Experiment – Mesh VPN setup with Tinc

This is super short post on my experiment with setting up a mesh VPN using tinc.


  • It’s used in creating a VPN out of many small networks that are geographically distributed
  • There is no concept of server or client in tinc, so nodes try to talk to each other directly or through other nodes

Actors in the mesh

<name> – name for each actor

  • Digital Ocean droplet <externalnyc> – to which all below actors connect to
  • Digital Ocean droplet <externalblr>
  • Laptop <fedora> (Home LAN)
  • RaspberryPi <pi> (Home LAN)

How Actors are connected ?

  • externalblr ===> externalnyc
  • fedora ===> externalnyc
  • pi ===> fedora

Assumption is that except externalnyc all others are behind a NAT/Firewall

IP for each actor in VPN

  • externalnyc –
  • externalblr –
  • fedora –
  • pi –


  • Every actor is able to talk to every other actor
  • Access services that are allowed in firewall



Creating a Logical Volume in LVM


I wanted to upgrade from Fedora 24 to Fedora 25 using the dnf upgrade utility. Before doing that, I wanted to take a backup in case any issue occurs. While installing Fedora 24 I chose LVM partioning scheme which I felt would help in case I needed to resize my drives without having shrink and expand other drives, which I was doing earlier.


The volume group that was created as part of installation had already used up all the space of the underlying physical volume. There was nearly half of the HDD space still unallocated, I had the following options:

  • Create a new physical volume and add it to the existing volume group
  • Create a new physical volume and add it to a new volume group
  • Extend the existing physical volume

Creating the partition

I felt it would be better to take option 2 from the above. I looked at some tutorials online like a crash course kind of stuff in playing around with LVM. So, the first step was to create a physical partion and for that I chose cfdisk which is an ncurses version of the fdisk utility. The process is as follows:

  • Launch the program with sudo cfdisk
  • The program showed the list of partitions and free space available
  • Choose Freespace from list of devices and select [ New ]
  • Give the partition size like Partition size: 100G and press Enter
  • It will ask if the partion is [ primary ] [ extended ] and I chose [ primary ]
  • The partition table will be listed with a new device for ex: /dev/sda2 (nothing is saved yet)
  • Choose [ Type ] and select 8e Linux LVM
  • Finally, choose [ Write ] to persist the changes

Creating Physical Volume

Check for the new device using lsblk or anyother equivalent command. Now its time to create the physical volume,

sudo pvcreate /dev/sda2

Check if the physical volume is created using the following command,

sudo pvdisplay

Creating Volume Group

Use the following command to create the volume group. The command used below takes the name for the volume group and space separated physical volumes that this volume group will handle.

sudo vgcreate <volume_group_name> /dev/sda3

Check if the volume group is created using the following command,

sudo vgdisplay

Creating Logical Volume

Use the following command to create the logical volume. The command below takes the size & name of the logical volume and name of the volume group which this logical volume will be a part of.

sudo lvcreate -L 149G -n <logical_volume_name> <volume_group_name>

Check if the logical volume is created using the following command,

sudo lvdisplay

Creating a disk out of the logical volume

Now that we have a logical volume, its time to create a drive out of it like /, /home, /boot, etc. Use the following command to create an ext4 partition,

sudo mkfs.ext4 /dev/<volume_group_name>/<logical_volume_name>

Check if the disk is created using either lsblk or sudo fdisk -l


A drive is now ready to backup the files or use it for any purpose. There are lots of ways and configurations available and I only picked ones which I needed at this particular moment.


Freifunk Gluon – My experiments so far – Updates

In my last post I was talking about Freinfunk Gluon,  Freemesh and what I was doing about it. This post would be a follow up to that.

So for a quick recap,

  • I had setup a node with Freifunk Gluon firmware from the Freemesh Denkmark community
  • Started setting up the gateway node to which other routers connect to and form a mesh

What is the current status ?

Well, I have completed the gateway setup and this post I am writing along with other network traffic from my laptop is going through the gateway. It’s not a big deal, because communities are using tools like Ansible & Puppet to automate the entire setup. But hey, this is very important to me doing it the long way.

How did I achieve it ?

