You should not be putting an 8 watt amp on a mesh node.  Maybe in a very few specialized situations, it might be appropriate, but in general, no.  You'll be unnecessarily interfering with other legitimate users of the frequency without really gaining that much increased usage yourself.

You need to use the minimum amount of power necessary and minimize interference to other users of the frequency.

With any amateur radio, you need to understand and evaluate the radiation exposure considerations.  It's part of the FCC licensing requirements.

One important point is that even if you have "6 kW" ERP, you still only have 8 watts.  You can't dump more than 8 watts into anything.  However you can dump 8 watts into something a further distance away.   No matter where you are, even with a high gain antenna, you won't be receiving any more radiation than you would standing right next to an omnidirectional antenna with 8 watts.   

Also, with a high gain antenna, the signal strength is only higher when you're in the beam of the antenna.  Off axis, the signal strength will be lower than with an omni antenna.   If you're not pointing the beam near the neighbor's house, the signal strength there will be lower, not higher. 

As to whether 8 watts is enough to cause harm, that's questionable, but it's your responsibility.  Personally, I would take some care to not get my eyes right next to the antenna.  The cornea has poor cooling and is near the right length to receive energy at microwave frequencies.  I also would probably limit close exposure to a pacemaker, too.

As for worries about cancer and such, in theory, microwaves can harm by generating heat or electric shock, but don't cause cancer or other biological effects.  We should be overly cautious on this, and the FCC lists exposure limits to give us guidelines.

I've learned that if there's a windows machine and it can't find an IP after some changes, just shutdown and restart the windows PC.  Then wait a long time for it to really finish waking up.

Yes, you can usually force it to figure out where it is by unplugging cables, release/renew, and other commands, but you usually waste more time that way, and often think the router is at fault when it's really Windows. 

The problem with the "old" way of doing security is that all someone has to do is see the SSID of "Broadband-hamnet-v1" or whatever it is, google that, and finding our web page.  From there, they can download the code to a WRT-54G, and they're in. 

Using the olsrd-secure does make it more difficult for a bad guy to use a mesh network with unsupported hardware, but it does nothing to stop a bad guy from using the readily available code on supported hardware. 

Even without olsrd-secure, the difficulty of connecting unsupported hardware is quite high, since you have to figure out and configure olsr and some other things. 

In the current configuration, in order to connect a "rogue" node on unsupported hardware, you have to recognize the Broadbandhamnet-V1 SSID, figure out that it's OLSR, configure an OLSR node, put BroadbandHamnet-V1 as the SSID, and do whatever other tinkering is necessary to make it connect.   It's much easier to just use the supported hardware and software, which lets anyone in.

I think the "security" from olsrd-secure is mostly smoke and mirrors for a project like ours.

The other way to add some security would be to add some form of key exchange but require the user to enter the key when configuring the software.  Then distribute the key through some "secure" means.

This has the very big disadvantage of having a fragmented BBHN system.  If everyone doesn't use the same key, your networks will no longer mesh.  If you have some sort of emergency, volunteers from another area won't be able to bring their equipment and help out.  This is a big impediment in the "seconds = lives" environment of an emergency.  

Even in non-emergency operation, it presents problems.  You have to figure out a secure key management scheme.  Many new users have enough trouble just loading the software right now.  How are you going to validate new hams and distribute the key?  How many people are going to screw it up somehow even after they get the key?  Is each BBHN "community" going to have a separate key?  How do you coordinate which area uses which key?  e.g. all the problems that make any secure key distribution and management system a pain in the neck.

At the moment there are plans to restore the use of the olsrd "secure" module ( BBHN->ticket:37 ) which provides a hashed checksum onto messages based on a shared secret key allowing each side to verify that a node submitting packets to the mesh know the same key.

If the hashing doesn't match the packet it is thrown out of OLSR (and the route is never added) and your not allowed to access the entire mesh.

This module was in 0.4.3, was removed in 1.0.0 and is currently planned to go into next release.

This will NOT protect against a user speaking directly to a node and using any services it has published (internet included) but it will help limit a user from injecting into nodes and being able to easily traverse across the entire mesh network.

Funny you should mention that...

Was just just some talking on that solution with a few people:

Would the following scenario meet your request:

A shared key is inserted into the system

No secuirity is done with this shared key to stop you from sending traffic to the local nodes (aka those in direct earshot) 

Without the correct key you DO NOT show up on the mesh as an available node, nor are you able to inject routes into the mesh wide table. 

The key itself is never sent over the network only a hash of the messages and key combined so the other side can hash the message and see if it's the same key or not and choose to reject it.

(And just had another idea but based on your chap comment would have to see how easy it be to extend but more on that after I mull on it)

So where I'm going with this, and the reason I asked the question in the first place, is that it may be useful to provide an option in a mesh to include a "shared secret" that allows authenticated (but still unencrypted) communication to take place.  Every node wishing to participate in the mesh would have to know the shared secret.  I see it functioning somewhat like CHAP (Challenge-Handshake Authentication Protocol).  I think this would have to be implemented somewhere in the middle of the Hamnet protocol stack.  This scheme would prevent a rogue node from being able to create links to other nodes, effectively excluding it from the mesh.

