Node name: [http://www.firstunitarianportland.org/ First Unitarian Church]BR Live Date: 2006-02-27 BR Contact: [mailto:chris@chrisgates.net Chris Gates]

[http://www.portlandmaps.com/detail.cfm?action=Block&propertyid=R246849&state_id=1S1E04AA%20%203400&address_id=104575&intersection_id=&dynamic_point=0&x=7641943.042&y=682687.793&place=1011%20SW%2012TH%20AVE&city=PORTLAND&neighborhood=DOWNTOWN&seg_id=138911 1000-1099] SW 12th Ave. BR Portland, OR BR ["Map"]: NodeMap:NodeFirstUnitarian

Equipment

• NuCab (provided by PersonalTelco)

• NetgearWgt634u (provided by First Unitarian Church)

• Metrix Mark II Kit (provided by First Unitarian Church)
  • Soekris net4826
  • 2 A/B/G 100mW Atheros Radios
  • PoE injector
  • Rooftop Sled
  • 9 dBi Antenna with 7-degree downtilt
  • 5ft LMR-195 Jumper with female N connectors
• 17 dBi 5.8 GHz backfire antenna (surplus from the MGP)

• 5' LMR-400 Jumper (donated by CalebPhillips)

• Oldish Netgear Wireless Router (donated by GregZupan)

Software Installed

• DebianLinux sarge

• NoCatAuth

• Pyramid Linux (on metrix)

Network Configuration

• Hostname: [http://en.wikipedia.org/wiki/Michael_Servetus servetus]

• Internet Network: 130.94.161.208
• Gateway: 130.94.161.1
• Upstream DNS servers: 198.5.254.1, 198.5.254.5
• PTPnet Network: 10.11.61.0/24

BR

• Hostname: [http://en.wikipedia.org/wiki/Michael_Servetus servetus] (a NuCab)

• IP: 10.11.61.1
• Purpose: Gateway

BR

• Hostname: [http://en.wikipedia.org/wiki/Origen origen] (a WGT634U)

• SSID: www.personaltelco.net
• BSSID: 00:09:5B:F8:17:F6
• Channel: 1
• IP: 10.11.61.2
• Ethernet MAC: 00:09:5B:F7:69:2A
• Purpose: AP

BR

• Hostname: [http://en.wikipedia.org/wiki/Ralph_Waldo_Emerson emerson] (a metrix)

• IPs: 10.11.61.3
• Purpose: AP
• BSSID (local coverage - wifi0): 00:0B:6B:56:01:93
• BSSID (wds link - wifi1): 00:0B:6B:4F:6A:16
• WDS channel: 165

BR

• Hostname: [http://en.wikipedia.org/wiki/Basalt basalt] (a soekris net4826-50 located at NodeCornerstone)

• IPs: 10.11.61.4
• Purpose: Repeater/AP
• BSSID (local coverage - wifi1) 00:0B:6B:0A:7F:18
• BSSID (wds link - wifi0) 00:0B:6B:0A:7E:9B
• WDS channel: 165

Installers / Organizers

• CalebPhillips

• RussellSenior

• ChrisDawson

• GregZupan

• ChrisGates

• BenGates

• MichaelHanna

• Maintained by the NetworkOperationsTeam.

Installation Notes

Overview:

[http://www.personaltelco.net/~caleb/diagrams/NodeFirstUnitarian.jpg]

FirstUnitarianChurch owns the entire block. This includes several entire buildings and a lot of diverse architecture. The overall goal is to saturate a few specific spots inside the buildings and cover the surrounding neighborhood with free wireless internet. The relevant buildings are:

• The Eliot Center ("EC") will be built in coming months and years. It will take the place of several existing, smaller buildings. Once constructed, the Eliot center will be used for various community events, education and activities. As such, it will need some wireless coverage. However, this is still a couple of years off.
• The Office Building ("0") houses the existing IT infrastructure and many small offices. Currently, there is a DSL line which serves something like 2-dozen users and a couple of servers. I suspect that Wifi coverage in the Office Building is not a huge priority, as most anywhere you would want connection has a lan-drop. However, it would still be nice.

• The Salmon Street Sanctuary ("SS") is on the corner of 12th and Salmon, it is on the historic registry, and is currently undergoing construction for seismic upgrades, which are expected to finish by March. Once this construction finishes, its bell-tower may be the ideal location for a some sector antennas pointed out windows to cover the surrounding area. Also, the inside of this building should be covered eventually. It's construction is steel re-enforced masonry with plaster inlaid with steel mesh - a FarradayCage. Below and around the sanctuary are several other floors which house classes for [http://www.nwacademy.org/ NW Academy] (who appear to have their own wireless network locally), religious education, music classes, and some other things.

