New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Anyfi.net integration #1

Merged
merged 6 commits into from May 21, 2013

Conversation

Projects
None yet
2 participants
@anyfinetworks
Contributor

anyfinetworks commented May 21, 2013

Anyfi.net is a software extension that makes every Wi-Fi network available from every access point. The user experience is completely seamless; if you have previously connected to a Wi-Fi network locally your device will automatically connect to the same network remotely whenever you come within range of another Anyfi.net enabled access point.

The software consists of two user space daemons; the radio front-end daemon anyfid and the tunnel termination back-end daemon myfid. They communicate with each other and a mobility control server to orchestrate the seamless user experience.

Key features/properties:

  • You don't need to install any software on the device; all the magic is on the access point side. From the device point of view it's all standard Wi-Fi.
  • There is no manual registration step. When you connect your device to your home Wi-Fi network it's automatically registered for remote access to that network.
  • Mobile devices "see" their favorite networks, connect automatically and authenticate using the same Wi-Fi security mechanism and credentials that where previously used to authenticate locally. This is what makes authentication completely seamless.
  • The Wi-Fi protocol is tunneled over IP from the visited access point to the home access point. This means that the encryption keys are derived only in the mobile device and in a trusted location, ensuring end-to-end security even if an attacker is in control of the visited access point. You can think of it as an automatic Wi-Fi based VPN of sorts.
  • Since mobile devices connect to their home networks through a Wi-Fi over IP tunnel they are assigned IP addresses by the home network. This ensures seamless hand-over between visited access points and full traffic traceability: you will not be blamed for something a "guest" has done.
  • Only the MAC address of your device, the IP address of your access point and information that's generally available in a beacon (SSID and similar) are ever sent to the server or a visited access point. No personally identifiable information, and absolutely no authentication credentials!
  • It works both for home Wi-Fi and corporate WLANs with EAP/RADIUS authentication. The same software can also be used for carrier Wi-Fi applications such as secure mobile offload with authentication against a SIM card, by simply configuring a custom mobility control server.

For a walkthrough of the integration please see http://anyfi.net/integration.

Anyfi.net added some commits May 19, 2013

Anyfi.net
Integration of Anyfi.net software.
Anyfi.net is a software extension for Wi-Fi access points that makes every
network available through every access point. See http://anyfi.net for more
information.
Anyfi.net
Added airtime driver support for mac80211/ath9k.
Anyfi.net software gives priority to traffic generated by the owner of the
access point, taking both the WAN connection bandwidth and available radio
spectrum into account (see http://anyfi.net/documentation#a_prioritization). But
to be able to do that it of course needs access to information about how the
radio is spending its time. This patch adds airtime estimates to the information
reported by the mac80211/ath9k Wi-Fi driver through radiotap.

Anyfi.net will work without this patch, but spectrum aware prioritization
and throttling will be disabled.
Anyfi.net
Configuration interface for Anyfi.net on residential gateways.
To make configuration as simple as possible for the end-subscriber there is only
a single checkbox controlling the 'anyfi_disabled' property on both the radio
frontend and the tunnel termination backend side. This allows for configuration
of 'anyfi_server' by the service provider, e.g. using TR-069 or similar, and
a controlled roll-out with "opt-out".

Also note that we do not reveal the "Anyfi.net" brand name to the end-
subscriber; Internet service providers typically want to deploy Anyfi.net
technology with custom mobility control servers under a more generic name, or
even under their own brand names.

See http://anyfi.net/documentation#i_rgi for more information.
Anyfi.net
Configuration interface for Anyfi.net on consumer Wi-Fi routers.
The recommended integration for consumer Wi-Fi routers is very similar to that
of a residential gateway, except that we explicitly refer to "Anyfi.net". The
end-user can change the 'anyfi_disabled' property on both radio frontend and
tunnel termination backend, with a single checkbox. The 'anyfi_server' property
is left under the control of the vendor, or more advanced users/administrators
with shell access. See http://anyfi.net/documentation#i_routeri for more
information.
Anyfi.net
Configuration interface for Anyfi.net on access points.
Public and corporate access points are typically configured by IT professionals
and will more often than not be used in combination with custom mobility control
servers, e.g. for carrier Wi-Fi applications. This configuration interface
therefore includes controls for most properties and exposes the user to the full
nomenclature of Anyfi.net technology. For more information see
http://anyfi.net/documentation#i_api.
Anyfi.net
Configuration interface for Anyfi.net on network appliances.
Anyfi.net is often used to provide remote access to an existing Wi-Fi network.
But sometimes you want to distribute a virtual Wi-Fi network through Anyfi.net
even though that network has no local representation; a typical example is a
tunnel termination gateway that terminates many secure Wi-Fi over IP tunnels,
coming in from residential gateways and access points. This command line
configuration interface can be used to setup such virtual networks.

For more information on how to configure WPA/WPA2 Enterprise (all EAP
authentication protocols are supported including EAP-SIM/AKA) please see
http://wiki.openwrt.org/doc/uci/wireless#wpa.enterprise.access.point.

For more information on the recommended Anyfi.net configuration interface for
network appliances and tunnel termination gateways please see
http://anyfi.net/documentation#i_ttgi.

@ghost ghost assigned carrierwrt May 21, 2013

carrierwrt added a commit that referenced this pull request May 21, 2013

Merge pull request #1 from anyfi/master
Anyfi.net integration

@carrierwrt carrierwrt merged commit 05c5b4d into carrierwrt:master May 21, 2013

anyfinetworks referenced this pull request in anyfi/carrierwrt Apr 16, 2014

Revert "Merge pull request #1 from anyfi/master"
This reverts commit 05c5b4d, reversing
changes made to eaa3998. This makes
room for a new improved integration.

Conflicts:

	products/ap/uci-customization.sh
	products/rgw/uci-customization.sh
	products/router/uci-customization.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment