[MeshBox-radius] Distributed Radius Project

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Well we need to store a current lat/long in each user's account for the
MeshNodeMapper anyways.  So that's not a problem.  We could use
triangulation software to update the lat/long (off of other nodes or IP
ping triangulation).

I'll look into this NeroGrid stuff, sounds interesting...

>One afterthought, whatever system we do will likely need some sort of 
>regional suffix/prefix to ensure that all usernames are globally
unique. I 

Yes, possibly use a two digit country code identifier (.us, .uk, etc.)

>can foresee that the most costly operation in this system will be
changing >a user's password ;)

Nah, I already have a web-based front end setup, with a nice PHP admin
control panel, so we'll have web-based administration, and also users
will be able to update their account information (and change/reset their
passwords) online.

>Just a thought.  BTW, anyone get a chance to look at the benchmarks of
the >new MySQL? I heard it was pretty speedy for simply queries.

Nope, but I heard the same.  I'm anxiously awaiting more info on it.
Have you tinkered with it at all?  I've been hearing lots of good things
about it, but haven't seen/used it yet.

          Mark

-----Original Message-----
From: mes...@li...
[mailto:mes...@li...] On Behalf Of Rick
Sent: Tuesday, March 04, 2003 3:36 AM
To: mes...@li...
Subject: Re: [MeshBox-radius] RE: MeshBox-radius digest, Vol 1 #8 - 1
msg

Aye,  I am a big fan of decentralized database for reasons of
redundancy, speed, and the piece of mind that there is no overlord (no
matter how benevolent). We would probably want to have the MeshAP seek
who it last authenticated from, since its likely it won't change, but if
the requested authentication server cannot authenticate that user, it
may do a neurogrid (decentralized search, see http://www.neurogrid.net )
style search. Since our data scope is slightly more constrained ;) we
could set up an abbreviated version of this and make it quite snappy.

One thought would be this: 
Set up the assignment of each authenticator in the global network to
include a latitude and longitude, storing the relationships to each of
its neighbor nodes in relation to direction. So when a user (Bob) flies
from Seattle to Chicago and tries to jump on the mesh at the airport,
the authenticating node simply says something to the effect of, "I don't
know this Bob fellow, but its coordinates are west of me". It then makes
a request of an authentication node sitting west of it. So it calls its
friend that's sitting outside a coffee shop in Dickenson which responds
the same, and so on, until a node that contains the proper user hash has
been found. This would require that some form of the users geographic
information be stored with their account number, like BJohnson47-122, or
perhaps some clever representation of the two+ numbers. Once the proper
credentials have been passed back to airport mesh in Chicago, it can
choose to store those for some time in its DB. 

The next time a request is made for said Bob (this time he finds himself
over in Cincinnati) the trail of authentication may find itself
intersecting with the trail from Chicago to Seattle. At which point any
one of the authentication boxes could say, "Those credentials just
passed through here, here they are." or at the very least, "MeshAP in
Chicago Airport was just looking for that guy, ask him." 

Just a thought.  BTW, anyone get a chance to look at the benchmarks of
the new MySQL? I heard it was pretty speedy for simply queries.

One afterthought, whatever system we do will likely need some sort of
regional suffix/prefix to ensure that all usernames are globally unique.
I can foresee that the most costly operation in this system will be
changing a user's password ;)

Thanks,
Rick

On Sun, 2003-03-02 at 15:45, shaitan wrote:
> Hi Guys,
> 
> I know my way around mysql and am vaguely familiar with radius 
> packages. I have came across the following docco which should do what 
> we need regarding using a db for the authentication info.
> 
> http://www.frontios.com/freeradius.html
> 
> To answer your questions mark, its not the amount of records that is 
> going to be the issue as such, but more the delay in authenticating 
> users across the net, so would I would suggest is that every mesh node

