Mesh Network is gaining popularity, Mesh Networking standards were available as early as 2007(IEEE Std link here). But WiFi penetration was thin. Recent launches of many Mesh WiFi routers has led to the rise of many forums.

Table of Contents

❖ Benefits of Meshing

●    Network coverage

Each node acts as a “repeater”: a very good spatial coverage is achieved with WLAN.

●    Reliability

No single point of failure. Several nodes can simultaneously provide services such as the transition to “the rest of the Internet”; if one transition node fails, another takes over its task.

●     Resource-saving

Each node is simultaneously sender, receiver and distributor (quasi AP, client, repeater and switch). In addition, only one channel in the WLAN is required by the entire meshing network – in practice, other technologies usually need one channel per transmitting station / AP.

●     Further:

Depending on the protocol and software used, other features such as B. Roaming possible.

❖   So why do we need mesh?

In a mesh network, multiple wireless routers work together to broadcast a single, very large wireless network. Each router in a mesh network intelligently communicates with the others to provide the best “path” for your data. The following images highlight the difference between using a single wireless router and a mesh network. The red network represents a single wireless router, and the green is a mesh network.



❖ Open Source Community WiFi

1.  Freifunk

Freifunk is a Germany based non-commercial open grassroots initiative which supports the free computer networks in the German region. Freifunk is one of the important parts of the international movement for a wireless community network.

Click Here to join the Freifunk Community.

Click Here to know more about the Freifunk.

Click Here for the Freifunk GitHub Repository link

How to Build a Freifunk wifi router using Raspberry-Pi

➢ How Freifunk works?

In the Freifunk network or in all networks that use meshing technology, the individual clients (then: nodes or nodes ) have equal rights and can also forward data “on request”. Each new node also extends the range of the network.

➢ In which modes Freifunk Mesh can operate?

Freifunk Mesh can operate in 2 modes,

1.  Normal Mesh Mode:

Where AP can do Mesh networking and each AP can act as a WiFi router

2.  Another Mode:

Clients like pc, laptops, mobile can also talk to each other/ without using the Access Point(AP).

This is technically implemented as follows.

  • At the level of the WLAN configuration, the network is operated in ad hoc mode instead of the usual infrastructure mode. This means that the nodes are not permanently attached to an access point or similar. bound. At the same time, however, some things that the central access point would otherwise have to be configured manually (e.g. your own IP address).
  • At the level of the TCP network, a program (such as OLSR or BATMAN ) is operated for flexible routing of the data, which provides an overview of the current structure of the network (which nodes have how good connections to other nodes) and incoming and outgoing data accordingly addressed (routes).

The end-user has two options for participating in the Freifunk network:

  1. Active participation in the Freifunk network – setting up a Freifunk node and expanding the Freifunk network – requires some configuration. In principle, a Freifunk node could be implemented on a notebook, for example, but in practice, it is easiest to set up a special Freifunk access point.
  2. If you only want to use the Freifunk network, you can use your own device (notebook, smartphone …) to log into most Freifunk access points via WLAN: The Freifunk access points often provide additional wireless Ad hoc network also provides an access point in infrastructure mode that end devices can use without special software or configuration.

➢ Mesh Protocols in Freifunk

  1. OLSR on Linux / Mac OS X / Windows / Nokia N810
  2. BATMAN can be on PCs the same way as under the BATMAN configuration described.
  3. OLSR, BATMAN, Freimap and horst are the software’s which are particularly relevant in connection with Freifunk.

➢ How to build Freifunk Mesh WiFi?

For building Freifunk mesh WiFi, you need to fulfil the hardware and software requirements.

