BATADV (mesh) the best decision?

Hi altogether,

I have setup some Archer C7 at my place to provide WLAN all over. So far so good - unfortunately I have some of these AP connected via Powerline Lan (d-LAN) and every single day I have to reset the LAN Adapters because they hang up.

That is the reason why i searched for another solution and found batadv as a mesh system. ALthough I am not really sure if this is the right thing I need or want. I would like to have one AP connected to LAN and all other connect between them theirselves and the one with LAN access.

And then I can connect to my SSID with my normal laptop? or other devices like cell phones etc?

Maybe some of you openwrt buffs can shed some light no my thoughts?

Thanks in advance, best regards, Hubert

Hi,

I'm exactly doing this scenario with my archers. But mesh will require non-ct drivers if you want good 5ghz performance and sae encryption. I didn't get the sae mesh ssid to work with (stock) ct drivers.

It works like this:

Ap1: Gateway/lan , mesh ssid "mesh5g", ssid "mywifi"
Ap2...3....: mesh ssid "mesh5g", ssid "mywifi"

Batman-adv has a bat0 interface . This needs to be bridged with "lan" and "mywifi" on ap1. bat0-hardif to be attached to "mesh5g" on ap1+2+.... . Ap2 bat0 has to be bridged with "mywifi".

If you link each to each node and more than two, bridge loop avoidance should be enabled on batman.

It may be more than what you need in a setup with only 3 nodes and the assumption that you will manually set up the network and keep all the nodes up and running and in the same locations. For that you can probably use the much simpler AP(WDS) -- STA(WDS) links. An AP running in WDS mode can also accept non-WDS connections from regular clients, so no need to have separate backhaul and user AP interfaces.

First thing to do would be to investigate the wifi strength of the paths between the routers. Run scans on each one looking for the AP of the other one. Ideally you receive signal better than -70 dBm (more toward zero). -75 is acceptable but speed will suffer.

1 Like

hi

thanks for your help! I know about WDS but since i have are 7 AP I think mesh would be the better solution.

catfriend - what are non-ct drivers? and how do i get these? would it be possible to see your configs?

TIA Hubert

hi again,

just saw that there are a lot of threads about non-ct drivers :slight_smile:

still maybe it would be possible to get a working config please? the how to here does not really work for me :frowning:

tia hubert

Ok, I'll see my documentation when on a computer next time and make some excerpts of configs.

great thank you in advance

SSH: Replace wpad:

opkg update
opkg remove wpad-basic
opkg remove wpad
opkg install wpad-mesh
reboot

SSH: Install non-ct drivers:

opkg update
opkg remove ath10k-firmware-qca988x-ct kmod-ath10k-ct
opkg install ath10k-firmware-qca988x kmod-ath10k
reboot

SSH: Install BATMAN:

opkg update
opkg install batctl-full kmod-batman-adv
reboot

WinSCP: Edit /etc/config/network

  • Add BATMAN hard if
config interface 'nwi_mesh0'
	option mtu '1532'
	option proto 'batadv_hardif'
	option master 'bat0'
  • Add BATMAN tunnel if
	option proto 'batadv'
	option routing_algo 'BATMAN_IV'
	option aggregation '1'
	option ap_isolation '0'
	option bonding '0'
	option fragmentation '1'
	option gw_mode 'off'
	option log_level '0'
	option orig_interval '10000'
	option bridge_loop_avoidance '1'
	option distributed_arp_table '1'
	option multicast_mode '1'
	option network_coding '0'
	option hop_penalty '30'
	option isolation_mark '0x00000000/0x00000000'