My single source of knowledge of this setup (most of it) was based on Generic Freemesh Gateway from Freemesh Ireland community. Here’s what I did with respect to Gateway and Firmware setup


  • Create a VPS (5$) with Debian Jessie from Digital Ocean
  • Setup the necessary users, disable remote login for root, disable password logins and only allow key based logins
  • Setup a basic firewall
  • Download the necessary software
  • Setup B.A.T.M.A.N (for routing) & Fastd VPN (for connecting nodes)
  • Setup network interfaces
  • Setup DHCP & DNS (for mesh nodes & clients)
  • Setup NAT to forward the traffic from mesh nodes & clients to the internet
  • Setup vnstat for network statistics from various network interfaces
  • Setup Hopglass (frontend) & Hopglass Server to collect info from the nodes & display them on the map
  • Setup Grafana & Prometheus that provides data visualisation & monitoring respectively
  • Setup Fail2Ban to ban IP’s by reading logs & dynamically add rules to iptables

Building Firmware

  • Clone the stable branch of Freifunk Gluon
  • Clone an existing site configuration (its mesh node configuration actually)
  • Update the site configuration with details like community name, IP’s for the node, WiFi & ad-hoc AP configuration, gateway information (so the nodes could connect to it via Fastd VPN), etc.,
  • Build the firmware
  • Flash it on to the router

Some hurdles faced

In any task there would be some hurdles and its up to us to solve them and proceed. The main hurdle I faced was lack of understanding in networks & its configurations. So, I didn’t solve or learn all of them, instead I took steps to learn and understand them better through simple setup.

I wanted to try out some of the software I mentioned above and see how the configurations would actually work. Since, I mostly use my laptop for development, I made a better use of Raspberry Pi by turning it into a test bed to hone my skills. So, for the initial part I tried setting up the following on my Pi and use them from my laptop,

  • DHCP
  • DNS
  • NTP
  • Fastd
  • Iptables & NAT

For most of the part, I used tcpdump and syslog to monitor the output. By playing with the configurations, I was able get a good grasp on what was happening. There is still a lot to learn, but its a start nonetheless.

Then I faced some issues where the map wasn’t updated anymore, DNS & NTP requests were denied. Then after checking the logs could see that firewall was blocking those packets and so I had to add rules to allow the following (all these rules apply only to the private subnet),

  • DNS
  • Multicast
  • NTP

Some Pics

This slideshow requires JavaScript.

You can check the map here.

What then ?

I will be continuing to experiment with the gateway and node, then see what else I can do to proceed. I am planning to look at the Ansible scripts to automate the gateway setup and further improve my knowledge on networks.

Note: If peers in my local community are interested in this concept, we could try it out.

Freifunk Gluon – My experiments so far…

This will be a post about what I have been doing with respect to Mesh Networks for the past couple of weeks and also my post after a long time.

Am I new to Mesh Networks?

No, and I am not an expert either. I was introduced to Mesh Networks on the month of April’2016 from my friends at Chennai and Pondicherry. Though I have been part of Mesh Networks for the past 10 months, I have not been very active in the last very few months due to personal reasons and its on me. So, that’s it and I am not going to give lecture about the sequence of events.

Alright, I am not new. What then?

Though I have been inactive, I was a silent observer in the community groups watching over what was going on. Many times I would be so eager to jump in, but the fear of going inactive (which I do a lot) again held me back. Recently, there was a sudden spike among the peers about Mesh and how to bring it back up. That’s when in one our Matrix groups we got into conversation with guys from Freifunk and they were talking about the the Gluon firmware that’s being widely used in the Freifunk communities. That’s when there was sudden spike inside me as well and brought my lazy ass back up.

What happened?

Here, our idea was to setup nodes that were running OpenWrt firmware and a routing protocol called B.A.T.M.A.N at our houses using the cheaply available router TP-Link WR841N. It went fine and people even hosted services on the node like wiki’s, social platform and so on.

But, over time there was a disturbance in the force and we found issues that the routing protocol wouldn’t scale, cheaper hardware doesn’t have enough range, memory footprint and other xyz issues.

What different happened now?

In the current scenario, if there aren’t enough nodes at a given location, all we would be having are lonely island of nodes waiting to call/to be called. In Freifunk, they try to create Mesh Network over VPN. I have looked into technical details of this in depth so I will say what I understood.

The idea is that, the island nodes connect to the gateway nodes via VPN tunnel and they are fully meshed. It might sound like a client (island nodes) – server (gateway node) connection, but its not. The prerequisite of this setup and don’t start bashing me already,  is having an Internet connection. This might be counter-intuitive, but in the current scenario its one of the better ways to connect much spread nodes IMHO.