●    Software for Freifunk

Freifunk packages can be built on OpenWRT. Follow the steps given below for installations

STEP 1. To enable the feed, add the following line to your feeds.conf:

src-git freifunk

STEP 2. To install all its package definitions, run:

./scripts/feeds update freifunk

./scripts/feeds install -a -p freifunk

●    Hardware for Freifunk

DeviceManu.CoverRange (m)ClientsFreq. (GHz)GluonCPU/RAM/FlashChar.TX (dbm)PoE
NanoStation M2UbiquitiH 55 ° / V 53 °3000502.4stable400/32/8Outdoor sector28Yes
NanoStation M2 (XW)UbiquitiH 55 ° / V 53 °3000502.4experimental400/32/8Outdoor sector28Yes
NanoStation M2 locoUbiquitiH 60 ° / V 60 °1500 2.4stable400/32/8Outdoor sector23Yes
PicoStation M2Ubiquiti360 °500 2.4stable400/32Omni outdoor28Yes
Bullet M2Ubiquiti 2.4stable400/32without antenna28Yes
Unifi APUbiquiti360 °1221002.4stable400/32/8Omni indoor20thYes
Unifi AP Long RangeUbiquiti360 °1831002.4stable400/32/8Omni indoor27Yes
Unifi AP ProUbiquiti360 °1221002.4 / 5experimental560/128/16Omni indoor30thYes
WR841N (D) V9TP-Link360 °40 2.4stable550/32/4Omni indoor<20No
WR842ND v2TP-Link360 °  2.4stable535/32/8Omni indoor<20No
WR842ND v3TP-Link360 °  2.4stable650/64/16Omni indoor<20No
WR1043ND V2TP-Link360 °60 2.4stable720/64/8Omni indoor<20No
WDR3600TP-Link360 °30th 2.4 / 5stable560/128/8Omni indoor<20No
WDR4300TP-Link360 °30th 2.4 / 5stable560/128/8Omni indoor<20No
Archer C7 v2TP-Link360 °  2.4 / 5experimental720/128 / (8/16)Omni indoor<20No
Archer C5 v1TP-Link360 °  2.4 / 5experimental720/128/16Omni indoor<20No
CPE210 / 220TP-LinkH 65 ° / V 35 °  2.4 560/64/8Outdoor sector27Yes

●      Antenna

In general, there are two different signal propagation characteristics for WLAN antennas, the Omni and the Directional antenna which can be used for Freifunk.

2.  NYC Mesh

NYC Mesh is a New York City-based mesh which consists of a physical network of the interconnected routers and a group of enthusiasts who work to support the expansion of the project as a freely accessible, open and wireless community network. Don’t confuse it with an internet service provider (ISP), although it does connect to the internet and offer internet access as a service to members.

Click Here to know more about NYC Mesh

Click Here for the GitHub Repository link of NYC Mesh.

How to Build a NYC Mesh wifi router using Raspberry-Pi

➢ How is it based on Libremesh?

Libremesh is more flexible than NYC Mesh. Like NYC Mesh, Libremesh is also based on OpenWRT, there is a wonderful distribution for wireless devices from 4mb flash / 32mb memory up to 64bit x86 support.

Click Here for the GitHub Repository link for Librelime.

➢ How to build NYC Mesh?

To build NYC Mesh you need two open-source hardware.

Open-source Hardware are of 2 types:

1.  WiFi AP: 

WiFi AP stands for Wireless Access Point, in computer networking it is a networking hardware device that allows other Wi-Fi devices to connect to a wired network. The AP usually connects to a router (via a wired network) as a standalone device, but it can also be an integral component of the router itself. An AP is differentiated from a hotspot which is a physical location where Wi-Fi access is available.

Click Here to know more about Wifi AP.

Raspberry Pi AP:

It is based on Raspberry Pi. The Raspberry Pi wireless access point is built on top of Linux, using tried-and-tested tools from the more hardcore end of the software spectrum, and it allows you to get all the control you could ever want over who accesses your network and precisely how it operates.

Installation of Libremesh Raspberry Pi AP

In order to work as an access point, the Raspberry Pi needs to have the hostapd access point software package installed:

sudo apt install hostapd

Enable the wireless access point service and set it to start when your Raspberry Pi boots:

sudo systemctl unmask hostapd

sudo systemctl enable hostapd

In order to provide network management services (DNS, DHCP) to wireless clients, the Raspberry Pi needs to have the dnsmasq software package installed:

sudo apt install dnsmasq

Finally, install netfilter-persistent and its plugin iptables-persistent. This utility helps by saving firewall rules and restoring them when the Raspberry Pi boots:

sudo DEBIAN_FRONTEND=noninteractive apt install -y netfilter-persistent iptables-persistent

Software installation is complete. We will configure the software packages later on.

