Serval Mesh Observer

Mesh Observer components outlined in red

The Mesh Observer is a monitoring device that attaches to a Mesh Extender and sniffs Wi-Fi and UHF packets, forwarding them to another machine for analysis. It is useful for mapping out traffic through a Serval mesh network and diagnosing issues with bundle movements. The analysed packets are drawn into a UML Sequence Diagram.

The current device is based on a GL-iNet GL-AR150 router flashed with custom firmware available in the MeshExtender2.0 branch of the Serval Mesh Extender firmware repository.

Similar devices such as Second-Generation Dragino boards are being investigated for use in place of a GL-AR150. So far it seems that most devices supported by OpenWRT with one or more USB ports are suitable candidates.

Building a Mesh Observer

The following sections will outline how to construct a GL-AR150-based Mesh Observer and compile, and flash firmware onto it. Note that these steps are based on the the Second-Generation Mesh Extender firmware compilation process. It is advised that you follow those steps first, as they will set up the development environment you will be using here.

NOTE: These steps were made and tested for Ubuntu Linux 18.04. The packages and commands listed here may not work with other Linux distributions, so your mileage may vary.

Building the OpenWRT-based Firmware

Prerequisites

Build process

  1. Follow the build instructions for the Mesh Extender firmware to set up the environment
  2. Run 'make menuconfig' to open the build configuration menu
  3. Use the up and down arrow keys to move the cursor down to 'Network', press Enter
  4. Move to 'Mesh networking', press Enter
  5. Move to 'serval-mesh-extender' and disable it (shown as < >) by pressing Space (you may need to press Space multiple times to deselect it)
  6. Move to 'serval-mesh-observer' and enable it (shown as <*>) by pressing Space (you may need to press Space multiple times to select it properly)
  7. Use the left and right arrow keys to select 'Exit' along the bottom bar, press Enter
  8. Repeat step 7 until you have exited the build configuration menu (if prompted to save, choose Yes)
  9. Run './update' to collect and build the firmware

The firmware file should be found under bin/ar71xx/openwrt-ar71xx-generic-gl-ar150-jffs2-64k-sysupgrade.bin

Flashing the Firmware

The GL-AR150 features a web-based firmware update tool that we will be using for simplicity. If this method fails, there are serial pins on the board you can use with the Mesh Extender flashing process to flash the firmware the hard way, however the former method is preferred as it does not immediately void your warranty.

  1. Connect an Ethernet cable between you computer and the WAN port of the GL-AR150
  2. Configure the Ethernet interface on your computer to use the IP address 192.168.1.2
  3. Hold down the 'Reset' button on the device
  4. While still holding the reset button, connect power to the device
  5. Let go of the reset button on the 6th blink of the red LED (the centre green LED should illuminate as the red one does)

After releasing the reset button, the red light should blink rapidly for about a second. If not, and instead both green LEDs are lit, then you must have released the reset button too early or too late.

  1. Open http://192.168.1.1 in your browser
  2. Click 'Choose file' and select the firmware file you built earlier
  3. Click 'Update firmware'
  4. Wait for the upload to complete, the device should reboot automatically

When the device finishes rebooting, it will boot the Mesh Observer firmware and should be available via SSH at 192.168.1.1 with the username and password set to root.

Making the UHF breakout

To get the UHF packets from the Mesh Extender, the Mesh Observer uses a pass-through DB-25 breakout board, so that it can tap into the TX and RX lines of the radio without having to replace the standard power cable.

Top-down view of the breakout Female side of the breakout

Making Wires

The breakout is connected to several USB-UART adaptors through some custom-made wires to connect a single line to two adaptors so that they can be monitored at two different serial speeds. The wires have a 2-pin DuPont connector on the breakout-end and two single-pin DuPont connectors on the USB-end. Between them is a single wire that connects each of the pins together.

  1. Cut four short lengths of wire (around 5-10cm)
  2. Cut one long length of wire (arbitrary length, it's just to give space between the USB adaptors and the breakout)
  3. Strip both ends of each wire
  4. Solder one end of two short wires to form a pair
  5. Repeat for the other two short wires
  6. Crimp two single-pin female DuPont connectors onto the ends of one short pair
  7. Crimp one 2-pin female DuPont connector onto the end of the other short pair
  8. Slide two short lengths of heatshrink onto the long wire (~3cm, long enough to cover the solder joint)
  9. Solder one pair of short wires onto one end of the long wire
  10. Repeat for the other end with the other pair
  11. Shrink the heatshrink with a heat gun (or a lighter if you don't have a heat gun, just be careful of burning yourself or the wire)
  12. Repeat steps 1-11 an additional 3 times for a full set of wires

The final result should look similar to the pictures below:

Breakout end Full set of wires USB adaptor end

Connecting the Wires, USBs, and Breakout

  1. Connect the 2-pin connector end of one wire to pin 1 of the breakout
  2. Connect both of the single-pin ends of the same wire to the ground pins of two USB adaptors
  3. Repeat steps 1 and 2 with another wire connected between pin 4 of the breakout and ground of two more USB adaptors
  4. Connect the 2-pin connector end of one wire to pin 5 of the breakout
  5. Connect both of the single-pin ends of the same wire to the 'RX' pins of two USB adaptors
  6. Repeat steps 4 and 5 with another wire connected between pin 6 of the breakout and 'RX' of the other two USB adaptors
  7. Insert all four USB adaptors into a USB hub

The final product should look like the images below:

Deploying a Mesh Observer

Mesh Observer deployment is fairly straightforward:

  1. Insert the breakout in-between a Mesh Extender and the power cable
  2. Plug the USB hub into the Mesh Observer
  3. Connect an Ethernet cable between your computer and the WAN port of the Mesh Observer
  4. Connect a micro-USB cable between a power supply and the Mesh Observer

The Mesh Observer should boot and power up the USB hub. Once it is done booting, it will be accessible via SSH at 192.168.1.1.

The final setup should look similar to the below image:

Using the Capture Programs

The Mesh Observer firmware comes with a capture program ready to use. The capture client program (capture) will capture packets from the Mesh Observer's Wi-Fi interface and the Mesh Extender's radio via the UHF breakout. The captured packets are sent to the capture server program (svrCap) which will dissect each packet, classify them by type and/or payload, and draw them on a UML Sequence Diagram for analysis (shown to the right).

Setting Up a Capture Server

To start capturing with the capture server program:

  1. Run svrCap
  2. Press Ctrl+C to stop capturing and generate a sequence diagram like the one shown to the right

The capture server should start listening to port 3940 on all interfaces and begin processing incoming packets captured by clients. To stop the capture server, press Ctrl+C and the program should briefly generate a diagram of the captured output and halt.

Setting Up a Capture Client

Capturing packets on a Mesh Observer is quite simple, however due to SSH limitations, it does require that you are connected to the device for the duration of the capture. This can be avoided by using the start-stop-daemon program packaged with the Mesh Observer firmware: start-stop-daemon -Sbx capture <args…>.

  1. Log in to the Mesh Observer via SSH
  2. Run iw phy phy0 set channel 11 to listen on Wi-Fi channel 11
  3. Run capture <sid> <server_ip> -f 'ether host <mac>', where <sid> is the Serval ID of the attached Mesh Extender, <server_ip> is the IP address of the capture server, and <mac> is the MAC address of the attached Mesh Extender's Wi-Fi interface.

The Mesh Observer should start capturing packets and sending them to the capture server at the specified IP address. To stop capturing, press Ctrl+C and the program should halt.

NOTE: There are several other optional available for the capture client program. Running capture --help will list each of them with a description of the effect they have.


Login