The routers are flashed with Gluon Firmware (fork of OpenWrt) image developed by the respective communities, which has all the configurations ready and just had to be plugged in to your ADSL modem and all is set. One can even access the internet offered through the gateway and you can also choose to share your internet connection with the public.

Stories aside, what was I doing?

Since, I learned of the above stuffs I started looking around wiki’s of those communities and tried to understand how its being done. One thing that was unique among the communities were that they were continuously updating, since there is no one silver bullet to the issue. I gathered the links (useful or not) and noted them down in a Mozilla Etherpad. Then I wanted to setup a node (not my initial intention) to learn and since the Freifunk guys who were talking with us were from Denmark and Ireland, I decided to flash the Gluon Firmware from Freemesh Denmark community.

The setup was fairly straight forward as I said above and I was able to see my node in the Node map. Though its not a big deal it felt good. Then I started to look into setting up ones own gateway to which nodes can connect to. I spun up a Debian droplet on Digital Ocean and started with the setup. I even bought a domain similar to ones used by Freifunk communities.

We learn from making mistakes and mine was jumping right in without at least contemplating the architecture of the setup. It took time as well, because I was doing it like in trial and error. That is when I took a pause and looked back. The gateway wiki’s I looked had the common steps,

  • Having a server with a reasonable capacity and bandwidth with installing necessary software and users
  • Setting up network interface and bridges
  • Setting up a VPN and its configurations
  • Setting up a routing protocol and its configurations
  • Setting up DHCP, DNS and their configurations
  • Setting up network statistics

I tried experimenting with the above configurations (divide and conquer) one at a time. Only when diving into the above concepts, I came to know how I suck at networking and its high time I get to know it better. At the least, I got to know some basic definition of the networking stuff. Nevertheless, I became comfortable with the setup than I was earlier and yet I am not master of it now.

Where I am now?

I have configured many of the steps and to see if they are working I checked the following,

  • Added my gateway’s IP as one of the VPN (fastd) peers in my router
  • Observed the logs on server, could see my router and gateway in handshake
  • The firmware I have uses BATMAN and so tried to see a list of originators using batctl o and could see my gateways MAC listed and vice versa. I was able to ping either side using batctl ping . Also, the result showed that the VPN was the interface through which the data was going through
  • Then I checked if my router got an IP from the DHCP server and yes it was getting it s well
  • Then, I saw my gateway listed as one of the nameservers on my router by checking resolv.conf.auto file on it
  • I connected my laptop to the mesh router’s hotspot and tried to see which was the DNS server that was used. I issued dig duckduckgo.com and could see my gateway’s IP in the command’s result.

The above gave me some incentive to proceed with the setup and learn along the way.

So, what’s the point of all this?

Whatever I have been doing is to try and explore the different possibilities and see if it could fit our needs. Will people show in interest this? honestly, I have no idea and this post is not some campaigning for Freifunk. But, I feel that this can be one of the ways we can unite people even though it is using the existing internet. As the technology is improving day by day, one day we might see full fledged implementation of mesh or at least better than what it is now.

Some links

Most of the links that I was looking at is recorded in this etherpad.

Note: Most of the sites are in German and suggest you have some translator plugin or Chromium to convert the page. That’s how I read it.

Steps that helped me with Digital Ocean server setup


     Hey everyone! From the title you might be wondering , “Why this guy would write about some setup that has been done a million times?”. Well, I could understand your frustration on that.  So, to give you a hint of why I am writing this blog in the first place, I will list down things that I wanted to do and how these different blog posts help me achieve that. So the list is as follows,

  • I need to get a feel of managing cloud environments (preferably GNU/Linux. Hint: I am a Free software activist 😉 )
  • Ah! I need a web server in the first place and there are many providers out there, who do I choose? who offers cheap plans? how easy is the setup?
  • I need to setup a simple web app that is running locally and make it run on the remote server
  • I bought a domain from a domain registrar and need to link it to my web server
  • I also need to make the app HTTPS enabled at zero cost (that’s an important step)

     These are reasons that I needed to achieve and to be honest I picked some needs along the way reading (sorry about that 🙂 ). Another reason for me to write this blog is that, some of these steps are linked and are well mentioned in the blog, which we either miss or ignore and end up with some issue.