WiFi RoutersPriceAmazon LinksImagesSpecification
Netgear Orbi RBK50 Tri-Band Mesh WiFi System (White)$ 315.51Click HereClick HereClick Here
Netgear Orbi RBK20-100INS Tri-Band Router Home Wi-Fi System (White)$ 203.11Click HereClick HereClick Here
Netgear Orbi Whole Home Mesh WiFi System (RBK12) – Router Covers up to 3,000 sq. ft. with 1 Router & 1 Satellite$ 115.09Click HereClick HereClick Here

2.  Outdoor CPE:

●    What is Outdoor CPE?

The Outdoor CPE device is an Outdoor Access Point (AP) or we can say a router to provide long-distance wireless network solutions to the people. It receives internet signal by LAN cable from an indoor PoE injector and sends boosted Wi-Fi signal to the further areas. The Outdoor CPE cannot gather internet signals from the wireless 3G/4G network.

●    What is CPE?

CPE stands for Customer Premises Equipment and it refers to communication equipment (like a router, bridge, modem or access point), which is normally and physically located at the customer’s home or business premises.

●    Why is Outdoor CPE required for NYC Mesh?

Outdoor CPE is designed to WISP CPE solutions and long-distance wireless network solutions for video surveillance and data transmission. It features a 12dBi directional antenna to provide an efficient way to pick up and maintain a stable signal for a wireless network. The adoption of auto-bridging technology, two CPE can connect to each other automatically to make it easy to set up.

●    Here is a list of Top 5 Outdoor CPEs
CPE for Outdoor WiFiPriceAmazon LinksSpecification
TP-Link CPE610 High Power Outdoor CPE/Access Point, 5GHz 300Mbps, 802.11N/A, Dual-Polarized 23dBi Directional Antenna, Passive POE, White$ 67.69Click HereClick Here
Tenda O1 300Mpbs Wireless 2.4GHz 8dBi Outdoor Point to Point CPE$ 41.01Click HereClick Here
IPI CPE3 2.4GHz 8dBi Outdoor CPE$ 33.84Click HereClick Here
TP-Link TL-WR841HP High-Power Wireless-N Router (Black, Not a Modem)$ 27.07Click HereClick Here
Ubiquiti Networks 5G Litebeam 23 DBI Airmax (LBE-M5-23-US)$ 89.10Click HereClick Here

To know how to Build Indoor AP for NYC Mesh

➢ Community-Based WiFi

NYC Mesh is a community-owned and managed internet network which is committed to creating a more equitable internet by connecting all New York people to high-speed and affordable broadband. To achieve this, NYC Mesh volunteers have collectively built the plumbing which is needed to take the internet from the ‘backbone’ to the surface, and are now using newly inexpensive wireless radios to move it from rooftop to rooftop, window sill to the window sill, to create fast and free community-run wireless networks.

A few years ago, the NYC Mesh was quite relatively slow, but thanks to the massive improvements in inexpensive radio technologies, they can now offer speeds comparable to traditional commercial offerings.

➢ Independent ISP Provides Almost free internet with a one-time charge

So, instead of paying $80/month (that is $960/year) or more to your cable company, you can connect to NYC Mesh with a $100 radio antenna and get free internet. They request donations of $20/month ($340/year) to keep the shared network running and to help connect the nearly 30% of New Yorkers currently without an internet connection at home. With that donation, subscribers still are saving over $500/year while helping to grow the physical and social infrastructure of a new way to connect online.

➢ WPA/WPA2 based security

A typical NYC Mesh home install creates two wireless networks – one open 802.11 access point (with a captive portal), and one WPA/WPA2 encrypted upstream gateway. You can change the open access point to be encrypted if you wish.

3.  Philly Mesh

Philly Mesh is for experiment loving people, who love to do innovation with mesh networking and decentralized/distributed technologies.

Philly Mesh is open for experimentation with low-power wide-area networking.

GitHub Repository link of Philly Mesh.

