For more information about towers in general and how they fit in to the free network, pop up to FreedomTower
Instructions for Configuration and Assembly
The following is SUPER ROUGH. I'll be cleaning it up substantially and updating it with valuable lessons learned from our operational deployments.
This documents the 4G modem uplink FreedomTowers deployed in fall 2011.
There are two phases in the construction of a FreedomTower: configuration and assembly. Configuration has three stages: modems, router, and radios. Assembly has two: enclosure and mast. We will begin with configuration, and move into assembly.
Bill of Materials
|Item||Quantity and Cost||Comment|
|Quiet power generator, such as the Honda EU1000i||$800||or solar, wall outlet, etc|
|UPS such as the APC BE750G||$100|
|Nettop such as the Lenovo IdeaCentre||$300||google shopping search|
|8-port network switch||$15|
|USB-to-Ethernet adapters||3 x $30 = $90|
|4G modems such as the Clear Series M||2x * $160 = $320||$85 for each modem, $45 for first month each, $30 activation fee total. Procure from Clear store so no contract required. Or, refurbished|
|Ubiquiti NS2s||3 x $80 = $240|
|Ubiquiti NSM5 Locos||3 x $50 = $150|
|Enclosure for UPS, computer, router, modems, and radio power injectors||$115|
|EMT Conduit mast (3 meters)||$12|
|Two ten-inch sections of 2x10" board||$10|
|Power splitters||5 x $5 = $25|
|50ft red CAT5||$15|
|25ft black CAT5||$8|
Tools and Construction Supplies Required
- 1/2" bit
- RJ45 (ethernet) Crimper
- Label maker
- 1 Hour Epoxy
We recommend that you procure the wimax modems for your tower through a corporate account with Clear. There is no price difference, and it will give you access to second level support, should the need arise. Once you have procured the modems (we suggest two, but you could use as few as one or as many as are needed), configure your machine to look for an address via DHCP on your wired interface. Plug directly into each modem in turn. You should be able to access the web administration interface of the modem by navigating to 192.168.15.1 - the password is set by default to CLEAR123, but maybe still be the OEM default of motorola. Once you're in, you should change the password, and record the WAN IP address of the modem. If you're only using one modems, that's it. For those using two or more modems, there is another step. Because all Clear modems are set to the same address by default, it will be necessary to change the DHCP settings so that each modem has a different address. Leave one modem as 192.168.15.1, and number additional modems by iterating the third octet: 192.168.16.1, 192.168.17.1, etc.
The heart of the FreedomTower is a nettop computer running pfsense, a variant of openbsd, that makes it easy to do network administration. We used the Lenovo Q150 in our build, but ran into problems when we discovered that the south bridge of the Q150's chipset is not supported by openBSD. You may wish to proceed as we have, by working around the problem using USB to Ethernet adapters, or you may wish to explore alternative nettop hardware. If you do the latter, please let us know how it goes.
Hook up your nettop to a monitor and keyboard. You will need a live image of pfsense. You should use the stable release of version 2. Before you proceed, connect the box to at any WAN connections, and to the network switch. Install pfsense on the box, configuring it to accept an address via DHCP on all WAN connections, and to serve addresses via DHCP to the LAN.
Once this is done, you'll want to reconfigure the LAN settings to expand the subnet. We recommend using 192.168.10.0 through 192.168.254.254. Then configure DHCP to hand out that range of addresses. NOTE: Wouldn't this be the FNF coordinated subnet?
The next step is to set up load balancing against the WAN connections. This is done by creating a gateway group, and making a firewall rule to route all lan traffic to that gateway.
NOTE: Let's add screenshots here
Label the radios with:
- Role (mesh node 5/2.4ghz node (x), mesh node 5/2.4ghz gateway)
- WLAN IP
- LAN IP
Configuring the radios has two steps.
Flash OLSR capable firmware
First, it's necessary to flash the devices with the proper firmware. We'll go over that procedure once, but you'll need to do it for all six radios. For the time being, we are using a version of Ubiquiti's AirOS that's been patched to support OLSR routing. You'll also need to have TFTP installed on your machine. It is widely available via your fravorite package manager. Grab the firmware (UbntStation info, UbiquitiNanostationM5 info):
--Sunflame 07:58, 13 December 2011 (CST) I had an issue with the configuration resetting to default every power cycle. It was due to a bug discussed here. The solution was to flash the latest official firmware via tftp and then the custom firmware via web interface. This resolved the problem.
Power them all up
Once you've got the firmware on your machine, you'll need to put it on the radios. First, you'll configure your machine to have a static address is in the 192.168.1.x subnet. Any address besides 192.168.1.20 will work. Next, take an unpowered radio, and depress the reset button. Continue to hold the reset button, and plug the radio in. Continue holding the reset button until the lights on the radio flash 1-3, 2-4, 1-3, 2-4. Release the reset button.