Getting a domain name

     There are number of domain registrars out there who offer domain with various plans and features included. Choose which is best for you and go ahead with that provider. I am not going to share any howto’s here since the domain registrars have covered that.

Note: I needed to link my web server to a domain, so this is a necessary step for me

Getting a web server

     Domains are just one part of the story and web servers is the other. Like with domain names, there are lots of web hosting companies offering variety of plans to choose from. I chose to go with Digital Ocean (which this blog covers) who offered plans as low as 5$/month. Digital ocean calls their VPS (Virtual Private Servers) as droplets and the blog that you can read to get a server up and running in less than 55 seconds is given below.


Setting SSH key based access to your server

Read this first -> Do this step before you create your droplet because this is an optional setup while creating. This ensures that your server can only be accessed through ssh keys from an authorized machine rather than passwords. You can also do this after you have created the droplet by adding the keys to your server, by logging in with passwords that were mailed to you. Both steps are detailed in the blog given below.


Initial server setup with Ubuntu 16.04

     When you created the droplet you would have chosen any GNU/Linux distribution to get started with. Once you have done that, read the following blog to know about dangers of having a root only logins because,

With root comes power and with power comes responsibility

and how you can mitigate that with non-root accounts. The blog goes on about explaining the shortcomings of password based logins and how they can be secured with ssh keys.


Make your web host manage DNS for your domain

     When you purchase a domain say “www.vms20591.com”, mostly the domain registrar will be managing the DNS for you. That is, when you type “www.vms20591.com” the name gets converted to an IP address “”  and this is done by a DNS. You have to change the nameservers that are managed by your domain registrar to the ones managed by Digital Ocean. Digital Ocean has made a detailed blog post on how you can do this for many domain registrars.


Note: Honestly, I am really skeptical about this step because from some posts I read, people say you only need to point your domain name to the public IP address of your server from the control panel of your domain registrar and wait for the changes to propagate.

Setting up host name with Digital Ocean

     Once you have changed the nameservers for your domain to Digital Ocean, now you can go about managing your DNS from the control panel for your server.


Create a Python Flask Application with Nginx and uWSGI

Now, that you have a web server and domain name is linked it, we need to get to the fun part which is serving actually something meaningful. For this I chose to go with Python Flask since it so easy to get started and Python being my favorite. I have used uWSGI as the application server which is is capable of serving WSGI applications with greater efficiency and Nginx which is a high performance web server that acts as a reverse proxy. You can read more about the reason for it here.


Secure Nginx server with Let’s Encrypt

Now that your web server is up and running under your favorite domain you might feel accomplished. But, wait there is one more crucial step to be done. One more? yes, one more and it is securing your server with HTTPS. This is an important step that should be followed. For this, I used Let’s Encrypt which is a new Certificate Authority (CA – people who issue SSL certificates for your domain) mainly sponsored by Mozilla and EFF. The reason for choosing this CA is that you need not to go through a big process of getting your domain certified and its free, open and automated.



Hope this blog would help you get started with setting up and managing servers and get to know some best practices in doing so. Though this centers around Digital Ocean, the process should be similar for other web hosts and domain registrars.

Exploring Electron – framework for cross platform desktop apps in HTML, CSS & JS

This is small blog about Electron which I have just started exploring and getting to know the ropes. This is not intended to be a tutorial or something.

What is Electron?

Electron is an Open source framework, that is built on top of Chromium and NodeJs, which enables one to build native & cross platform desktop applications with HTML, CSS & Javascript (hottest celebrities of the web 😉 😉 ). Yes! you heard it right, electron allows you to build applications for Linux, Windows and Mac OS.

How to get started with Electron?

There are different ways in which you could get check out the demos,

  • Write a simple “Hello World” application from the official quick start guide is here
  • Clone the Electron quick start gihub repo and follow the instructions
  • Download the pre-built platform specific packages, extract and run the executable (the name should be “Electron API Demos”) from here

How does it look like after the demo?

I launched Electron in two flavors,

  • Launching from the pre-built package for my platform (GNU/Linux)
  • Installed Electron binary, wrote the demo code and launched the app

What more does Electron offer?

As of now, the community is actively developing and a lot useful packages and plugins ranging from,

  • code to generate boilerplate
  • package the app based on platform & architecture
  • create installer binaries
  • Test the application
  • Debug tools and so on.,

You could find the list here.

