Got my Luma devices all running openwrt now. Cannot figure out how to get them configured to work in a mesh like they used to do. Tried 802.11s but that doesn't allow for security.
Thoughts? @drandyhaas
Hi,
I've had success with 802.11s and batman.
802.11s does allow for security, and it does some form of routing, but beyond ~3 nodes it stopped doing what it should, and various nodes would be unable to contact each other. Batman, which runs on top of 802.11s, seems to solve that issue. It also offers more advanced things as a bonus.
This is the guide: https://openwrt.org/docs/guide-user/network/wifi/mesh/batman
Some packages you need in your build, and some that are just nice:
network -> alfred batctl-full iperf3
network/wirelessAPD -> remove wpad-basic, install wpad-mesh-openssl
kernel/network -> kmod-batman-adv
for archer c7 and other "wave 1" devices: (for luma the ct ones are good)
firmware -> ath10k non-ct drivers and kmod-ath10k non-ct
for luma also add:
utilities -> i2c-tools, nand-utils, usbutils
kernel/filesystems -> kmod-fs-exfat, kmod-fs-ext4, kmod-fs-vfat, kmod-usb-storage
Here's basically my setup:
/etc/config/wireless:
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11a'
option path 'pci0000:00/0000:00:00.0'
option htmode 'VHT80'
option channel '149'
option country 'US'
config wifi-iface 'mesh0'
option device 'radio0'
option mode 'mesh'
option mesh_rssi_threshold '-65'
option mesh_id 'HaasMesh'
option ifname 'mesh0'
option mesh_fwding '0'
option network 'bat_mesh0'
option key 'yyyyyyyy'
option encryption 'sae'
config wifi-iface 'wifinet2'
option encryption 'psk2'
option device 'radio0'
option ieee80211r '1'
option ft_over_ds '1'
option key 'xxxxxxxx'
option mode 'ap'
option network 'lan'
option ft_psk_generate_local '1'
option ssid 'D29C86_HaasMesh'
config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11g'
option path 'platform/ahb/18100000.wmac'
option htmode 'HT40'
option channel 'auto'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ft_over_ds '1'
option ssid 'D29C86_HaasMesh'
option encryption 'psk2'
option ft_psk_generate_local '1'
option key 'xxxxxxxx'
option ieee80211r '1'
So it's an 802.11s mesh on 5GHz channel 149, but without "forwarding". There's also an AP set up on that radio, and then another AP with the same ssid/pw on 2.4 GHz (auto channel), all with "fast handover", so you can "roam" between nodes with your wireless clients. You'll obviously want your own pw's for wireless mesh and the ap's. All mesh nodes have to be on the same channel and have the same mesh encryption / pw. The mesh is "owned" by network interface bat_mesh0, which is defined in /etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdb0:42d0:69f2::/48'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.2.1'
list dns '192.168.2.1'
option stp '1'
option ipaddr '192.168.2.3'
option ifname 'bat0 eth0'
config interface 'bat0'
option proto 'batadv'
option routing_algo 'BATMAN_IV'
option aggregated_ogms '1'
option ap_isolation '0'
option bonding '0'
option fragmentation '1'
option gw_mode 'off'
option log_level '0'
option orig_interval '1000'
option bridge_loop_avoidance '1'
option distributed_arp_table '1'
option multicast_mode '1'
option network_coding '0'
option hop_penalty '30'
option isolation_mark '0x00000000/0x00000000'
config interface 'bat_mesh0'
option mtu '2304'
option proto 'batadv_hardif'
option master 'bat0'
config interface 'wan'
option ifname 'eth1'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth1'
option proto 'dhcpv6'
Each node gets a static address int eh 192.168.2.x subnet, and points to 192.168.2.1 (the hub node) for the gateway/dns. So satellite nodes get ip's 192.168.2.2, ...2.3, etc.
eth0 (the "out" port) is here bridged with lan, so it's just a normal "lan" port like on a router. It is not set up for wired backhaul of "mesh traffic". If you want to do that, you'd take eth0 out of the lan bridge, and then add add it like this in /etc/config/network:
...
config device
option name eth0
option mtu 1560
config interface 'bat_eth0'
option mtu '1560'
option proto 'batadv_hardif'
option master 'bat0'
option ifname 'eth0'
Then eth0 is not a lan port, but could be connected to another luma eth0 port set up this way, and they should send mesh traffic to each other over the wire, and not over the wireless mesh, between those two nodes. Use "batctl o" to see how batman is going to send traffic to any given destination node.
eth1 (the "in" port) is set up just like a wan port, so you'd want it this way on the "hub" node. But you could also set up eth1 just like eth0 and bridge it with lan on all the "satellite" nodes, since you won't use wan on them. (In theory I think batman can do routing with multiple wan uplinks, and use them optimally in some sense, but I haven't tried that.) Or you could set up eth1 as an additional wired mesh backhaul port (but I haven't tested that), and then presumably string a whole wired chain of them together (but then you have no eth lan ports for wired clients).
Lastly, for all the satellites, make sure to "ignore dhcp" for the br-lan interface, and disable all dhcpv6 for it as well. This is easy in luci. On the hub, tell dhcp to start giving out addresses in the range .20 - .250, since lower ip's are reserved for the static routing nodes.
Thanks, I will give that a try.
I have 3 more luma's on the way. I had one that was bad and between my config issues and a bad luma I had one unhappy wife.
When I get the other 3 I will set them up separately from the house network and use them to fine tune what I need to do with the main network. I also add in a guest network so I will have to see about configuring mesh1 I think.
I tried to install the batman and kmod-fs items but I am running 5.4.59 and the min for those is 5.4.61. Looking to figure out that upgrade.
Just do
make menuconfig
and then select those packages, and then run make again.
I built the firmware per your guidance and the kernel is still at 5.4.59
Right, but if you included the packages during "make menuconfig", then they're already installed. So what's the problem?
will go at it again
rebuilt and loaded. I used your configuration to verify I didn't mess something up, under network->interfaces it says unsupported protocol type
I looked and I have all the recommended packages installed. I must have missed something.
No, that's normal for batman. There's just no luci plugin.
Ok, do not see the mesh advertised on my laptop nor my cell phone and after a reboot I have 4 radios
Hmm. The radios appear not to be on. You likely have some errors reported by dmesg. Maybe you didn't select the right wireless drivers during the build? (But this should be the same as whether you were doing mesh or not.)
Here's my ".config" file that goes in the openwrt directory and is made by "make menuconfig". Please compare to yours.
Actually, I lied above. I am using the ath10k-ct firmware and kmod-ath10k-ct.
(You only have to use the non-ct for some "wave 1" devices, like the archer c7 etc.)
I must not have the magic over here. I used your configuration and after loading on the luma I got nothing.
had 2 radios before rebooting, not it says there are 4
I was able to get the radios working by changing
platform/soc/a800000.wifi and platform/ahb/18100000.wmac to
platform/soc/a000000.wifi and platform/soc/a800000.wifi
but i only see D29C86_HaasMesh on my phone
Will load this up on the new luma's and test it out.
That's good. I must have posted wifi settings for some other router. Sorry!
Yes, you won't see the mesh wifi advertised to your phone. Just the access point(s).