802.11.s Mesh trunk?


There is a great solution listed in this topic, which involves using VXLAN to trunk multiple VLANs on top of an L3 network. I am using it with a 802.11s link as a physical layer and a network which is untagged "management".

My question is, if there is a solution to create a trunk link using a single 802.11s mesh connection either by tagging the default mesh0.100 interface and bridging it accordingly, or any other solution to tag and separate multiple networks? I'm looking to ommit any other in-between protocols like VXLAN which adds complexity to the configuration.

I have read that 802.11 wifi can not carry tagged frames, thus a wrapper is needed. I use b.a.t.m.a.n the vxlan or gre work also.

ATM I am too using batman-adv to carry tagged and untagged traffic.
I too stumbled upon to use vxlan, l2vpn, bgp-mp, in a wireless scenario.
I heard about people doing these nowadays in campus networks on their access switches but it was somehow news to me that people using it on APs too.
In a somehow huge or dense environment I see a benefit because admin layer2 sucks all the time and a layer3 underlay just feels more save and sane to me.
AFAIK frr is the only proper option ATM and I deeply hope in that the evpn branch is getting merged into bird.
But layer2 overlays (on a layer3 underlay) can really simply the survival in larger org networks.
At home it would be doable too and for the lulz of course.

Edit: yes I do run batman-adv to use vlans on a 802.11s mesh

as others have noted you could use BATMAN-ADV or VXLAN or GRETAP. I prefer VXLAN for it's simplicity and speed. I use BATMAN-ADV on one of my networks and while its main advantage is when you have multiple internet gateways BATMAN-ADV can identify and re-route traffic accordingly however its disadvantage is it's slow to learn the network topology meaning it takes a while to get up and running before traffic begins to flow. I think you might be able to configure the topology manually but I think that sort of negates the benefit of BATMAN-ADV in that it is an auto-learning protocol and can self-heal. VXLAN on the other hand is a more simple topology and as soon as the interface is up it starts moving packets although I have only used it on a network with no more than 5 APs and 4 VLANs so not sure how fast it's going to be with hundreds of APs. GRETAP is the simplest and fastest but is a P2P only protocol which is great if all you are looking to do is connect 2 APs. You could use GRETAP in a multiple AP scenario in a hub spoke arrangement I guess but then I think VXLAN just makes more sense then unless your systems don't support VXLAN.

1 Like

Vxlan ... gretap ... eoip et al are actually more simple but more flexible and powerful than batman-adv as these are L2-over-L3 tunnels whereas batman-adv is L2 only if my understanding is correct. The main advantage of batman-adv is its multi-gw capability but for a home user with 1 fiber connection this is not important to me. If I was tasked with setting up a massive network in a soccer stadium let's say I would have 10 internet gateways and use batman-adv to manage the internet gateways. The advantage of vxlan et al on the other hand can is they carry ethernet information as close to as the next router in your house or a router half way around the world and over any medium that can carry L3 data. The whole basis for vxlan et al to work successfully is that the vtep devices can ping each other. If they can ping each other you are 99% good to go.

  1. Create a vtep device on each of the routers we want to connect. For all intents and purposes this is going to be an ethernet device as far as openwrt goes. This device should be a dedicated vtep device so create a virtual ethernet device. Do it on both devices. Now make sure they can ping each other. If the vteps are on the same subnet this is a piece of cake. However as I have discovered if they are behind firewalls then it's not such a piece of cake and you somehow have got to work out how to get the vteps to ping each other. I have found most examples on google search using the wan as the vtep device because admins have trouble configuring the firewall to get internal adapters to ping each other successfully through the firewalls. I would advise against using wan as the vtep device and instead work out how to get the vteps to ping each other through the firewalls. Once they can ping each other make sure the correct ports are open.

  2. configure your vxlan et al to use these vteps as their tunnels ( i.e. option tunlink 'nameofvtep' ). If you're using GRETAP you're now finished and can add it to your bridges and start transmitting packets. If you are using VXLAN you just need to decide if you are going to use a multicast address for autodiscovery of nodes (generally Autodiscovery of nodes means that all VXLAN devices can auto locate new devices and talk to each other.

caveats: if you're carrying extra info such as VLAN tags you need to make sure the MTU size is large enough to carry the extra data. Use 2048 or 2304. The other caveat is keep naming conventions short and simple. I think the limit is 14 characters.