Views on Electron

From using it for the past couple of days, I should say I am really impressed about what this framework is and what it can do. Already a lot of apps have been developed and among them being WebTorrents-Desktop A framework like this will definitely enable programmers to create some cool applications with web tools and development won’t be limited to other languages which are being used currently. Hoping to explore more and come up with some apps for the community.

Find the list of apps currently developed here.

WebTorrent and my experience with it

     This is my experience from using WebTorrents platform to share media and files across. This is not a tutorial and I will point to the standard one.

What is WebTorrent?

     WebTorrent is a torrent client written in Javascript and build on top of WebRTC protocol which brings torrents to the browser. What? Did you just say to the browser? Yes, that’s right. First, lets see what torrents are in general and how we use them currently.

What is a torrent?

When we hear the word torrent we think of download movies, music, documents and games illegally. But, it is much more than that and its one of the best protocols out there.

     BitTorrent is a peer-to-peer file sharing protocol, were we share files to & from people (peers) around the world in a decentralized way. As opposed to downloading files from a FTP server which sends out the same copy to everyone, we share it with each other.

How torrent works?

To understand how this happens, lets take the example of downloading an ISO file of any GNU/Linux distribution and see what happens,

Torrent creation

The torrent uploader creates the torrent file with the some metadata like,

  • Name of the file
  • How many pieces the torrent has
  • Cryptographic hash of the torrent file and those individual pieces
  • Tracker address and so on
  • Starts uploading it
  • The uploader can stop seeding after the complete file with at least one other peer

Torrent download

  • You download the torrent file or magnet uri from the website
  • You open it with your favorite torrent client program like Transmission, Deluge, uTorrent, Vuze, etc.,
  • The client reads the metadata from the torrent and contacts the trackers (computers that have details about what files are being shared and the peers that share them) to find out which peers (seeders) have the file you are downloading
  • Once the tracker gives the information, the client then directly contacts that peer and asks for piece(s) of the file
  • Once, the client software has all the pieces it reassembles them like a jigsaw puzzle to produce the original file

The beauty of torrents is that,

  • Its decentralized
  • No need to wait for the entire file to download, you can pause/resume whenever you like
  • Ease the bandwidth of the server and use it for other purpose
  • When there are more people sharing it the bandwidth is increased, because every new peer need not ask the same person for the file
  • It brings about the feeling of a community where people give and take what they need

WebRTC protocol

WebRTC is a Real Time Communication (RTC) by the W3C , which aims at enabling voice, video and p2p applications between browsers through simple API’s. The highlight of this protocol is that everything is built into the browser and you don’t need any specific plugins or softwares to be installed to use it.

Checkout the FAQ‘s of WebRTC.

How WebTorrent is different from BitTorrent?

  • WebTorrent is built on top of WebRTC implementation that is aimed at having a true open and free p2p platform for applications like video/voice calling and file sharing
  • You do not need any special software or plugin to use it. Any WebRTC compliant browser with WebTorrent client would be enough (there is beta version of WebTorrent Desktop client software available here)
  •  WebTorrent is much more similar to BitTorrent and differs only in the way peers connect and data transport
  • Apart from the above point, WebTorrent works the same as BitTorrent does
  • So, the existing BitTorrent client software could make a change to accommodate WebTorrent clients too

Checkout the FAQ‘s of WebTorrent.

Getting Started with WebTorrents

Checkout the official blog to get started with WebTorrent here.

Using WebTorrent

I used the  follow the setup to test WebTorrent,

  • TP-Link WR841N router flashed with OpenWrt 15.05.1 and opentracker installed which is the torrent tracker
  • PC and Laptop running a GNU/Linux distro with WebTorrent-Desktop installed
  • I initially tried the following configurations,
    • Streaming between two WebTorrent-Desktop clients
    • Stream between BitTorrent client and WebTorrent-Desktop clients
  • Both configurations gave amazing results and helped me get a picture of what the concept is all about

Definitely looking forward to more from WebTorrent and WebRTC.

My experience with Mediagoblin application

     This blog is about my experience on installing and using Mediagoblin, which is a free software media sharing application.

Note: This is not a step by step tutorial and for that I would point you to the well written ones

What is Mediagoblin?

Quoting the official site,

MediaGoblin is a free software media publishing platform that anyone can run. You can think of it as a decentralized alternative to Flickr, YouTube, SoundCloud, etc.

