-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path30c3-5497.txt
91 lines (76 loc) · 5.09 KB
/
30c3-5497.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
Here, the subtitles for talk 10 years of fun with embedded devices are supposed to be created
Link and further information can be found here:
The language is supposed to be:
[ ] German
[x] English
(the orignal talk-language)
Amara Link: http://www.amara.org/de/videos/cbcDFgLuX9cL/info/
-------------------------------------------------------------------------------------------------------------
we are also working on configuration and validation in the backend in the traditional firmware we had one ...
which is wy to complex if you wanna have managed networks ...
the web interface itself is also seeing some big great changes right know
you may want to have things running in the browser
we have decided we can give the browser giving direct access
the web browser connect and get a token...
so given the scope of this system and what we did in a short time we called the system "kamikaze".
it has a nice recipe
we did several releases at that thime
we focussed at stabilizing
the radical aspects of the changes that we made backfired at us, so the release code name was fitting
after the backfire release we revisited some design decisions
we had at that time many targets running linux 2.6 and we had only one system (broadcom) running linux 2.4
so we decided since we would do some changes again, we would focus on the userspace
we had a lot of shell scripts
it's easy to create a lot of small scripts but it gets cumbersome, for example the network setup would get very comples vlans, networks, firewall setup and it was very cumbersome
also we started working on ipv6, protocol of the future and may be for some time
i'd like to take some short time to introduce what we did
ubus, with a name like dbus, but it weights only about 150kB
we wanted ot have something quite high-level, the system service is about 20kB
it is very high-level, and in some cases even higher than dbus
so we brought a second component to replace the earlier scripts and all that stuff and now we have one c daemon
you can tell it to reload
because sometimes we also have some complex configuration with interfaces that come and go
so this is a piece of software that does all of that
it's called procd and on top of being pid 1 it makes sure that services are restarted when they need to be
it can just keep the existing instance running
we merge the code path for reloading and restarting
the code path for reloading is usually just added as an afterthought and not well-tested
we're also working on configuration validation because with the original we made and it kept track of all what was changed which was way to complex if you have a software that has a database of all the devices like isps
so we're doing that all in a single place and that just makes it easier to change
you can basicaly add a new api in 10 minutes, or if it is implemented in c
you may want to have things running in the browser that you may want to have to talk to the system
of course, thee are security concerns as well
the webbrowser can connect
nothing else. and this just cuts down on the number of abstraction layers
so we also focussed a lot on ipv6 integration
we had some other components of regular linux distributions
and they are really hard to integrate with the rest of the system
with another system that may have a different design
we have our own ipv6
we can make sure that the kernel does not do weird things that mess up the routing table
that prefix is also distributed
if i'm getting a prefix just redistribute it to lan
with a typical linux distribution it is always a bit of a hassle
and we also handle the whole dhcpv6
we did not find a dhcpv6 server that would fit into the space constraints
the more code you have, the harder it gets to review all that
in many areas we are breaking new ground in what typical router design looks like
freeing ourselves of much of the structure of legacy devices
it's time to come up with our own coherent set of solutions
there is actually a diverse set of communities that do a lot of different things with these devices
this is the product that they came up with based on the input that they got
when it was released it was full of proprietry components for which we did not have replacements
the support was much to slow
we only figured this out by looking at gpl tarballs
they just tell the requirements they have to odms
give some nice graphics and design rules, so it's actually up to the odms to do the actual product
but instead of re-using the components that we made
some of the other parts that they kept were actually more fragile
if they get the product out the door, they just get the pressure to get the next roduct out the door
the problem is also that there is a lot of red tape
when they have lots of reasons to not do what we say
in many cases they want to have their competitive advantages and the recognize that hardware is not the only part
if we are going to do this hardware
there is only one problem with that: they are not particularly good at doing the software
even with the limitations attached that they have more trouble getting support
and the large part of this is that at least with some of the vendors i've talked to