How to Build a philly mesh WiFi router using Raspberry-Pi

➢ Community-based Mesh Free internet

Mesh networks are typically seen in the areas that experience natural disasters, political upheaval, or repression, where chaining routers together into a mini Wi-Fi network, that can provide a secure and low-cost connection. One such network recently introduced up in Philadelphia known as the Philly Mesh.

But for now, they see the mesh network as an adjunct to community member’s home internet.

It is financed by the local government and offers free internet access. The backbone of the network will be a WiMax based solution.

A mesh network creates reliable and redundant wireless internet access.

Based on the offered wireless connectivity, such networks aim at providing a variety of services, with free community-wide VoIP. WiFi interface with a directional antenna.

➢ Supports IoT based other protocols like Lora, Sigfox

Philly mesh supports IoT based other protocols such as Lora and Sigfox. If we talk about Sigfox, then Sigfox is a narrowband (or ultra-narrowband) technology. It uses a standard radio transmission method called binary phase-shift keying (BPSK), and it takes very narrow chunks of spectrum and changes the phase of the carrier radio wave to encode the data. This allows the receiver to only listen in a tiny slice of spectrum, which mitigates the effect of noise.

On the other hand, LoRa (a chirped modulation format) and LoRaWAN (a MAC-layer protocol). LoRa is a spread-spectrum technology with a wider band (usually 125 kHz or more). Its frequency-modulated chirp utilizes coding gain for increased receiver sensitivity.

LoRaWAN looks at a wider amount of spectrum than SigFox (and thus gets more interference). However, because it’s looking for a very specific type of communication, the elevated noise due to a larger receiver bandwidth is mitigated by the coding gains. Practical link budgets are about the same for SigFox and LoRaWAN.

4.  LibreMesh

Libremesh is an open-source modular framework for creating OpenWrt based firmware for wireless mesh nodes.

LibreMesh is a modular framework for creating OpenWrt-based firmware for wireless mesh nodes. Various communities around the world use LibreMesh as the foundation of their local mesh firmware.

The LibreMesh project includes the development of several tools. The firmware (the main piece) allows the simple deployment of auto-configurable, yet versatile, multi-radio mesh networks.

To know more about Libremesh.

For the GitHub Repository link of LibreMesh.

How to Build a LibreMesh wifi router using Raspberry-Pi

➢ Why Choose Libremesh?

The only reason to use open source is simply, privacy. With the Open Source mesh WiFi router, your data is your own. It doesn’t track or collect your own data. If you don’t trust it then you can easily check, it’s open-source, after all!

With some other popular mesh solutions, say those provided by very large tech conglomerates, would you trust them with your data?

Another important factor: updates. Open Source mesh WiFi router says it is committed to pushing out security and performance updates regularly. What about 10 years from now? With an open-source solution, you are free to update the product for as long as you want.

➢ Libre Lime

LibreMesh is a firmware for geek-free Wireless Community Network building. It is also a framework to build your own community network firmware. You can use LiMe-SDK to create a customized Libremesh firmware for your community or use the one that comes already cooked at this repository

  • No matter which OpenWRT/LEDE-compatible device you use, once you flash it with LibreMesh, the device will automatically create a network and mesh with other neighbouring mesh devices.

Also, you can use an online tool (Chef) to generate a custom firmware for each network. Once that firmware is generated and installed, only one setting (the router’s name) needs to be customized, then the platform creates a single roaming cloud, which can route between other nearby compatible networks. Currently, the Chef tool and documentation is only in Spanish.

Openwrt based mesh WiFi routers

5.  Toronto Mesh

Based in Toronto, A decentralized group of volunteers who started Toronto Mesh at CivicTechTO in early 2016. Through building community-owned infrastructure using off-the-shelf hardware and open-source technology, we are hoping to address barriers to internet access in our city. There are many ways for people to get involved.

Toronto mesh is one of the best open-source mesh WiFi frameworks easily available for users to use online.

Click Here to know more about Toronto Mesh.

Click Here for the GitHub Repository link of NYC Mesh.

How to Build a TorontoMesh wifi router using Raspberry-Pi

➢ How is the Toronto Mesh different?