Mediagoblin is,

  • free software – anyone can use, share, modify the software to suit their needs
  • decentralized – you can host your own instance of Mediagoblin or connect to other instances running around the world

Issues faced during installation

    I was always wondering if there was free software alternative to YouTube, Vimeo, etc., to share media. When I heard about Mediagoblin I got so much excited like a kid and wanted to get it up and running on my machine ASAP. That was my issue – need something so fast but without patience is not good and I messed up the installation the first time.

     But, after taking my time to get through the code, configurations and understanding how things came by was a real eye opener. I was able to fix them and got an up and running instance of Mediagoblin. So, I would suggest people who would like to install be patient while going through the installation instructions and don’t let the excitement ruin it.

     While installation I faced  issues ranging from dependencies to permissions and I have listed them out below,

Virtual environment issues

     The mediagoblin installation comes with an in-house virtualenv were a local python environment (directory named “bin”) is created in the root of mediagoblin directory to install all the dependencies. This might seem useful at first but once you want to remove mediagoblin and reinstall again, you would have to install those dependencies again. So, I would suggest using virtualenv or virtualenvwrapper to handle the environments.

Python dependency issues

     Mediagoblin uses easy_install for installing all the python dependencies into the virtual environment. While doing so, I ran into the error

raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: sqlalchemy

Here “sqlalchemy” is the dependency that couldn’t be found by installer. So, after looking at the trace I found out that while trying to install “sqlalchemy_migrate”, it was dependent on “sqlalchemy”. So, I was wondering what could go wrong with that, since we used to install them all the time like “pip install some_package”. But, it looked like the format in the requirements given in the egg package was incorrect.  For example, you have to edit the requires.txt from the “sqlalchemy_migrate” egg package,


Media type dependency issues

For audio and video media types, you need to have all the necessary libraries installed. During installation you won’t find any issue and when you start adding media exceptions will be thrown. This is briefly mentioned in the official blog here.

Issues running MedigaGoblin with Nginx

     Initially, I had the mediagoblin directory in /var/www or /srv/ directories which didn’t give any issues when accessing it from nginx. But, I usually have the projects in my home directory and I thought of doing the setup there and giving a symbolic link to the above directories. But, I failed to have the necessary permission to the directories and got permission denied errors while launching. So, make sure necessary folder & file permissions are set.

These are some of the issues I faced during installation.

Experience using MedidaGoblin

     I used mediagoblin for sometime and I should say that it is something different. It provides the ability to upload media types like Video, Audio, Raw image, Ascii art, STL/3d models, PDF and Document.

     I would say I like it just because of the fact that it is free software. We have the choice to improve the way it looks and way it operates. Though mediagoblin doesn’t attract me much because I am so much used YouTube, but in terms of philosophy it definitely got me thinking otherwise. Hope people would use it  and try to contribute and making it better.

Autostart scripts for MediaGoblin

    Joar Wandborg has written excellent init scripts to automate the task of starting or stopping mediagoblin here.

     The default scripts assumes that the python environment is in the directory where mediagoblin is installed and will be used as the python path. So, I modified the script to add a new variable that would point to the path where you can specify the python environment location. The script would use it if its present or fallback to the default configuration. You can find the github repo here.

Installation links

  • For the official installation for MediaGoblin 0.9 check here
  • There is another well written blog for step by step installation here

A day at Chennai Mesh Community – building the Yagi-Uda antenna

In this post I will briefing on the events that happened on Sunday (01/05/2016), were Free Software activists and hardware hackers from the Chennai Mesh Community joined hands together in creating a Yagi-Uda antenna.

First things first, Who we are?

I will keep things short in this section.

We are group of activists from Tamil Nadu, India who have a lot of interest and passion about Free Software and Open Hardware. Recently, we were introduced to Mesh Networks (which we later knew had existed for a long time) and understood that the Internet needs a serious change. We wanted to be a part of this because, Internet was something that was created for people, but now big corporations control one’s access to the internet. So, we created the Chennai Mesh Community with the goal of making Internet the way it should be.

We are a community of the people, by the people and for the people

You can find out more about us from our Facebook page here

Now to the actual post…

Why build it in the first place?

