The following instructions will help you set up an encrypted mesh network on Raspberry Pi’s. It takes about 5 minutes to set up a node with the Pi 3. Obviously, to have a mesh you will need more than one node.
Make sure you have the following items:
Flash the SD card with Raspbian Jessie Lite.
Create an empty file named ssh to enable SSH when the Pi boots:
$ touch /path/to/sd/boot/ssh
Plug the SD card and USB WiFi adapter into the Pi.
Plug the Pi into your router, so it has connectivity to the Internet. SSH into the Pi with
ssh email@example.com password raspberry.
Optional: There are other ways to connect, such as connecting the Pi to your computer and sharing Internet to it. Or if you have multiple Pi’s connected to your router, find its IP with
nmap -sn 192.168.X.0/24(where 192.168.X is your subnet) and SSH to the local IP assigned to the Pi you want to address
In your SSH session, run
passwdand change your login password. It is very important to choose a strong password so others cannot remotely access your Pi.
Run the following, then let the installation complete. After about 5 minutes the Pi will reboot:
$ wget https://raw.githubusercontent.com/tomeshnet/prototype-cjdns-pi/master/scripts/install && chmod +x install && ./install
The installation script can also install many optional features such as distributed applications and network analysis tools that are useful but non-essential to run a node. You can use flags to selectively enable them, or use the following command to install all optional features:
$ wget https://raw.githubusercontent.com/tomeshnet/prototype-cjdns-pi/master/scripts/install && chmod +x install && WITH_MESH_POINT=true WITH_WIFI_AP=true WITH_IPFS=true WITH_PROMETHEUS_NODE_EXPORTER=true WITH_PROMETHEUS_SERVER=true WITH_GRAFANA=true WITH_EXTRA_TOOLS=true ./install
|Feature Flag||HTTP Service Port||Description|
||80: HTTP-to-IPFS gateway at
||9100: Node Exporter UI||Set to
||9090: Prometheus Server UI||Set to
||3000: Grafana UI (login: admin/admin)||Set to
If you are connected to the WiFi Access Point, all HTTP services are available via
http://10.0.0.1:PORT as well as the cjdns IPv6. To connect with the cjdns address, first note your node’s fc00::/8 address from
status, then navigate to
http://[fcaa:bbbb:cccc:dddd:eeee:0000:1111:2222]:PORT from your browser.
Give the Pi about 15 seconds to reboot and SSH back into it. You should find the status of your mesh node automatically printed. You can also print this anytime by running
Verify that cjdns Service is active, and Mesh Interface (if applicable). The NODE section should display a single IPv6 address, that’s the identity of your Pi in the cjdns mesh. The PEERS section should indicate a list of IPv6 addresses that are active peers to your node. This list will be empty, until you have another nearby node with the same set up.
You can benchmark the network throughput with more than one node. Let’s name our two Pi’s Hillary and Friend.
SSH to Friend and note its IPv6.
iperf3 -sto start listening. Do not end the SSH session.
In another Terminal session, SSH to Hillary and run
iperf3 -c FRIEND_IPV6. You should start seeing Hillary sending encrypted packets to her Friend. See phillymesh/cjdns-optimizations for expected throughput.
Update & Uninstall
To uninstall the services, run
If you are updating, run the same uninstall script, but keep all configuration files and data directories when prompted, remove the prototype-cjdns-pi directory along with the install script, then repeat the last installation step.
Experimental Support for Orange Pi
We are adding support for Orange Pi boards and have tested with the Orange Pi Zero (Armbian nightly), Orange Pi One (Armbian nightly), and Orange Pi Lite (Armbian nightly). Instead of flashing Raspbian, start with the Armbian nightly images linked above, then follow the same installation steps as the Raspberry Pi.
Following is a list of hardware tested with the install.
|Hardware||Base OS||CJDNS Bench~||USB||Ethernet||Notes|
|Raspberry Pi 1 A+||Raspbian Jessie Lite||35K||1||None|
|Raspberry Pi 1 B+||Raspbian Jessie Lite||35K||2||10/100|
|Raspberry Pi 3||Raspbian Jessie Lite||2||10/100|
|Raspberry Pi Zero||Raspbian Jessie Lite||1||10/100|
|Orange Pi Lite||Armbian Nightly||126K||2||None|
|Orange Pi One||Armbian Nightly||131K||1||10/100|
|Orange Pi Zero||Armbian Nightly||70K||1(+2*)||10/100||*Additional USB available via headers|
|Orange Pi Zero Plus 2 H5||Armbian Nightly||142K||0(+2*)||None||*USB available via headers|
You can install from a specific tag or branch, such as
$ wget https://raw.githubusercontent.com/tomeshnet/prototype-cjdns-pi/develop/scripts/install && chmod +x install && TAG_PROTOTYPE_CJDNS_PI=develop ./install
If you are developing on a forked repository, such as
$ wget https://raw.githubusercontent.com/me/prototype-cjdns-pi/develop/scripts/install && chmod +x install && GIT_PROTOTYPE_CJDNS_PI="https://github.com/me/prototype-cjdns-pi.git" TAG_PROTOTYPE_CJDNS_PI=develop ./install
To add a new module, use scripts/ipfs/ as an example to:
- Create a
- Create scripts/new-module/install and scripts/new-module/uninstall
- Make corresponding references in the main install, install2, status, uninstall files