FEEDNET

Forth Estuary Experimental Data Network


Home
Network Map
Status 2 day
Status 30 day
Emcomm
Technical Info
Contact Information
Streaming
Feednet Services
Gallery

 

Downloadable PI Image

 

Most of what can be achieved via FEEDNET is courtesy of open source software. The sheer hard work, altruism and inventiveness of all open source authors is gratefully acknowledged here.

 

 

 

Mobile (3G) Access to FEEDNET.

Our network comprises two main sub-networks that remain isolated while we engineer some permanent relay nodes in suitable places. It seemed useful to at least have the emergency facility to link these subnets using 3G data technology. Using the public network in this way may not provde the resilience usually demanded by RAYNET but for support of run of the mill community events, demonstration, learning and management of the servers its a useful thing to do.

One of the nodes in Fife house has a 3G Router attached to a Raspberry PI. The PI provides Fileserver, email, IRC (chat), VOIP services to those connected to  this part of the network.

The Raspberry PI also uses OpnSSH to establish a Reverse SSH connection to a similarly equipped PI based at a central point in the "other" FEEDNET network.  Once an hour the link is established for a period of five minutes. If it is required for any useful activity, the link will stay up, if not, it will go down again to save costs (of 3G mobile data).

Why Reverse SSH ? Well the majority of 3G services are delivered behind a NAT router at the ISP side. This precludes  the establishment of an incoming route to our system.  So the route is established outgoing from Fife House but with a port forwarded to the local SSH server to allow a subsequent incoming connection. This is a sneaky means of punching a hole through a NAT firewall and one that sysadms should be cogniscent of if they are to keep their networks secure.. 

We considered establishing a VPN connection but the reality is that this facility is not going to be used freely by everyone owing to costs, and a simple SSH terminal link and a few associated forwarded ports is more than sufficient for the purpose.  One of the Remote ports is linked to an SSH server on the PI itself so once an hour it is possible to establish an SSH session into the PI from outside by means of the Reverse link. We also linked one of the ports to an openVPN server so we can indeed establish a VPN link from outside the network if we wish.

At some point we'll draw a picture - it will make it clearer. In the meantime, we can always advise if someone wants more info about this technique.

 


 

 

Home | Network Map | Status 2 day | Status 30 day | Emcomm | Technical Info | Contact Information | Streaming | Feednet Services | Gallery

 
Last updated: 02/26/16.