• The Main Street Sanctuary ("MS") houses a second sanctuary (which has recording hardware for podcasting and is used for religious service as well as various speaking events) and "Fuller Hall" in the basement, which hosts community gatherings. Both the second sanctuary and Fuller hall are prime candidates for initial unwiring.

• The unlabelled building is an apartment building for the [http://www.outsidein.org/ Outside-In], which would surely benefit from FreeWireless, and may be willing to collaborate. If they are, they sure do have a nice chimney (on top of a scary roof).

Line of sight from 12th and Jefferson to Emerson's Yagi:

[http://www.personaltelco.net/~caleb/diagrams/emerson_los.jpg]

To Do List

• Add emerson and origen to DNS
• Coverage Maps

• Talk to OutsideIn about using their DSL line too -- collaboration in general.

Maintenance and System Log

• 2007-08-03: This week we experienced some outages due to complaints from a mega-corporation about our network serving up bittorrent ports. As a result, the ISP called the church IT people, who unplugged our gear. I spoke to the IT people and the ISP. The ISP claims that there were ports open for connecting prior to the unplugging. I was never able to confirm that any ports were actually open, so my diagnosis was mostly blind. I believe it *might* have been due to an iptables rule for the meraki network that involved -m state --state RELATED,ESTABLISHED. It is possible that those were being twiddled to forward ports back into the network. I have disabled that rule and also configured nat/masquerading at basalt, the NodeCornerstone soekris. Today, having seen the bittorrent traffic reappear, I called the ISP and they were not seeing any external ports open either. Unless new information arrives, the case appears to be closed. --RussellSenior.

• 2007-05-06: RussellSenior, BenGates, MichaelHanna, and I Installed gear on cornerstone Apt. Building. We Used a WDS link on 5.8 Ghz to connect this gear (named basalt) to emerson. It provides additional local coverage to this area with a 9dbi omni antenna. -- CalebPhillips

• 2007-04-04: Met with guys from apartment building at 12th and Jefferson. They want to connect to and repeat the signal from the metrix and have both gear and roof access. We start by aiming the yagi on the church bell tower. Then, move to the apartment building roof and try to connect with an SMC bridge and enclosed yagi they have. Run into some trouble configuring the bridge. We need to upgrade the firmware (Michael is doing this) and may need to enable WDS on the metrix as it seems the SMC bridge wants it. The connection just using laptops is awesome - ping flooding drops no packets and there is perfect line-of-sight. Also, this roof has line of sight to other roofs in the area we may be able to get on. SamChurchill showed up and took some photos. As a proof-of-concept, it was very successful. We just need to get all the gear together and do the install. We played around with a couple Meraki minis, using one as a bridge connected to the UU metrix, but ran into problems with routing because the Meraki's want to use 10.0.0.0/8 which colides with the address space of the node (10.11.61.0/24) - we need to figure out how to change the addressing scheme the meraki's use. -- CalebPhillips

• 2007-02-05: Tamarack, RussellSenior, and I visited the node, fixed the crimps on the LongRun and then it worked (after a bit of head-scratching). The rooftop devices are now production-ready. -- CalebPhillips

• 2007-02-05: Swapped the churches configured WGT (origen) back in for the loaner. Noticed that someone had plugged in the cat5 run towards the roof, but couldn't ping from either side. Need to get in and check the crimps at both ends, then the roof with *finally* be online and usable! --RussellSenior

• 2007-01-21: Made some configuration changes on servetus for NodeMonitoring. Also, sometime in December, RussellSenior put OpenWRT on the WGT, but it never got documented here. -- CalebPhillips

• 2006-11-12: RussellSenior, GregZupan, ChrisGates, and I did the "StageTwo" install by putting a metrix and sled on the bell-tower on the corner of 12th and Main. Currently this does not have a full cat-5 run up to the rest of the network, but is getting power, and is functional. FirstUnitarian staff will run cat-5 the rest of the way, and then it should be working. Photos from install [http://www.personaltelco.net/gallery/NodeFirstUnitarian here]. -- CalebPhillips

• 2006-09-25: RussellSenior, GregZupan, ChrisGates, PesheScott, and I did a site survey for "StageTwo". Decided that the best option is a non-penetrating quadropod sled on the 12th and Main tower (which has a flatspace on top) with a soekris in the typical MetrixMarkII enclosure with an omni. Will have a second radio for a point-to-point link at some point. Going foward on gear purchases and logistics, looking forward to an install within a month or two. -- CalebPhillips

