Mesh encryption doesn't work on Mi Router 3 Pro

darling · September 17, 2021, 3:02am

I have two Mi Router 3 Pro. Both the firmware version are OpenWrt SNAPSHOT r17520-5ef4608c02

I want to setup mesh on them. I have followed the instruction in https://openwrt.org/docs/guide-user/network/wifi/mesh/80211s.

But I found when I setup encryption mesh as following.

config wifi-iface 'wifinet2'
        option device 'radio1'
        option mode 'mesh'
        option mesh_id 'mymesh'
        option mesh_fwding '1'
        option mesh_rssi_threshold '0'
        option network 'lan'
        option encryption 'sae'
        option key 'password'

the mesh are not built. By checking the log, I found following errors. It seems the system doesn't know the mesh mode.

Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Line 8: too large mode (value=5 max_value=4)
Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Line 8: failed to parse mode '5'.
Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Line 9: unknown network field 'mesh_fwding'.
Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Line 10: unknown network field 'mesh_rssi_threshold'.
Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Line 17: failed to parse network block.
Thu Sep 16 10:02:33 2021 daemon.err wpa_supplicant[1554]: Failed to read or parse configuration '/var/run/wpa_supplicant-wlan0.conf'.
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): Command failed: Invalid argument
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): Interface 0 setup failed: WPA_SUPPLICANT_FAILED
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): Failed to parse json data: unexpected end of data
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): WARNING (wireless_add_process): executable path /usr/sbin/wpad does not match process  path (/proc/exe)
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): Command failed: Invalid argument
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): command failed: Link has been severed (-67)
Thu Sep 16 10:02:33 2021 daemon.notice netifd: radio0 (11796): command failed: Link has been severed (-67)

And I have checked the device should support mesh mode. When I run iw list | grep "Supported interface modes" -A 9, I got

	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point
		 * P2P-client
		 * P2P-GO
	Band 2:
--
	Supported interface modes:
		 * IBSS
		 * managed
		 * AP
		 * AP/VLAN
		 * monitor
		 * mesh point
		 * P2P-client
		 * P2P-GO
	Band 1:

I also try to setup mesh without encryption as following.

config wifi-iface 'wifinet2'
        option device 'radio1'
        option mode 'mesh'
        option encryption 'none'
        option mesh_id 'mymesh'
        option mesh_fwding '1'
        option mesh_rssi_threshold '0'
        option network 'lan'

It seem works, I can see the associated station. But when I check the log. I find the message

device wlan1 entered promiscuous mode,

I don't know if it is right or not.

I have also tried to use wpad-mesh-openssl instead of the default wpad-basic-wolfssl. But I still got the same result.

I have also tried to use wpad-mesh-wolfssl as suggested in Mesh 802.11s encryption does not work. I still got the same result.

I have also tried the stable firmware version 21.02.0, I still got the same result.

Please help me, thank you very much.

markbirss · September 17, 2021, 8:52am

Check out this YouTube Video

OpenWRT - 802.11s Mesh WiFi Network

Or this Carlos Gomes Guide

darling · September 17, 2021, 2:06pm

Hi, thanks markbirss. Yes, they are good tutorials. Actually I have watched them before. But still it is not working on my routers. And it remind me another issue. That is in that video, when the author setup the mesh point in luci, it shows the encryption is WPA3 SAE (CCMP), while it still shows none in mine system.

mk24 · September 17, 2021, 2:11pm

You do need one of the -mesh- versions of wpad. Reboot after upgrading wpad. Simply restarting wireless doesn't load the new version.

darling · September 17, 2021, 2:40pm

OK, thanks mk24. I think I have tried to reboot before. But I am not so sure right now, I will try it again. But I am not at home these days. After I tried it, I will let you know.

darling · September 23, 2021, 2:59pm

Thanks mk24, you are right. I just got home and I tried what you said, install wpad-mesh-openssl, and then reboot. It is working now. Thank you so much.

system · October 3, 2021, 2:59pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.