The radio is now in TFTP flash mode. You'll want to ping 192.168.1.20 to make sure that you've got a connection to the radio. Navigate to the directory where you've stored the firmware binary, and flash it to the radio using the following commands, there is not tab-to-finish in TFTP, so you'll have to type everything out:
tftp 192.168.1.20 bin trace put firmware_binary
Did this via tftp (instructions)
Wait until you see the lights stop cascadaing back and forth, and an ARP request like:
02:56:43.542358 ARP, Request who-has 0.0.0.0 tell 0.0.0.0, length 46 02:56:43.844753 ARP, Request who-has 0.0.0.0 tell 0.0.0.0, length 46 02:56:44.147153 ARP, Request who-has 0.0.0.0 tell 0.0.0.0, length 46 02:56:44.449547 ARP, Request who-has 0.0.0.0 tell 0.0.0.0, length 46
before you consider the firmware complete. Also be VERY gentle with the reset switch. Very light pressure required. Use a paper clip. DO NOT USE A SCREWDRIVER. This will almost certainly break the reset switch.
Once the transfer has finished, you can quit TFTP. Wait several minutes for the radio to reboot. Once it comes back online, navigate to 192.168.1.20 in your browser. You should be presented with the ubiquiti web interface. The default username and password are ubnt:ubnt. We recommend changing the admin user name, and the hostname. Our radios are named FNF2-0, FNF2-1, FNF2-2, and FNF5-0, FNF5-1, and FNF5-2. Once you've changed these settings, you should also ssh into the machine in order to change the password, using the command passwd.
All radios should be set to bridge mode, and configured to obtain an address via DHCP. The 2-0 and 5-0 radios will be configured as access points, and the 2-1, 2-2, 5-1, and 5-2 radios will be configured as stations. You should also make sure that all radios are set to a 20MHz channell width, and have AirMax turned off.
On the 2-0 and 5-0 machines, you'll set SSIDs for the networks. Ours are called 'The Free Network' and 'The Free Network 5GHz'. Once you've set the SSIDs on the Access Points, you'll lock the station radios to the MAC address of their respective APs.<< I believe the lock step is only on the nsm hardware in the 5.2 airos
At this point, you'll probably want to configure the router to grant a static lease to the radios. Ours are numbered 192.168.2.0-2 and 192.168.5.0-2 NOTE: do we want to encourage a separate vlan for management?
As far as configuration goes, that's it! You're ready to put everything in the enclosure
Keep in mind here that these instructions are based on the components listed in the Bill of Materials above. If you've chosen to use different hardware, your mileage may vary.
In order to keep the power supply stable, it will be necessary to fill the bottom gap (between the wheel wells of the case) with the boards. Epoxy the two boards together. Then expoxy the boards to the bottom of the case, in the center, being careful to keep the boards flush with the bottom. Once the boards have cured, attach the power supply on top of them using a couple strips of velcro. Carefuly not to affix the velcro such that it makes it impossible to open the battery compartment of the UPS. The power supply should be attached such that the cord exits at the bottom right corner of the case.
As you may notice, the case can't shut with a power cord inbetween the base and the lid. Use a knife to carve away the closure lip, without cutting through the weather seal. You should be able to close the case around the power cord, and maintain a water-tight closure.
Next, you'll mount the modems, one (or more) on either side of the case. Use velcro. Be generous. Then mount the nettop. Same story. Use velcro. We mounted ours so that the fan vent is up, which puts the power button against the back wall of the case. This helps avoid accidental power cycles.
Again, same story with the switch, but this time, mount it to the top of the case. Depending on what model of switch you have, you may want to remove the rubber feet before applying the velcro, as the feet tend to slip out of their fittings.
Next task is to mount the power over ethernet injectors for the radios to the lid. The ports should face the top.
Now you're ready to plug the five power splitters into the five outlets labelled 'sure protections and battery backup'. This is so that the entire rig can run off of batteries. We use the three splitters on the left for the power injectors, and the two on the right for the modems, router, and switch.
Plug everything in. Tidy up with zipties where you can, and you're ready to move on to the mast.
The mast consists of the six radios mounted atop a piece of conduit, with an ethernet run through the middle of the mast, and out the bottom. On one end, drill two 1/2" holes in a vline, one XX inches from the end, and another XX inches from the end. The top hole will be for the ethernet cables going to the NSM2s, and the bottom will be for the NSM5Ls. XX inches from the bottom, drill two 1/2" holes in a horoizonal line, with about 3/4" between the two. Now run 11' sections of uncrimped ethernet cable through the mast. Cables that enter through the same hole should exit through the same hole. Use two red cables and one black per hole. The black cable will carry power and data. The red cables will cary only power. You might use fish tape or string, and a bent wire hanger to make the process go quicker. Once the cables are through, crimp both ends.
Ziptie the radios to the mast, and plug in the cables. Mount the mast on the tripod, and run the cables down around the tripod. You'll need to do the same for the two ethernet bundles as you did for the power cord. Carve away the lip of the closure, but the leave the weather stripping. Plug everything in, and you've got yourself a FreedomTower!