• 2006-08-02: Moving forward on initial plans to cover a radius of 2-3 blocks, ChrisGates, GregZupan, and I have initiated some more planning, which should result in action come September2006 and October2006. -- CalebPhillips

• 2006-02-27: GregZupan, ChrisDawson, and I met at the Church at 6:00pm to finish up the install. We quickly determined that the cable run must have been pinched somewhere along the line. We made a second run of cable, tested it, and it worked. After removing the bad cable, pinning up the good one, crimping ends, and plugging in - everything seems to work. In fact, this log is being made via the connection from the upper balcony of the Main Street Sanctuary (MSS). Yay. -- CalebPhillips

• 2006-02-26: GregZupan and ChrisGates attempted to finish the install only to find the cable run was bad -- CalebPhillips

• 2006-02-19: Cleaned up a few more "node 42" references from our builder mis-steps. Added the local DNS servers to /etc/net-node/named.conf.options. Made /etc/nocatauth/gateway/htdocs a symlink to /home/web/node/firstunitarian, and /etc/net-node a symlink to /root/firstunitarian (the local svn checkout) instead. --RussellSenior

• 2006-02-18: Met out at the church today with the intention of running Cat5e from the office to the MSS balcony and installing the captive the portal server. I was joined by RussellSenior and a few people from the church (ChrisGates, GregZupan, and GardnerGrice). The Cat5e run was put off until a more powerful drill can be acquired for getting through a concrete wall. Installing the gateway seems to have been successful. I have updated the information above accordingly. Also, we setup a the WGT in the office as a proof-of-concept until the cable run is complete. Work will continue as soon as possible. -- CalebPhillips

• 2006-02-16: RussellSenior and I did a "builder install" on NuCab for this node. In spite of the builder-scripts only partially working (due to subversion authentication), the resulting NuCab seems to mostly work. -- CalebPhillips

• 2006-02-11: ChrisGates did some reconnaissance, getting in touch with the OutsideIn and NWAcademy. He also determined a way to run Cat5e from the Office to the MS. Next step is to buy gear and install it -- CalebPhillips

• 2006-02-02: Went out to site to do an initial site survey. Details above. Will post pictures at some point. -- CalebPhillips

Notes

• Photos of this node and it's installs are in [http://www.personaltelco.net/gallery/NodeFirstUnitarian the gallery].

• More information about this node can be found [https://adhocracy.personaltelco.net/node/show/first-unitarian in Adhocracy].

• Origen (the Netgear WGT634U) configuration:

  • Built OpenWrt r6007 and installed the jffs2 image

  • From serial console:
    • set password:

      # passwd

    • configured wireless in: /etc/config/wireless
      • modified channel and ssid

        config wifi-device  wifi0
                option type     atheros
                option channel  1
        
        config wifi-iface
                option device   wifi0
        #       option network  lan
                option mode     ap
                option ssid     www.personaltelco.net
                option hidden   0
                option encryption none

    • configured network in: /etc/config/network
      • added all interfaces to interface lan's bridge (so it doesn't matter which port you plug the ethernet into)
      • added a default gateway to lan's configuration
      • commented out the wan interface stanza entirely

        #### VLAN configuration 
        config switch eth0
                option vlan0    "0 1 2 3 5*"
                option vlan1    "4 5"
        
        
        #### Loopback configuration
        config interface loopback
                option ifname   "lo"
                option proto    static
                option ipaddr   127.0.0.1
                option netmask  255.0.0.0
        
        
        #### LAN configuration
        config interface lan
                option type     bridge
                option ifname   "ath0 eth0.0 eth0.1"
                option proto    static
                option ipaddr   10.11.61.2
                option netmask  255.255.255.0
                option gateway  10.11.61.1
        
        #### WAN configuration
        #config interface       wan
        #       option ifname   "eth0.1"
        #       option proto    dhcp

    • disabled dnsmasq and firewall in /etc/init.d:

      # cd /etc/init.d
      # mv dnsmasq dnsmasq_
      # mv firewall firewall_

  • modified hostname to "origen" in /etc/init.d/boot

    # Copyright (C) 2006 OpenWrt.org
    
    START=10
    start() {
            [ -f /proc/mounts ] || /sbin/mount_root
            [ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc
            vconfig set_name_type DEV_PLUS_VID_NO_PAD
    
            HOSTNAME=${wan_hostname%%.*}
            echo ${HOSTNAME:=origen}>/proc/sys/kernel/hostname
    #       echo ${HOSTNAME:=OpenWrt}>/proc/sys/kernel/hostname
    
            mkdir -p /var/run
            mkdir -p /var/log
    [...]

[CategoryNode][CategoryPersonalTelco]