Dc ch01 : data communications, data networks, and the internet
Dc ch01 : data communications, data networks, and the internetDc ch01 : data communications, data networks, and the internet
Dc ch01 : data communications, data networks, and the internet
 
FFMEET: running a non-profit conference system
FFMEET: running a non-profit conference systemFFMEET: running a non-profit conference system
FFMEET: running a non-profit conference system
 
Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...Moving to software-based production workflows and containerisation of media a...
Moving to software-based production workflows and containerisation of media a...
 
Facebook_TIP_Nov
Facebook_TIP_NovFacebook_TIP_Nov
Facebook_TIP_Nov
 
Facebook and Telecom
Facebook and TelecomFacebook and Telecom
Facebook and Telecom
 
Marchand leny mass digitization systems and open source software
Marchand leny mass digitization systems and open source softwareMarchand leny mass digitization systems and open source software
Marchand leny mass digitization systems and open source software
 
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012
Using Eclipse and Lua for the Internet of Things - EclipseDay Googleplex 2012
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
 
Building the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetupBuilding the Internet of Things with Eclipse IoT - IoTBE meetup
Building the Internet of Things with Eclipse IoT - IoTBE meetup
 
Dc ch02 : protocol architecture
Dc ch02 : protocol architectureDc ch02 : protocol architecture
Dc ch02 : protocol architecture
 
Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
 

More from Annika Wickert

Flow monitoring explained - From packet capture to data analysis - the use of...
Flow monitoring explained - From packet capture to data analysis - the use of...Flow monitoring explained - From packet capture to data analysis - the use of...
Flow monitoring explained - From packet capture to data analysis - the use of...Annika Wickert
 
FFMUC jitsi-report after first two weeks
FFMUC jitsi-report after first two weeks FFMUC jitsi-report after first two weeks
FFMUC jitsi-report after first two weeks Annika Wickert
 
Freifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale JitsiFreifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale JitsiAnnika Wickert
 
Raspberry PI 4 Freifunk Offloader
Raspberry PI 4 Freifunk OffloaderRaspberry PI 4 Freifunk Offloader
Raspberry PI 4 Freifunk OffloaderAnnika Wickert
 

More from Annika Wickert (6)

Flow monitoring explained - From packet capture to data analysis - the use of...
Flow monitoring explained - From packet capture to data analysis - the use of...Flow monitoring explained - From packet capture to data analysis - the use of...
Flow monitoring explained - From packet capture to data analysis - the use of...
 
FFMUC jitsi-report after first two weeks
FFMUC jitsi-report after first two weeks FFMUC jitsi-report after first two weeks
FFMUC jitsi-report after first two weeks
 
Freifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale JitsiFreifunk Munich - How to scale Jitsi
Freifunk Munich - How to scale Jitsi
 
Bio routing - DKNOG9
Bio routing - DKNOG9Bio routing - DKNOG9
Bio routing - DKNOG9
 
Raspberry PI 4 Freifunk Offloader
Raspberry PI 4 Freifunk OffloaderRaspberry PI 4 Freifunk Offloader
Raspberry PI 4 Freifunk Offloader
 
