Hello guys,
I'm trying to build a WiFi Mesh consisting of multiple Ubiquiti Bullet M2 devices using batman-adv. Instead of bridging the mesh with my lan interface (as described in https://openwrt.org/docs/guide-user/network/wifi/mesh/batman) I want to use a dedicated subnet for the mesh network (does this make sense?).
Every Mesh Point (802.11s) is connected to the subnet 172.31.1.0/24, the lan port and regular 802.11n network (I'm using different SSIDs) are bridged and connected to subnets 172.31.1x.0/24, with a different x for every access point.
So far, the mesh seems to be working and I can SSH to every Bullet from my computer. However, I cannot ping other clients that are connected to a different mesh point. For example, I'm connected to one of the bullets. My PC obtains the IP 172.31.10.50 from dhcp.
ping 172.31.10.1 # 'local' mesh point -> works
ping 172.31.14.1 # different mesh point, connected through 802.11s -> works
ping 172.31.14.146 # client on different mesh point -> no response!
Here are my config files of one of the mesh points (the others are set up accordingly with different IPs):
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix '<value>'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option ipaddr '172.31.14.1'
option netmask '255.255.255.0'
option delegate '0'
config interface 'mesh'
option type 'bridge'
option ifname 'bat0'
option proto 'static'
option ipaddr '172.31.1.14'
option netmask '255.255.255.0'
option delegate '0'
config interface 'bat0'
option proto 'batadv'
option routing_algo 'BATMAN_V'
option aggregated_ogms '1'
option ap_isolation '0'
option bonding '0'
option fragmentation '1'
option gw_mode 'off'
option log_level '0'
option orig_interval '1000'
option bridge_loop_avoidance '1'
option distributed_arp_table '1'
option multicast_mode '1'
option network_coding '0'
option hop_penalty '30'
option isolation_mark '0x00000000/0x00000000'
config interface 'nwi_mesh0'
option mtu '2304'
option proto 'batadv_hardif'
option master 'bat0'
config route
option target '172.31.10.0'
option gateway '172.31.1.10'
option netmask '255.255.255.0'
option interface 'mesh'
config route
option target '172.31.11.0'
option gateway '172.31.1.11'
option netmask '255.255.255.0'
option interface 'mesh'
config route
option target '172.31.12.0'
option gateway '172.31.1.12'
option netmask '255.255.255.0'
option interface 'mesh'
config route
option target '172.31.13.0'
option gateway '172.31.1.13'
option netmask '255.255.255.0'
option interface 'mesh'
config route
option target '172.31.15.0'
option gateway '172.31.1.15'
option netmask '255.255.255.0'
option interface 'mesh'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'pci0000:00/0000:00:00.0'
option htmode 'HT20'
option disabled '0'
option country 'DE'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid '<SSID1>'
option encryption 'psk2'
option key '<value>'
config wifi-iface 'mesh0'
option device 'radio0'
option ifname 'mesh0'
option network 'nwi_mesh0'
option mode 'mesh'
option mesh_fwding '0'
option 'mcast_rate' '24000'
option mesh_id '<SSID2>'
option encryption 'psk2+ccmp'
option key '<value>'
/etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'mesh'
list network 'mesh'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'mesh'
config forwarding
option src 'mesh'
option dest 'lan'
config forwarding
option src 'lan'
option dest 'wan'
Does anybody know what's the problem?