  • Toronto Mesh uses CJDNS
  • Supports multiple Hardware’s

List of Supported Hardware

1.  Orange pi –

Orange pi is an open-source single-board computer which can run Android 4.4, Ubuntu, Debian and Raspbian Image. Orange pi uses the AllWinner H3 SoC and has a 1GB DDR3 SDRAM.

Orange Pi is kind of a simple, fun and useful tool which can be used to start taking control of the world around you.

Orange PiPriceAmazon LinksSpecifications
Orange Pi Zero Set 6:Orange Pi Zero 512MB+Expansion Board+Black Case Development Board Beyond Raspberry Pi$ 43.33Click HereClick Here
Makerfocus Orange Pi Zero H2 Quad Core Open-source 512MB Development Board with Wifi Antenna$ 38.17Click HereClick Here
Orange Pi PC Plus Single Board Computer – Quad-Core 1.3GHz ARMv7 1GB DDR3 8GB eMMC Storage$ 61.68Click HereClick Here

Click Here for the GitHub Repository link of Orangepi.

Click Here for the Amazon link for Orange pi.

2.  Rock64 –

Rock64 is a Single Board Computer powered by Rockchip RK3328 Quad-Core ARM Cortex A53 64-Bit Processor which is a credit card-sized and supports up to 4GB 1600MHz LPDDR3 of memory. It provides an eMMC module socket, MicroSD Card slot, Pi-2 Bus, Pi-P5+ Bus, USB 3.0 and many other peripheral devices interface for the makers to integrate with sensors and devices.

Rock64PriceAmazon LinksSpecifications
ROCK64 – Single Board Computer (4GB)Click HereClick Here

Various Operating Systems such as Linux Distributions, Android,  *BSD and many more are made available by the open-source community and partner projects.

Click Here for the GitHub Repository link of Rock64.

Click Here for the Amazon link for Rock64.

3.  Nano Pi –

Nano Pi is a Samsung S3C2451 based ARM SOC that FriendlyARM developed for Linux hackers, makers and hobbyists that consumes less power. The size of Nano Pi is half of the Raspberry Pi and its GPIO (General Purpose Input/Output) pin is compatible with the RPi’s.

The NanoPi consists of both the WiFi as well as Bluetooth 4.0, having a DVP camera interface and full-colour LCD interface. It boots Linux/Debian quickly from a TF card (T-Flash Card). The above-listed features make it a good platform for applications in IoT (Internet Of Things), unmanned vehicles, robotics, image processing and human-machine interaction as well.

Nano PiPriceAmazon LinksSpecifications
FriendlyElec Nanopi R2S Mini Portable Travel Router OpenWRT with Dual-Gbps Ethernet Ports 1GB DDR4 Based in RK3328 Soc for IOT NAS Smart Home Gateway$ 67.69Click HereClick Here
smartfly info NanoPi NEO Open Source Allwinner H3 Development Board Super Raspberry Pi Quad-core Cortex-A7 DDR3 RAM 512MB Run UbuntuCore$ 28.42Click HereClick Here

Click Here for the GitHub Repository link of Nano Pi.

Click Here for the Amazon link for Nano Pi.

4.  Pine64 –

Pine64 is an organization which designs, manufactures and sells single-board computers (SBC), notebook computers and smartphones.

It is not only a computer; it is a super affordable 64-bit high performance expandable single-board computer (SBC). If you are an IT professional, electronics hobbyist, student, teacher, hacker, inventor, or just someone who wants to have more flexibility to increase their productivity at work, the Pine64 is a computer board made for everyone.

Pine64PriceAmazon LinksSpecifications
Eleduino PINE64/ 64 plus Acrylic Enclosure Case BlackClick HereClick Here
pine64 + 2GB Single Board Computer with WiFi + Bluetooth ModuleClick HereClick Here

Click Here to know more about Pine64.

Click Here for the GitHub Repository link of Pine64.

Click Here for the Amazon link for Pine64.

5.  ESPRESSObin –

ESPRESSObin was originally a Kickstarter single-board computer(SBC) developed by Globalscale Technologies Inc. It does low power consumption.