FFMUC pkg-latest
FFMUC pkg-latestFFMUC pkg-latest
FFMUC pkg-latest
 

Recently uploaded

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

FFMUC goes wild - Infrastructure recap 2020 #rc3

  • 1. FFMUC goes wild Tech talk at #rc3 28.12.2020
  • 2. awlnx ● Annika Wickert ● Senior Network Engineer ● Twitter @awlnx krombel ● Matthias Kesler ● IT Consultant ● Twitter @kr0mbel Who are we? pkoerner ● Peter Körner ● IT since CBM, 2C3, FF 6y, DL9HCZ, working @Red Hat ● Twitter @pkoerner81929
  • 3. FFMUC? • Freie Netze München e.V. seit 2014 • Community Freifunk München seit 2004 • No registration of nodes • Wifi • #FFMEET • DoH/DoT/DNSCrypt
  • 4. Jitsi to close the social gap during corona • An upcoming Freifunk Meeting was about to get canceled because of Corona • Many people especially schools seemed in need of an easy to use conference system • “Freifunk verbindet” • Christmas 2020
  • 5. FFMEET appeared in the press
  • 6. Technical challenges • Scaling (nginx, prosody etc) • Firefox a WebRTC nightmare • Running on nightly builds • Automation
  • 7. Many participants and supporters!
  • 8. Restart of Freie Netze München e.V. • FNMUC was kinda abandoned • We need an entity which can sign contracts and acquire money • Elections in July • Since then many new members, many actions, lots of ideas and high motivation
  • 9. AS212567 • IPv4: 5.1.66.0/24 + 185.150.99.0/24 • IPv6: 2001:678:e68::/48 + 2001:678:ed0::/48 • When we need to switch datacenters we keep the address space • We can multi-home much easier • More possible sponsors • We can join Internet Exchanges! #PeeringFamily • Abuse handling is done by FNMUC e.V.
  • 10. Preparing the new datacenter ● Pre-Installing everything possible ● Switching to Ubuntu 20.04 from Debian (mostly) stretch ● Run an overlay network for easier cross-site communication (Nebula) ● Much SaltStack code: https://github.com/freifunkMUC/ffmuc-salt-public
  • 14. Use more bandwidth! • New DC has a bigger uplink • Users cannot use it, because fastd does not perform very well • L2TP performs very good but has no encryption • We experimented with Wireguard before and were very happy with it
  • 15. Wireguard vs fastD • FastD is a single threaded userspace process • Wireguard runs in kernel space thus has to be multithreaded • Wireguard cannot transport Layer2 Protocols - B.A.T.M.A.N. is one ... • We need another encapsulation which solves this problem => VXLAN WireguardVXLANB.A.T.M.A.N.
  • 16. Gateways • Everything is automated with Saltstack • systemd-networkd takes care of all interfaces • 800 - 1000 Nodes per Gateway are easy • We run whole FFMUC on just two gateways
  • 17. We are pioneering much stuff • There was no systemd-networkd integration for B.A.T.M.A.N. => So we wrote it: https://github.com/systemd/systemd/pull/17252 • There was no firmware integration => So we wrote it: https://github.com/freifunk-gluon/community-packages/pull/6 • There was no daemon to accept wireguard keys => So we wrote it: https://github.com/freifunkMUC/wgkex
  • 18. How does it work? • Wireguard Peers on the gateways are created by wgkex • Allowed IP is derived from the publickey of the node • VXLAN Forwarding database entry are created by wgkex
  • 20. Debugging … Flamegraphs and Bugs • Wireguard performs well but we have too much load on our gateways. Why?
  • 21. Community • Freifunk Darmstadt and Freifunk Regensburg helped a lot during development of wgkex! • B.A.T.M.A.N. developers helped a lot during debugging the performance issue and created many bugfixes • Everything is opensource and available on Github https://github.com/freifunkMUC • More background and all fixes: https://ffmuc.net/freifunkmuc/2020/12/03/wireguard-firmware/
  • 22. So is it faster?
  • 23. Other Services • Chat for our Community (and people interested in Jitsi ;) ) https://chat.ffmuc.net • Public DoH/DoT/DNSCrypt resolver https://doh.ffmuc.net
  • 24. Encrypted DNS • As we appeared in c’t much growth the last month (link in appendix)
  • 27. Feedback, comments Wir freuen uns über jede konstruktive Kritik:
  • 29. We need members and supporters • We have monthly costs for data centers, IP space etc. • We have a association called Freie Netze München e.V. • We only have a few number of admins at the moment • New ideas christmas presents https://ffmuc.net/freifunkmuc/2020/12/12/weihnachtsaktion/ => We need more people! Sign up here: https://ffmuc.net/wiki/doku.php?id=ev:start “Das andere Weihnachts geschenk!”
  • 30. FFMUC at #rC3 • Jitsi/FFMUC Meet Raum 24/7: https://meet.ffmuc.net/ffmuc-rc3 • FFMUC Chat (Mattermost): https://chat.ffmuc.net/ • Wireguard background: https://ffmuc.net/freifunkmuc/2020/12/03/wireguard-firmware/ • FFMUC Wiki Knowledge Base: https://ffmuc.net/wiki/doku.php
  • 31. More links • Freifunk München Map: https://map.ffmuc.net • Freifunk München: https://ffmuc.net • Freifunk: https://freifunk.net • Freifunk Karte: https://freifunk-karte.de • RIPE Anchor: https://atlas.ripe.net/probes/6886/ • RIPE Stats: https://stat.ripe.net/as212567