Re: [RFC] Penumbra - Enabling unencrypted broadcasts alongside normal traffic

From: Johannes Berg <johannes@sipsolutions.net>
To: Andy Green <andy@warmcat.com>
Cc: linux-wireless@vger.kernel.org
Subject: Re: [RFC] Penumbra - Enabling unencrypted broadcasts alongside  normal  traffic
Date: Tue, 27 Feb 2007 13:59:03 +0100	[thread overview]
Message-ID: <1172581143.3870.259.camel@johannes.berg> (raw)
In-Reply-To: <45E41A9E.2020908@warmcat.com>

[-- Attachment #1: Type: text/plain, Size: 2930 bytes --]

Hi,

Just a few comments. I'll leave aside the issues with 802.11 here hoping
you've thought about that. There are issues with admission control and
similar things, for example.

First, allow me to comment on some things from other sources:

> The payload is protected using a 255:223 Reed-Solomon? Forward Error
> Correction coding. This is capable to correct any 16 symbol errors
> over each 223 bytes of payload. To maximize the benefit of this
> protection, bulk data packets are limited to 213 bytes of actual
> payload (and a 10-byte header), giving a 255 byte encoded packet
> payload so each fragment fits inside a single error correction coding
> cycle. The Reed-Solomon? coding also means there is no need for a
> payload CRC.

802.11 frames are always protected by a 32-bit CRC and will be discarded
by hardware (in most cases) if that doesn't match. This is unnecessary
overhead.

> The unencrypted broadcast packets are indicated by having a "Magic MAC" 
> address in their IEEE80211 Header Addr<n> fields.  The Magic MAC for 
> Penumbra is 13:22:33:44:55:66 (the IEEE had something to say about our 
> original choice of 11:22.. :-O ).

How about registering a OUI or getting someone to donate a MAC address
instead of using a locally administered one?

>   - Userspace transmits by creating a PF_PACKET / SOCK_RAW socket and 
> prepending an Ethernet header with the Magic MAC in it and send()ing it. 

I don't see why you couldn't use the packet injection stuff we'll be
needing anyway for userspace MLME.

>   - The wireless driver gets the packet for transmission, recognizes the 
> Magic MAC, disables retries and sets the transmission rate (currently 
> fixed 54Mbps, but this will change) and transmits the packet as a broadcast

You'd be able to control these parameters then.

>   - When an incoming packet is seen with the magic MAC it has a fake 
> fixed Ethernet, IP and UDP header prepended to it.  IP and UDP checksums 
> are inserted so the packet is clean.  The packet always looks like it is 
> coming from UDP 0.0.0.0:61441 (port 0xF001) and is directed to 
> 255.255.255.255:61442 (port 0xF002).  The packet is subject to iptables 
> rules as usual.

Similarly, why not have userspace use a monitor interface directly?

> To get any kind of widespread use, the capability 
> needs to be already available in stock kernels and drivers so that the 
> user only needs to open iptables and run a userspace daemon rather than 
> patch his wireless drivers and stack.

I don't think that once we have packet injection in place for userspace
MLME (well, we even have it now) you'll need to do any modifications at
all. You'll just need to do more stuff in userspace. I also don't see
why iptables should see these packets that are explicitly not IP. In
fact, I think such packets should not be seen by the networking stack at
all.

johannes

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 190 bytes --]