ESPRESSObin is a high-performance 64-bit dual-core networking computing platform based on the ARMv8 architecture. The board is powered by Marvell’s Armada 3700 dual-core SoC chipset which runs up to 1.2GHz.

ESPRESSObinPriceAmazon LinksSpecifications
ESPRESSObin SBUD102 64 Bit Single Board Computer Network SwitchClick HereClick Here

Click Here to know more about ESPRESSObin.

Click Here for the Github Repository link of ESPRESSObin.

Click Here for the Amazon link for ESPRESSObin.

6.  MK802ii –

MK802ii is a PC-on-a-stick developed by Riko magic which is a Chinese company that uses mostly two series of Systems on-chip architectures i.e, AllWinner A1X SoC and Rockchip RK3xxx SoC.

MK802iiPriceAmazon LinksSpecifications
Rikomagic MK802II 4G Cortex-A10 1GHz 1GB RAM DDR3 Android 4.0 Mini PC with 3D Games and WIFI (Black)Click HereClick Here
Rikomagic MK802 II Android 4.0 Mini PCClick HereClick Here

Click Here to know more about MK802ii.

Click Here for the Github Repository link of MK802ii.

Click Here for the Amazon link for MK802ii.

➢ Supports Mesh wifi Development for Small to Medium Deployment

Toronto Mesh supports mesh wifi development for small to medium deployment.Figure 5: Table comparing baseline and enhanced network configuration

➢ Ipv6, CJDNS based Secure connectivity between Multiple Peers

Toronto mesh supports Internet Protocol version 6 (IPv6) for local DSR node addressing. IPv6 address can be defined for each Diameter connection. Cjdns implements an encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing. This provides near-zero-configuration networking and prevents many of the security and scalability issues that plague existing networks.

➢ Bill of Materials

1.  Hardware Requirements:

  • Raspberry PI 4 ( 2GB RAM )

In case you want to support both 2.4Ghz and 5Ghz band and High throughput, then

You need a minimum of 2 nodes of Raspberry PI-4.

For Benchmark and throughput requirements. Click here

Otherwise, if you are good with 2.4Ghz then you can go with 

  • Raspberry  Pi Zero-w.

2.  SD Card:

Recommended is 16GB class 10.

Check the table below for the Top 3 SD cards.

SD card ModelsSizeAmazon LinksSpecifications
Sandisk U1 A1 98Mbps 16GB Ultra MicroSDHC (MicroSD) Memory Card  16 GBClick HereClick Here
Strontium Nitro 16GB Micro SDHC Memory Card 85MB/s UHS-I U1 Class 10 High Speed for Smartphones Tablets Drones Action Cams (SRN16GTFU1QR)  16 GBClick HereClick Here
Sandisk 8GB Class 4 MicroSDHC Memory Card (SDSDQM-008G-B35)  8 GBClick HereClick Here

3.  OS Image:

Raspbian Lite. Link here

4.  Optional:

➢ DIY Mesh Using Toronto Mesh

Steps to build and Configure Toronto Mesh on Raspberry Pi

Same steps should be followed for other Hardware.

Step 1: Flash the SD Card

The Raspberry Pi official documentation provides an excellent tutorial on this, using Etcher software. We recommend that you burn the image to the Micro SD card using Etcher. We have a pre-flashed image file here.

Step 2: Enable SSH

Create an empty file named ssh to enable SSH when the Pi boots:

$ touch /path/to/sd/boot/ssh

Plug the SD card and USB WiFi adapter into the Pi.

Step 3: Connect Raspberry Pi

Plug the Pi into your router so it has connectivity to the Internet. SSH into the Pi with ssh pi@raspberrypi.local and password raspberry.

Optional: There are other ways to connect, such as connecting the Pi to your computer and sharing the Internet to it. If you have multiple Pi’s connected to your router, find their IPs with Nmap -sn 192.168.X.0/24 (where 192.168.X is your subnet) and SSH to the local IP assigned to the Pi you want to address ssh pi@192.168.X.Y.

