LoRaServer as Network Operator


#1

Dear @brocaar

I have a doubt about LoRaServer implementation. I would like to explain it with an example.

Let’s suppose that I want to deploy LoRaServer in my university to provide LoRaWAN infrastructure to any researcher from different groups. There is a particular group that are researching on a very secret project. Those guys are very jealousy of the data obtained from their sensors out there. According to LoRaWAN specification, Payload is encrypted with AppKey, which is different to NetKey. So I could agree with other researchers on not to share between us. Sensors will have both keys, encrypting payload with AppKey and encrypting packet with NetKey. As soon my network server receive the packet, it uses the NetKey to unencrypt it. Then, it should forward the still encrypted payload to the application server, a different server hosted by that research group. So far, so good.

My question is if that implementation is possible. I couldn’t find how to make it like that in my current LoRaServer implementation.

With best regards

Sebastian


#2

I wonder if I can install an app-loraserver in different administration domain than network-server.


#3

Yes, you can do this :slight_smile: Although you might not going to use Docker, please see this Compose example: https://github.com/brocaar/loraserver-docker. As each container gets its own hostname (loraserver, appserver, redis, postgresql, …), this example shows which fields you must update to run these components on different servers.


#4

Dear Brocaar,

Thank you for your kind response. After reading my own question, I realized that maybe I sounded confused. What I want to do is to divide network server of application server. To run them not just in different equipment, but also in different administrative domains (organizations). Of course, it will require to run in different machines. But that is not enough for what I am talking about.
I want avoid sharing network and app key. Or at least, I want to avoid to share AppKey with Network Server. You have seen this picture probably thousands of times:
LoRaWAN architecture

I hope to be clear this time. Thank you again for your time!

With best regards

Sebastian


#5

That is possible, again see the Docker example. In this case each component is started as a different container, with its own (Docker internal) hostname. This configuration is not much different from running LoRa Server / LoRa App Server on different machines :slight_smile: