Notes from the session
32 Online at the beginning of the session, 42-44 people online after 20 mins past (6 LocNet/APC staff and presenter Federico). 32 still there at 16:30
Federico gained experience in Freifunk and Google summer of code to build OpenWISP
OpenWISP is an Open network management system.
Based initially on OpenWRT but hoping to expand to other platforms.
Can be a big or a small network and can automate addition of new devices.
Installing OpenWISP makes sense when the network is large enough that manual management is too time consuming and people need to share responsibility of managing the network.
Started in 2008 developed by a consortium of Univs and then in 2010 with and schools municipalities in Rome.
2015-2017 OpenWISP2 to expand functionality beyond hot-spots
2018-2023 – Many new users and ISPs, hardware vendors etc. - can now do automatic tunnel provisioning and many other features.
New goal is to support new devices and to make it easier to use – aim is to be the ‘Wordpress’ for network management. Need one platform that supports many different types of hardware on the same network, including proprietary platforms. Needs users to give feedback, and developers, and funding. It will take years to accomplish these goals. All source is on github
Functions:
• Dashboard: Map, charts of status of devices on the system, users of system and traffic over time.
• Multi-tenancy (a single OW can be used by multiple organisations), permissions, email confirmation, Rest API.
• Configuration manager is the most important part of OpenWISP – config/device management, VPN provisioning, change roll-back, templates, geographic/indoor location, IPAM. Advanced mode allows user to alter config directly without the UI limitations.
• VPN – can do OpenVPN, WireGuard and ZeroTier.
• Monitoring module provides resource use indicators – configurable alerts.
• Network topology maps and history.
• Radius module.
• Plugable modules – e.g Django apps
OpenWISP is based on Ansible for deployment/installation.
- Standard protocols: what’s about yang/netconf ? or a very common one like cwmp/TR069 ? - definitely on the roadmap, need to find funding for it.
- Would it be fair to characterize permission groups as the equivalent of “user roles” in standard RBAC? - Yes.
- Can OpenWisp deploy individual packages rather than a full firmware? - Not yet envisaged, but individual packages could be installed via command line.
- Mikrotik, LTE data? – if there is enough interest we can do it, or we could reflash MikroTik router.
- Does OpenWRT have any support for Opportunistic Wifi Encryption (OWE) ? - Yes
- Are there plans for OpenWISP to release an easy to deploy/set up docker container for improved accessibility? - OpenWISP may be too complicated for docker – too many different local environments – using kubernetes in these environments is technically difficult – unless you have many 1000 devices, it doesnt’ seem necessary.
- Wifi roaming (802.11r) support – yes supported
- Do the configuration rollbacks still work if a misconfiguration leads to an unrecoverable state? - OpenWISP will take the backup if the configuration fails - becoming more robust.
- OpenWISP bus model – Federico’s team sells support to organisations, and custom development, also participated 7 times in Google Summer of Code.
- High availability, failover - can or is that done by Openwisp, or should we do it on the hardware? - This is in the configuration – load balancing, or multiple management VPNs – can be built into the system.
- In session advertising – can be done by changing the splash page data.
- Language support – could be done easily
- IP6? - Depends on Open-WRT, but hasn’t had much call for it.
- Paid subscription/premium module? As our business, for a deployment we charge 2000 euros, including support, deployment, training. The cloud system is available for less – 200 / year. Over time we will make these subscription modules free.
- QOS – OW is flexible and this can be done via different ways, such as SSIDs with different shaping – it would be up to openradius configuration – e.g depend on the radius group they are assigned to.
The OpenWisp event - has moved to this room :