IRIS : developing a new node concept

In the IRIS project we have developed a new node concept based on a separation of the 'radio interfaces' and the 'base node'.

The NanoBSD page is the place to be for up2date information on how to build/configure/create a WL node image. As always this project could use your help, by Contributing to various parts of the project.

The ConfigureBridge page shows you which bridges we use and how-to configure them. The WLCaptivePortal shows you how-to configure the captive portal software.


A node, type IRIS, is built using NanoBSD with some extensions a.o. to make package management a bit easier. Also the internet gateway (providing internet connectivity to the local wireless network) is based on NanoBSD.

The nodes are FreeBSD routers with DNS (bind), lvrouted as a dynamic internal routing daemon, thttpd webserver and a python based captive portal based on pf and tcpserver for the plain HTTP-redirects. Moreover there are some additions which are essential for large scale network monitoring such a nagios plugins and bandwith measurment tools (iperf).

A proxy gateway is a http-proxy based on tinyproxy and an authorative DNS server (bind). Included is also reverse ssh-tunneling (for remote management behind NAT firewalls). Nodes use pen with a home-build pen-wrapper to select the 'best' proxy (i.e. the highest bandwith). An alternative is a packet filtering firewall using pf to allow only port 80, 443 rate limited traffic. Packet filtering gateways use lvrouted to advertise a default route.


Tim Baas, student at Hogeschool Leiden prototyped the software as his afstudeerwerk. His documentation is available in the svn projects iris-directory (in Dutch). See also the youtube video's for the initial pilot description:

Roll out

Since 2009 we have revamped our nodes (a couple still left to be modified in 2015) and also built a lot of new ones. As of August 2014 the total number of iris nodes amounts to 103. We have chosen the following hardware configuration:

  • nodemachine based on a ALIX2D3 board with 1 - 2 GB compact flash card containing the software.
  • 802.11a interlinks based on Ubiquity NanoStation5, NanoStationM5, BulletM5, NanobridgeM5.
  • Local accesspoint with 8 dB omni antenna and Atheros CM9 MiniPCI wireless card, or NanostationM2, NanostationM2-Loco.
  • Optional: NanostationM2 or NanostationM2-Loco in repeater mode of local accesspoints to extend range of accesspoint network.
  • Optional: unmanaged switch to allow connections of multiple vNanostationM2 or NanostationM2-Loco local accesspoints.
  • PowerSupply gives you a hint on which power supply to use.
  • AlixAPU Development started to use the Alix APU System board in the future.
  • DCtoDCconverter gives you details about various DC conversions we apply.

Some youtube video's about building iris-type nodes:

A 'howto' guide for building nodes is available in Dutch: Kookboek_Nodebouw.

Open Tickets

Ticket Summary Status Owner Reporter Keywords
#237 image too big : package options not applied new nobody huub
#232 disable soft-updates on embedded image reopened rick rick
#230 configuratie pf.hybrid.conf uit wleiden.yaml captive portal interfaces new nobody huub
#229 : captive portal wordt altijd aangezet op wlan0 new nobody huub
#228 Portal_addmac probleem met 'remote host' variabele new nobody huub
#225 spatie in ssid van wlan0 niet geaccepteerd new nobody huub
#224 ssh redirect for gateways new nobody huub
#223 motd mist bridges new nobody huub
#220 Apache24 default met Perl new nobody huub
#218 geheugengebruik var partitie new nobody huub
#213 Freebsd10.0-RC1 error in building disk image (invalid partition table) new nobody huub
#209 Bridgen van accesspoint interfaces new nobody rick
#205 alternatief voor thttpd? new nobody huub
#201 /usr/local/bin/http302 - log access new rick rick
#200 Link-Layer discovery op de nodes assigned rick rick
#197 gateway op 'normal proxy' werkt niet goed new nobody huub
#196 configuratie externe if bij 'normal proxy' new nobody huub
#193 ipfw instead of pf firewall new nobody rick
#192 lvrouted packetje komen niet terug new nobody richardvm lvrouted
#191 Beter managen van HTTP/HTTPS stromen op de proxies new nobody rick
#190 gateway op rdr only hybrids gaat niet goed. new nobody rick
#186 Toestaan sommige external IPs buiten de captive portal om. new nobody rick
#181 lvrouted pikt 'nieuwe' default route niet op new nobody huub
#177 convert alias on network to real subnets new rick rick
#166 wlportal debug message new nobody rick
#138 hybrid ileiden proxy makes extra hop in lvrouted -z new rick rick
#51 Wireless Leiden node webinterface aka as wlweb new nobody rick

Starting Points for Trac

For a complete list of local wiki pages, see TitleIndex.

Last modified 3 months ago Last modified on Aug 28, 2015, 9:16:44 PM

Attachments (2)

Download all attachments as: .zip