Hi all,
If I wasn't completely confused with network configuration before the new version of OpenWRT, I am now. I've been trying to set up my mesh router with the new version - I already have a mesh, it is working (admittedly somehow), but trying to set up a new node has been nothing other than a slew of attempts to somehow combine interfaces, devices , vlans and so on. Before you tell me to go read the wiki again, just know that I did quite a few times and it so far the bulb in my head hasn't come on.
So here's what I'm trying to do:
There's a guest network over the 802.11s/batman mesh. I am setting up a bridge node (dumb AP for this guest network). So here's my thinking:
There's an ethernet wire: 802.11s mesh
There's a virtual switch: bat0
There are ports in this switch: bat0.1...bat0.4
There's a non-mesh wifi network: guest_wifi
Somewhere on the mesh there's a DHCP server running that is supposed to lease an IP to a client connecting to the guest network, and that client should have access to the internet. The access point that I am setting up now shouldn't have an ip address, firewall, DHCP or DNS running. It should just forward traffic between the guest wifi and bat_vlan2, which is a guest vlan I decided.
My current atrocity of a config is below - but know that this is a thousandth attempt to make something work that I don't really understand and I just need to understand the idea behind it. It needs to click.
So can you please help me understand what is it I am doing and how all these pieces fit together?
Something like:
there's a network switch: bat0, it is a "physical" switch and it should be declared as a device, but it doesn't yet support the new syntax, so it is declared as an interface:
config interface 'bat0'
option proto 'batadv'
option routing_algo 'BATMAN_IV'
option aggregated_ogms '1'
option ap_isolation '1'
option bonding '0'
option fragmentation '1'
option gw_mode 'off'
option log_level '0'
option orig_interval '1000'
option bridge_loop_avoidance '1'
option distributed_arp_table '1'
option multicast_mode '1'
option network_coding '0'
option hop_penalty '30'
option isolation_mark '0x00000000/0x00000000'
there's a network cable (connector): nwi_mesh0. It's just a cable, but it is also a network, hence it is declared in /etc/config/network and the syntax is dictated by batman software:
config interface 'nwi_mesh0'
option proto 'batadv_hardif'
option master 'bat0'
So far so good, the batman is running, sees other nodes and there's some activity going on in the batctl o dump.
Now come vlans - they are ports in the switch and should be declared as list ports, but, again, the syntax is not there yet, so they are interfaces:
config interface 'bat0_vlan1'
option proto 'batadv_vlan'
option ap_isolation '0'
option device 'bat0.1'
These vlans should be bridged to a network. Or a network is a bridge. I tried both and it didn't work. But the last attempt was to create a 'br-guest' bridge that would bridge a guest network and a vlan:
config device
option type 'bridge'
option name 'br-guest'
list ports 'bat0.2'
option stp '1'
option ipv6 '0'
and
config interface 'guest'
option type 'bridge'
option stp '1'
option device 'br-guest'
option proto 'none'
^^^^ I am doing none there because:
a. According to: https://www.open-mesh.org/projects/batman-adv/wiki/Wiki :
This design bears some interesting characteristics:
- nodes can participate in a mesh without having an IP
...but b. According to: https://openwrt.org/docs/guide-user/base-system/basic-networking :
noneUnspecified protocol, therefore all the other interface settings will be ignored (like disabling the configuration)
So aaaanyway, that already seems to be jenga tower, but then we need to bridge a wifi to that tower.
The wifi declaration is this:
config wifi-iface 'wifinet3'
option device 'radio0'
option mode 'ap'
option ssid 'guestwifi'
option encryption 'psk2'
option isolate '1'
option key 'secret_key_!!!!1111oneone'
option network 'guest'
Why is it "network 'guest'"? I don't know! Just Luci doesn't allow to attach it to br-guest, where I planned for it to be!
Alright, there's also no firewall zone for this network and default firewal rules are accept anything and everything (I think) and dhcp ignores this interface (these interfaces) and.... a client wouldn't connect to the network - the "wireless" tab of Luci would show the client briefly popping up but then disappearing as I think the client fails to receive an ip address.
Can someone please explain this nesting mess of interfaces/devices/vlans/wifies and other stuff to me? Or if you insist, let try and read the documentation together. For starters, this page (https://openwrt.org/docs/guide-user/base-system/basic-networking) is not a part of networking chapter of documentation (https://openwrt.org/docs/guide-user/network/start) 