Note: After the install, the node will be renamed to tomesh-XXXX where XXXX is the last 4 characters of your CJDNS address. Before the reboot, the node will notify you of what the name is.

In your SSH session, run the password and change your login password. It is very important to choose a strong password so others cannot remotely access your Pi.

Run the following, then let the installation complete. After about 5 minutes the Pi will reboot:

$ wget && chmod +x install && TAG_PROTOTYPE_CJDNS_PI=develop ./install

Step 4: Check Status

Give the Pi about 15 seconds to reboot and SSH back into it. You should find the status of your mesh node automatically printed. You can also print this anytime by running status.

Verify that Cjdns Service is active, and Mesh Interface (if applicable). The NODE section should display a single IPv6 address, that’s the identity of your Pi in the cjdns mesh. The PEERS section should indicate a list of IPv6 addresses that are active peers to your node. This list will be empty until you have another nearby node with the same setup.

Step 5: Network Benchmark

You can benchmark the network throughput with more than one node. Let’s name our two Pi’s Hillary and Friend.

  1. SSH to Friend and note its IPv6.
  2. Run iperf3 -s to start listening. Do not end the SSH session.
  3. In another Terminal session, SSH to Hillary and run iperf3 -c FRIEND_IPV6. You should start seeing Hillary sending encrypted packets to her Friend. See phillymesh/cjdns-optimizations for expected throughput.

❖                 CJDNS

●    What is CJDNS?

CJDNS stands for Caleb James DeLisle’s Network Suite. It is a networking protocol and reference implementation. CJDNS implements an encrypted IPv6 network by using the public-key cryptography for the address allocation. This provides near-zero-configuration networking and prevents many of the security and scalability issues that plague existing networks.

Click Here for the GitHub Repository link of CJDNS.

●    How to install CJDNS?

These instructions are only for Debian-based Linux distributions and macOS.

Debian-based distro:

sudo apt-get install nodejs git build-essential python2.7                                                                                                         

Fedora 22+ based distro:

sudo dnf install nodejs git

sudo dnf install @development-tools

RHEL based distro (adds the EPEL repo):

sudo yum localinstall

sudo yum install nodejs git

sudo yum install @development-tools

Building from the package:

sudo yum localinstall

If you want to speed this up dramatically then:

systemctl enable cjdns-resume

The resume service restarts cjdns when the system wakes up from sleep.


emerge –ask nodejs sys-devel/gcc dev-lang/python:3.4 dev-vcs/git


Install with Homebrew:

brew install cjdns

Install with MacPorts:

sudo port install cjdns


pkg_add git node gcc gmake bash

Now you can install cjdns

emerge cjdns

Create a file portage-weuxel.conf containing [weuxel]

location = /opt/portage-weuxel

masters = gentoo

auto-sync = yes

Now sync

emerge –sync

Automatic crash detection and restart

Copy the openrc init script from contrib/openrc to /etc/init.d/ and modify the CONFFILE and command parameter to your needs. Then start cjdns by issuing

/etc/init.d/cjdns start

Configure the init system to autostart cjdns

rc-update add cjdns default


Run cjdroute without options for HELP:


1.  Generate a new configuration file

./cjdroute –genconf >> cjdroute.conf

2.  Find a friend

To get into an existing network (e.g. Hyperboria), you need to connect to someone who is already in the network. This is required for several reasons:

  • It helps prevent abuse because bad people will be less likely to abuse a system after they were, in an act of human kindness, given access to that system.
  • This is not intended to overlay The Old Internet, it is intended to replace it. Each connection will in due time be replaced by a wire, a fibre optic cable, or a wireless network connection.
  • In any case of a disagreement, there will be a “chain of friends” linking the people involved so there will already be a basis for coming to a resolution.