> have a local copy of the data for their region. Maybe split the users 
> into geographical groups, and if you server resides in the coverage 
> area for this group, then it will cache this data.
> 
> What do you reckon?
> 
> Cheers
> 
> Ray
> 
> > -----Original Message-----
> > From: mes...@li...
> > [mailto:mes...@li...] On Behalf 
> > Of mes...@li...
> > Sent: 02 March 2003 21:22
> > To: mes...@li...
> > Subject: MeshBox-radius digest, Vol 1 #8 - 1 msg
> > 
> > 
> > Send MeshBox-radius mailing list submissions to
> > 	mes...@li...
> > 
> > To subscribe or unsubscribe via the World Wide Web, visit
> > 	https://lists.sourceforge.net/lists/listinfo/meshbox-radius
> > or, via email, send a message with subject or body 'help' to
> > 	mes...@li...
> > 
> > You can reach the person managing the list at
> > 	mes...@li...
> > 
> > When replying, please edit your Subject line so it is more
> > specific than "Re: Contents of MeshBox-radius digest..."
> > 
> > 
> > Today's Topics:
> > 
> >    1. RE: Distributed Radius Project (Mark Malewski)
> > 
> > --__--__--
> > 
> > Message: 1
> > From: "Mark Malewski" <mar...@ne...>
> > To: <ede...@lt...>,
> > 	<mes...@li...>,
> > 	<e...@ne...>
> > Subject: RE: [MeshBox-radius] Distributed Radius Project
> > Date: Sat, 1 Mar 2003 18:43:58 -0600
> > 
> > Oh, now you want us to architect this huh?  Why do you think
> > we've been screaming for help?
> > 
> > Ok, there are a few people on the list that understand how to
> > make it secure, but no one really knows how we're going to do 
> > the databases, or get them to work.  So that's why we needed 
> > some DB guys to figure all this stuff out.  
> > 
> > Imagine that we're trying to create a very large database
> > (similar to what NodeDB is doing for all their nodes).  
> > Except it will store the authentication information for each 
> > user (their login/password as well as a lat/long, etc.)
> > 
> > This will allow users to roam freely between wireless
> > communities, and go from community to community, or state to 
> > state, or country to country with one login, and one password.
> > 
> > Now how can we do this?  Initially, we'd like to create one
> > database, and have it mirrored to a backup server (for 
> > redundancy).  <Looking around the room for help>
> > 
> > We'd like to be able to manage it from the current website
> > (using a web-based control panel that we currently have in 
> > place).  This allows us to assign certain users "admin 
> > privilages" and they can add/delete/edit users.  It also 
> > allows us to assign "classes" of users (different levels of 
> > bandwidth throttling).  We'd also like it to convert the 
> > user's address to a lat/long coordinate, and store it into 
> > the database (as a lat/long).  Then as they roam around, 
> > their lat/long is updated (based on triangulation), and 
> > automatically remapped on the MapServer.
> > 
> > Let's say for now, about 5,000 users.  Is that feasible?
> > Maybe a year from now, about 15,000 users.
> > 
> >        Mark
> > 
> > 
> > -----Original Message-----
> > From: mes...@li...
> > [mailto:mes...@li...] On Behalf
> > Of Eden Akhavi
> > Sent: Saturday, March 01, 2003 3:07 PM
> > To: mes...@li...
> > Subject: [MeshBox-radius] Distributed Radius Project
> > 
> > 
> > Hi,
> > 
> > I am trying to find out what the plans are here - I have seen
> > the subtasks in the SF Task manager, but I am not clear on 
> > the architecture. Has anyone architected this.
> > 
> > Also what is the scope of this project, how many users is the
> > auth database looking to scale to?
> > 
> > Regards
> > 
> > 
> > 
> > 
> > Eden
> > 
> > 
> > 
> > -------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Welcome to geek heaven.
> > http://thinkgeek.com/sf
> > _______________________________________________
> > MeshBox-radius mailing list Mes...@li...
> > https://lists.sourceforge.net/lists/listinfo/meshbox-radius
> > 
> > 
> > 
> > 
> > --__--__--
> > 
> > _______________________________________________
> > MeshBox-radius mailing list Mes...@li...
> > https://lists.sourceforge.net/lists/listinfo/meshbox-radius
> > 
> > 
> > End of MeshBox-radius Digest
> > 
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf 
> _______________________________________________
> MeshBox-radius mailing list Mes...@li...
> https://lists.sourceforge.net/lists/listinfo/meshbox-radius

-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The
debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost
and 
disoriented. TotalView can help you find your way. Available on major
UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
MeshBox-radius mailing list
Mes...@li...
https://lists.sourceforge.net/lists/listinfo/meshbox-radius