Prior to the having this activity on Sunday, during our regular meetups in person and through messenger, we usually discuss on what had happened in the previous meet and what is the activity for the next meet. So, we thought like why not build an antenna the coming week, because its the basic thing that makes wireless communication possible. If we are going to create a mesh network with routers, we have to bear in mind that the stock antenna isn’t that much powerful to achieve a sufficient range. That being one side of the reason, the other is, if we don’t know what an antenna is and how it operates then we can’t make a rationale decision in choosing a wise router or customizing one to achieve better results.

What we needed to build it?

In order to build the antenna we made use of this instructable as our guide. The reason we chose this guide is that, the materials that were needed in the construction were common household items like Popsicle sticks and paper clips or ones that could be procured easily. The only uncommon household items were coaxial cables and solders (common for Electrical and Electronic students though). So, we spent a fine evening (Saturday) shopping, to procure the parts we needed to build the antenna.

How we built it?

We assembled at 10 A.M in the morning to begin the work. We started out by creating the boom (mechanical support) with Popsicle sticks and gluing them together to form a sturdy base. Then we went on straightening out the paper clips and cutting them to precise length based on the antenna design. The hard part of the construction was interfacing the router’s radio unit with the antenna’s driven element through a coaxial cable. It was hard because, we couldn’t find the perfect cable for the job and improvised with using what we could easily get, which was a cable used for TV’s. Finally, we soldered the leads driven element to that the cable, then to the radio unit.


Fig (1) – The actual design for the antenna


Fig (2) – The elements that will form the actual antenna


Fig(3) – Elements glued to the boom

What were the results?

Initially, we were little skeptical if the antenna would even work, but we had a lot of faith it would. The antenna was working fine despite the hiccups procuring the right materials and doing a perfect build. We had two identical routers in the room, one with a stock antenna and other with the Yagi-Uda antenna. The latter one had a very strong signal than the former. Voila! we created our very first antenna which we have only seen from distance and in text books.


Fig (4) – Result “The signal was strong with this one”


Fig (5) – The team

What we learned?

People might think this to be a trivial task and though it might be, we mainly undertook this activity to understand what was happening under the hood of an antenna and how this simple mechanical structure actually transmits a signal over a long range.

Whats up after this?

Now that we built it using Popsicle sticks and paper clips and understood how the antenna works, we are planning on a building an efficient one with copper and taking into account the lesson learned and TODO’s from this activity.

Special mention

Our friends and fellow activists at  PYMeshnet made a Yagi-Uda antenna, which was one of the inspiration for us. The link to the post is here. I would also like to thank the entire Chennai Mesh community members and who were present in the activity which includes myself(Meenakshi Sundaram), Anand, Venkatesh and Ganesh, of whom Ganesh provided with a lots of insights and guidance on the technical part.

Virtualbox – SSH from host OS into guest OS

This would be a very short post on how to ssh into your guest OS from your host OS in virtualbox.

Though there are other ways in which you could access your guess OS from your host, I found the Port Forwarding method to be extremely easy to implement.

Note: I assume that you have installed an operating system in virtualbox and that openssh-server is installed in it

and the steps are,

  • Click on Settings in your virtualbox manager
  • Click on Network
  • Assuming that the default network type is NAT, click on Port Forwarding
  • On the  Port Forwarding Rules window, create a new rule by clicking on Add new port forwarding rule
  • Fill the table with following details that are necessary and rest can be left blank,
    • Name
    • Protocol – TCP (filled by default)
    • Host port – . Ex: 3000 (make sure its not being used elsewhere)
    • Guest port – 22 (since ssh runs on port 22)
  • Click  Ok on both Port Forwarding Rules and Network window

Note: You need not restart your VM and this can be done before you start or after you have started your guest OS

To test if you are able to ssh into your guest OS, make sure its up and running. Then from your host OS terminal type in the following,

ssh -p @

Ex: ssh -p 3000 vms20591@

and that’s it. You can now ssh into your guest OS. I found this from a stackoverflow post which made me to write this post.

I know what y’all thinking, “Picture is worth a thousand words”. Here you go !

Step 1: Click on Settings


Step 2: Select Network


Step 3: Add a new rule and Ok it


Step 4: Left window shows terminal from my host OS Linux Mint where I ssh into my guest OS Trisquel running in a virtualbox to the right


I basically write this post for others who wanted to try this and as a way for myself to remember what I have learned and to be reminded if I forget it 🙂 🙂