3.  Connect your node to your friend’s node

To initiate the connection OUTbound
In your conf file, you will see:
// Nodes to connect to.
// Add connection credentials here to join the network
// Ask somebody who is already connected.
A conf file with multiple friend-nodes, setup Outbound, should look like:
// Nodes to connect to.
//friend_1 (IPv4:; IPv6 fcaa:5bac:66e4:713:cb00:e446:c317:fc39)

        “login”: “k.alexander”

        “password”: “thisIsNotARealConnection_1”,

        “publicKey”: “thisIsJustForAnExampleDoNotUseThisInYourConfFile_1.k”


    //friend_2 (IPv4:; IPv6 fcbb:5bac:66e4:713:cb00:e446:c317:fc39)



        “login”: “k.alexander”

        “password”: “thisIsNotARealConnection_2”,

        “publicKey”: “thisIsJustForAnExampleDoNotUseThisInYourConfFile_2.k”



You can add as many connections as you want to the connectTo attribute, following JSON syntax.

To allow your friend to initiate the connection INbound

In your conf file, you will see:



    // A unique string which is known to the client and server.

    {“password”: “password001”, “login”: “default-login”}

    // More passwords should look like this.

    // {“password”: “password002”, “login”: “my-second-peer”}

    // {“password”: “password003”, “login”: “my-third-peer}

    // {“password”: “password004”, “login”: “my-fourth-peer”}


    // “”:{“login”: “default-login”, “password”: “password001″,”publicKey”:thisisauniqueKEY_001.k”}


A conf file with multiple friend-nodes, setup INbound, should look like:



    // A unique string which is known to the client and server.

    {“password”: “thisisauniquestring_001”, “user”: “k.alexander”}

    // More passwords should look like this.

    //William Jevons (IPv4:; IPv6 fcaa:5bac:66e4:713:cb00:e446:c317:fc39)

    {“password”: “thisisauniquestring_002”, “user”: “William Jevons”}

    //Marilyn Patel (IPv4:; IPv6 fcbb:5bac:66e4:713:cb00:e446:c317:fc39)

    {“password”: “thisisauniquestring_003”, “user”: “Marilyn Patel”}

    // {“password”: “thisisauniquestring_004”}


    // “”:{“password”: “thisisauniquestring_001″,”publicKey”:thisisauniqueKEY_001.k”}


You need to give William Jevons (who is making the INbound connection) the following 4 items:

  1. Your external IPv4
  2. The port found in your conf file here:
    // Bind to this port. “bind”: “”,
  3. Their unique password that you uncommented or created: “password”: “thisisauniquestring_002”
  4. Your public key: “publicKey”: “thisisauniqueKEY_001.k”
  5. His username: “William Jevons”

His login credentials will look something like this (with your IPv4 and port):

“”: {

    “login”: “William Jevons”,

    “password”: “thisisauniquestring_002”,

    “publicKey”: “thisIsJustForAnExampleDoNotUseThisInYourConfFile_1.k”


Please note that you and your friend can initiate a connection either outbound (from YOU –> FRIEND) or inbound (from FRIEND –> YOU) but traffic flows both ways once the connection is established.

See doc/ for more details on configuration, including how to peer with other cjdns nodes over ethernet and wifi.

4. Secure your system – check for listening services

Once your node is running, you’re now a newly minted IPv6 host. Your operating system may automatically reconfigure network services to use this new address. If this is not what you intend, you should check to see that you are not offering more services than you intended to.

See doc/ for instructions.

5. Start it up

sudo ./cjdroute < cjdroute.conf

If you want to have your logs written to a file:

sudo ./cjdroute < cjdroute.conf > cjdroute.log

To stop cjdns:

sudo killall cjdroute

If you are having problems, use killall cjdroute to return to sanity. Use pgrep cjdroute or top to see if it is running.


This starts cjdns as the root user so it can configure your system without concern for permissions. To start cjdns as a non-root user, see doc/

❖ Support for Other Single-Board Computers (SBC)

Support for other single board computers such as the Orange Pi family of boards. So far all the boards that have been tested support Armbian and usually our install script needs no modification to work. To use one of these boards, start with the Armbian nightly images linked in the table below, then follow the same installation steps as the Raspberry Pi. Below is a table of boards we have tested and some metrics of what you can expect from the board.

❖ Support 802.11s usb WiFi Dongles

A list of compatible 802.11s adapters. Run sudo bash to get devices info for your hardware.

Click Here for the list of devices.

0 0 vote
Article Rating
Notify of
Inline Feedbacks
View all comments