config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config device
option name 'br-mgmt'
option type 'bridge'
list ports 'lan4'
config interface 'management'
option br-mgmt'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
Firewall zone for this network:
config zone
option name 'management'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'management'
How would I enable DHCP for this?
Ideally I could do this wirelessly, say with another virtual AP on wlan0. I have the repeater in a relatively difficult place to access and connecting a wire to it is not convenient.
I have for example a smart thermostat and a Chromecast that I want to be able to control if I am connected to the primary AP or the repeater. So I need things to be on the same subnet to avoid the hassle with changing connections as I walk from one side of the building to the other.
I would likely use the package you mentioned if that were the case.
Okay great so lan management interface works fine now with the following network configs. Maybe I wasn't accessing properly before. I set computer ethernet to 192.168.1.2 with gateway 192.168.1.1 and plugged into a lan port.
Since the management network is a bridge, you can add additional physical ports to it either wired or wifi. The wifi should be on the radio that does not have a STA interface though, since the whole radio stops while a STA is unable to link to its AP.
Do not refer to wireless interfaces in /etc/config/network. Use option network in /etc/config/wireless. option network 'management' will ultimately include the wifi AP in br-mgmt. (If there are no Ethernet ports in the bridge, there would be no ports listed in the br-mgmt definition in /etc/config/network) You can confirm this by running brctl show to display the bridges that exist.
When a wifi STA mode interface loses contact with its AP, all other interfaces on the same radio will shut down.
When using relayd, the upstream network is required to serve DHCP. If contact with the upstream network is lost, the relayed network will become inaccessible.
When you say this by relayed network do you mean the 192.168.2.0/24 subnet? It's fine if I can't access the main AP, I just want to be able to configure the router wirelessly.
Also to address the issue you mention about a "wifi STA mode interface" losing contact with its AP, could this be a solution where the STA router would reboot if the hotspot went down?
There are still a couple of questions I have about my current setup.
Keep in mind I currently connect the STA with radio1 to the AP, and I use radio0 to broadcast that network.
Can I have radio0 wlan0-1 broadcasting a different network than wlan0? So wlan0 would be getting IP addresses from the main AP (192.168.2.0/24) and wlan0-1 would be the wireless management interface on a different subnet (192.168.1.0/24).
Is there an alternative to relayd? Main AP is Broadcom STA is MTK so WPA is not an option.
Your PC will be stuck waiting for the broken network to deliver a DHCP IP, so it can't reach anything.
Which is why myself and others suggested a separate network and dedicated Ethernet port and / or wifi SSID for administrative purposes. That network would be complete with a local DHCP server so you can always log in.
Can I have radio0 wlan0-1 broadcasting a different network than wlan0? So wlan0 would be getting IP addresses from the main AP (192.168.2.0/24) and wlan0-1 would be the wireless management interface on a different subnet (192.168.1.0/24).
I'm having trouble figuring out how to configure this in networking.
Yes, you could have multiple SSIDs running on the same radio. This works as long as radio0 does not also have the upstream (wwan) connection -- based on your configuration, it looks like radio1 is used for the sta mode operation, so using radio0 should be not be affected if radio1 goes down.
If you want everything on the same subnet then vanilla 802.11s works (if your routers support it). It still suffers from the DHCP issue but not as bad. You can at least access LuCI admin from the LAN ports using a manual connection on your NIC by default. You can then access any node that is up and assign a DHCP server which restores the LAN (and then reconfigure it for WAN). Wireless clients would still need @mk24 's solution to get back in though. Tested on C7v2, ver 22.03.0, 802.11s on 5Ghz/WPA3 with 2 nodes.
Nobody mentioned yet IPv6 Link Local? (I have not read the whole thread, only have done a quick search )
So, I assume we have just (multiple) dumb AP on a Layer-2 and no proxy ARP and whatsoever... (In my case dumb AP are bridged with 802.11s and batman-adv)
# Lets ping "all routers" (I assume we have not disabled `forwarding` on the WAP)
# ping ff02::2%wlan0
PING ff02::2%wlan0(ff02::2%wlan0) 56 data bytes
64 bytes from fe80::1ff:fe01:41%wlan0: icmp_seq=1 ttl=64 time=2.57 ms
64 bytes from fe80::3ff:fe01:41%wlan0: icmp_seq=1 ttl=64 time=12.7 ms
64 bytes from fe80::1ff:fe01:41%wlan0: icmp_seq=2 ttl=64 time=3.05 ms
64 bytes from fe80::3ff:fe01:41%wlan0: icmp_seq=2 ttl=64 time=9.61 ms
^C
# Just to show that we have them in our neighbor table
# ip -6 n | sort -V | grep -e '^fe80'
fe80::1ff:fe01:41 dev wlan0 lladdr 02:00:01:01:00:41 router DELAY
fe80::3ff:fe01:41 dev wlan0 lladdr 02:00:03:01:00:41 router REACHABLE
# ssh root@fe80::3ff:fe01:41%wlan0 cat /etc/banner
Error: any valid prefix is expected rather than "fe80::3ff:fe01:41%wlan0".
Warning: Permanently added 'fe80::3ff:fe01:41%wlan0' (ED25519) to the list of known hosts.
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 21.02.1, r16325-88151b8303
-----------------------------------------------------
As long as as there is still a layer-2 connection this should work.
Sorry, to not contribute to finding a solution right now, just wanted to express support for OP's struggle. OpenWRT and the Luci Interface are sometimes very hard to understand for new-comers. It already starts with "br-Lan". I believe there is not a single person here who has not googled or looked at OpenWRT's help page to find out what this means, apart from the Developers who coined the term, but I digress. When I first started to use OpenWRT, It took me days to figure out by trial and error how I could access my repeater reliably without locking myself out and having to flash again. I first had to learn what DHCP really means...
I really really like the possibility to customize and create complicated configurations with the Luci interface, but I also think there should or could be a better UI for this particular problem. Something that is more new-comer friendly.
So I think the problem I’m having is just a basic idea of how to configure and have these three config files work together to create a wireless management station (wireless access to Luci that works when the Dumb AP isn’t being assigned an IP from the main router).
So I’m stuck on the “interface” and “network” part. If I create a new wireless station in Luci it looks like that gives me a new device like “radio0-2” for example.
So then how can I have that have a dhcp server that assigns an address to a client that logs into it?
Which config? 802.11s + batman-adv? I can but this does not have any impact here.
Because, to use the link local stuff there is nothing to do here.
Except: Not disable IPv6 at all which in itself is a bad idea anyway.
But if you just have a default OpenWRT install this is all available to use.
ff02::1 all nodes
ff02::2 all routers
and some others
To ping these addresses you need to specify the interface, like ping ff02::1%eth0. (On Linux there is a corner case that sometimes you do not need to specify it, IF and only if you have only a single interface connected, but the better option is to just specify it every time.)
If you ping the all-nodes or all-router address you get a response from each device. Older(?) implementaitons of ip-utils will show the answers as (DUP! - Duplicates) this can be ignored. Like I've written before, to gather the information afterwards, have a look at the ip neighbor table with i.e. ip neigh show dev <interface>. If you now the MAC address of the remote device you can grep for that, too.
Does this answer you question @spreck? Feel free to PM me if it will go off-topic.
)