Well knowing what node they came in on is a start.

Having a feed do RF strength, antenna type, direction, phase, exact location , etc combined could lead to some interesting target profiling IF you get multiple nodes in range.

Doesn't keep them out but may make it useful to track down.

Course until you do would still be good to be isolate the node somehow.

Any node on the mesh CAN be found which one it is connected to.

See the bottom picture at

http://www.broadband-hamnet.org/visual-of-a-mesh-network.html

It shows what links through who.

That is a built in plugin to OLSR, called Dot Draw, and a simple perl script can produce the image.

KTF

While I don't have a solution for keeping people out (because I am not a tech savvy person), maybe we should rethink our security measures. The group that we have in NE Wisconsin are discussing this very thing and some thoughts have come up for consideration that I feel have some merit, We try so hard to keep people out. How about security measures that are more useful for us. Just like intentional interference is dealt with by the FCC, as long as we can find them. How can we do the same with our security. Make it so transparent that anybody accessing  is known. I realize I am talking crazy here, but are there ways to make it so that the violator is spending more time trying to be obscure and untraceable. Kind of like a digital exploding dye pack like they used to put on clothes. Your computer is marked and the point of access is more traceable because it is quickly triangulated within the MESH. You can't interface with the MESH without a "handshake" of your interface with the MESH. Can some tech savvy person make my thoughts and brainstorms sound real?

Rodney, kd0ebt

Qbiquiti Networks makes 3400-3500 Mhz. equipment designed for use on our authorized Amateur Radio frequencies.

Hello Bill,

I appreciate you calling in to inquire on Ubiquiti radio equipment.  We are only allowed to sell export version Ubiquiti equipment that is intended for export out of the U.S. only.

In order to purchase export versions from us you will need to read and fill out the attached for and return to us.  

Thanks for your interest and have a great day.

Best Regards,

David Huffstetler

davidh@doubleradius.com

-- 

*New Certification Training Dates Have Just Been Announced!* See The "Resources/Events" Tab On Our Website For More Details.

David Huffstetler | Wireless Broadband Sales Consultant

Direct: 704-893-2487      Fax: 704-927-6099     Cell: 704-806-9735

www.DoubleRadius.com

Connect With Us! Facebook Twitter

Attachments
 FCC Customer Compliance Statement.zip [331 KB] ::

So, a couple weeks ago someone at the place I work decided to Upgrade the network from wireless to wired for security reasons.  I spoke with the IT department and when they were done with the upgrade they gave me all the wireless routers instead of throwing them out.  I received 18 WRT54G3G-ST's, 11 power supplies and 5 stock antennas.  I've been playing around with them this weekend and after a few hiccups I can announce that I am the proud owner of 15 mesh nodes. 

A few of the problems I had as a newbie:

  The first 3 routers I tried were essentially non functional meaning, I can't get the Internet GUI to come up but I can ping them.  I don't know how to SSH (or whatever) into them...yet

  The first Internet GUI I found wouldn't let me upload the new firmware.  It took me a minute but I'm glad it wouldn't let me do it because I had been trying to upload to our home's wireless modem/router.  After that I disconnected from the wireless router whenever I was uploading to the soon to be node.

  Once into the Internet GUI the upload kept failing until I read that the hex file needed to be altered.  It was an easy alteration but I had to download a hex editor.

  Finally once I got the Firmware uploaded and got the node name and password set I lost the ability to talk to it except with a different computer.  It still acted as a node but Windows 7 kept calling it an Unidentified Network and had No Network Access.  After programming a few of them I used the computers troubleshooter and it told me I didn't have the DCHP.  I should have known that because the screen after Saving the update said I wouldn't.  Anyway the computer fixed the problem and now I have full access to all 15 nodes.

I think the next big step is going to be discovering ways to use them.  I am a member of the local RACES/ARES and I volunteer for some of the local foot and bike races.  I'm sure there will be numerous applications I just hope to make them useful now that I have them.

Regards,

Dale

My outdoor weatherproof node is finally finished! I have a 16db gain directional and a 8.5db omni on a 21 foot pole in the back yard and its ready for action.

If anyone else in the SF South Bay Area sets up a node with directional antennas let me know and we can try aiming our nodes at each other.

Here are a few photos of my node as I assembled it and after it went up the pole.

Attachments
 IMG_7934.jpg [322 KB] ::
 IMG_7932.jpg [186 KB] ::
 IMG_7929.jpg [351 KB] ::
 IMG_7926.jpg [319 KB] ::
 IMG_7924.jpg [288 KB] ::
 IMG_7863.jpg [350 KB] ::
 IMG_7918.jpg [260 KB] ::
 IMG_7917.jpg [152 KB] ::
 IMG_7923.jpg [250 KB] ::
 IMG_7828.jpg [274 KB] ::
 IMG_7826.jpg [341 KB] ::
 IMG_7921.jpg [204 KB] ::
 IMG_7830.jpg [263 KB] ::