Building your own Software Defined Network with Linux and Open Source Tools

Nearly two years ago, I started thinking about a next generation design for the Freifunk Hochstift backbone infrastructure, motivated by the limits and design choices made before (we were young and didn’t know better.. or didn’t listen..).

This post is the starting point of a series of posts about building a software defined wireless ISP network with Linux, a fistful of Open Source tools and low cost hardware.

Back in 2015 we already had some automation built with Salt Stack for managing package installations and config files for the Debian Wheezy and Ubuntu based machines which helped a great deal managing some mid two digit number of boxes and VMs in our spare time. The problems arose from the then monolithic design of the Salt configuration and the need to split of parts of the network – including B.A.T.M.A.N. advanced based mesh networks – into smaller segments for scalability reasons. As B.A.T.M.A.N. adv is a layer-2 based mesh network, scalability is an issue. When the networks consists of nearly 1.000 nodes, BUM traffic (broadcasts and unknown multicast) is becoming a problem.

While redesigning the entire infrastructure we faced quite some challenges – some expected, some unexpected. Within this series I will dive into details about the building blocks and lessons learned while building a new Freifunk Hochstift infrastructure basically from scratch. The series will be roughly outlined as follows (articles written will be linked here):

  1. Network topology, IPAM considerations and automated IP configuration
    1. Specifics and history of a Freifunk network
    2. Topology, layer 2  and layer 3 design
    3. Hardware platforms
    4. Introduction to Salt Stack and the chosen metadata (pillar) layout
    5. Salt states, Python, and Cumulus Networks ifupdown2
  2. Building a loop-free and redundant internal backbone
    1. OSPF for loopback reachiblity and management networks
    2. iBGP using route reflection
  3. VRFs on Linux
    1. Containing connections to the external world in a VRF
    2. OpenVPNWireguard tunnels between sites
  4. Connecting to the Internet through AS201701
    1. eBGP and traffic engineering
  5. A new approach with several B.A.T.M.A.N. adv. mesh networks
    1. Why tons of VLANs don’t scale – VXLAN overlays, management with ifupdown2 and config generation
    2. MTU trouble
  6. Anycasted services
  7. To be continued

For those being impatient on further articles there is a talk (in German) about the Salt-Orchestrated Software Defined (Freifunk) Networks  (slides) I gave at the GPN17 in Karlsruhe this year (recording). As the whole thing is up and running since spring of this year, the full configuration is already available on github and is still growing. Within future articles parts of the repository will be references and further explained. Stay tuned.

Leave a Reply