WinSCP: Edit /etc/config/wireless

  • Configure 5 GHz "radio0"
config wifi-device 'radio0'
	option type 'mac80211'
	option beacon_int '100'
	option channel '36'
	option hwmode '11a'
	option path 'pci0000:00/0000:00:00.0'
	option htmode 'VHT80'
	option txpower '20'
	option country 'DE'
	option legacy_rates '0'
	option disabled '0'
  • Configure mesh SSID
config wifi-iface 'wifinet0'
	option device 'radio0'
	option disabled '0'
	option mode 'mesh'
	option mesh_id 'mesh5g'
	option encryption 'sae'
	option dtim_period '1'
	option disassoc_low_ack '0'
	option key 'MY_LONG_MESH_PASSPHRASE'
	option network 'nwi_mesh0'
	option mesh_fwding '0'
	option mesh_rssi_threshold '0'

These parts fit for all of your Archer C7 v2|5 devices. It will establish the BATMAN tunnel interfaces and connect nodes each other via the wireless mesh protocol, WPA3/SAE encrypted. You now have an "empty mesh" because no "normal client" Wifi SSID gets data to/from it and no LAN uplink port gets data to/from it.

  • device A individual configuration

Now select device A as the "LAN to mesh" AP where you connect your internet router (or the internal network you'd like to put on the mesh-connected Archer devices and their WiFi SSIDs). E.g. let's bridge the VLAN 10 connected to the WAN port of device A into the mesh.

image

  • device B individual configuration

Now select device B as the "mesh to WiFi" AP where you connect the bat0.10 (= VLAN 10) to your normal AP SSID "mywifi". You do this the same way as in the picture above but selecting "bat0.10" and your "Wireless Network: Master "mywifi" (VL10)" networks from the drop down box.


You can use the device B sample setup on C, D, (...) devices. They will then all "emit" the SSID "mywifi" which is brought through the mesh interconnection "mesh5g" between A, B, C, D, (...). Of course, device A is also able to add "mywifi" to the existing "bat0.10 eth1.10" bridge if you want to use your "normal" SSID there, too.


You can also bridge your LAN interface directly to bat0 (without the "dot-number" VLAN notation). But then, only one (separate) logical network can live on the mesh. Using VLAN is good, e.g., if you want to put your internal and a guest network with different VLAN tags on the mesh.

2 Likes

hi catfriend,
great thank you very much for your configs. I just copied them to two devices and basically it looks good - although I have two questions:

  • for the BATMAN tunnel if - am I right that the "config interface " is missing? I used 'bat_tunnel' for that one?

  • and I didn't hook up any vlans yet, both boxes are connected to the lan. for my understanding since the link is up between both aps, only one needs to be connected to the lan and the other still should be pingable over the mesh? right now the two ap have 10.20.6.170/24 and 10.20.6.171/24 - but if I disconnect one of them it is not reachable anymore?

sorry for these questions, may sound stupid but right now I am really having a hard time to understand how this is working :frowning:

thanks in advance

Hubert

hi catfriend,

I just found the error by myself... I had to connect the bat_tunnel with the wlan interface and the lan interface.

so basically if I have multiple vlans - I need to have a trunk to the switch... then seperate ssid per vlan and then the bat_tunnel interface as bridge to that vlan and ssid?!

also, I have to configure the SSIDs on every ap as far as I know by now?

thanks, Hubert

Yeah, trunk on one switch port sounds good :). Basically yes, if you like to experiment it's time consuming uploading new wireless configs to each ap manually. I've made a script which can be run on a debian box and ssh's to all my ap's. It has templates in a folder and from there it constructs the wireless file for radio, mesh and ap parts automatically (also with exceptions if one ap has a special role) and then uploads the config to the ap's logging if this succeeded.

catfriend...thanks again for your help - I will have a deeper look into vlans over the weekend.

btw...I have an error message on my openwrt (Interfaces):

Unsupported protocol type.
Install protocol extensions...

is there any solution for this?

thanks in advance, Hubert

Hmmm which is the protocol type? Luci can't configure the batman interface, so if it's that its normal.

AAAH ok, yes it is the batman thing. I just thought I made something wrong because somewhere I read this was a "bug" and was solved...

Thanks anyway, looks good as it is running two days now :slight_smile:
Hubert

1 Like

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.