So this is my first real post on the forums apart from begging developers so please try to be kind to an idiot.
I recently started using OpenWRT and managed to get my "TP-Link EAP265 HD" working with EAP245 v3 firmware and that led me down the rabbit hole so to speak. I now have a "Xiaomi R3P" and two "Comfast ew72" and I'm wondering what is the best approach to take for my network.
Im using a OpnSense firewall along with a homelab with alot of IoT/NoT devices around my farm, so all 4 OpenWRT will be dumb so to speak.
I've just started playing with the image builder in the hope I can get rid of alot of unnecessary packages on my devices and have looked a little into B.a.t.m.a.n.
What does everyone think my approach should be?
Everything is wired but the Comfast AP's only have a 10/100 port so I guess some form of mesh would be idea even if they are hardwired.
Also I use a large ZigBee network so staying away from ch11 in the 2,4ghz range would be preferred so once again a mesh with everything on one channel would be great.
I wouldn't really go that way…
Yes, a 100 MBit/s ethernet backhaul will limit what the 2x2 QCA9886 5 GHz can do, but I doubt meshing would really be a net improvement in the grander scheme of things.
if I read it correctly, you need the ethernet for PoE anyways
100 MBit/s may be slower than the maximum 2x2 802.11ac can do, but considering throughput degradation over the distance and the repeater effect you're going to suffer, I don't think meshing would really gain you much
100 MBit/s ethernet may not be much, but you're still guaranteed to get that, every single second of the day - compared to inherently fluctuating wireless performance.
Yes, your environment would be an example story for (wireless-) meshing, but if you already do have 100 MBit/s ethernet at all the locations you've scouted for your APs (and 'only' need to feed 2x2 802.11ac and not 3x3/ 4x4 or 802.11ax), you won't lose much, but gain a lot of stability/ reliability by sticking to wired ethernet backhauls (only).
EDIT;
Or to phrase it slightly differently, 2x2 802.11ac would provide you with ~350 MBit/s wireless throughput under ideal circumstances (same room, 1000BASE-T backhaul).
I'm not quite confident that the ath79 SOC of your ew72 APs could really do that much (if it had 1000BASE-T)
with repeater effect hitting you, you're down to half of this ideal figure
add in some distance between the APs, and you drop even further
meshing adds some overhead on top
As a result I'm not so sure that you would get an aggregate (100BASE-T plus 5 GHz wireless meshing) of 150 MBit/s over the air to your clients in real world circumstances, rendering this endeavour (which does cost you quite some effort) rather moot. Replacing these two devices with 1000BASE-T capable ones however would provide you with a significant improvement - if the wiring is there, replacing two APs is 'cheap' (yes, rugged, industrial and PoE make this slightly less cheap, but still better than having to dig trenches for ethernet cable).
agree with SLH, stick to copper only and just dumb AP devices. It keeps things simple and you can instead focus on quality of WiFi coverage which is more important depending on how crowded your area is. Unless you're into serious gaming I can't think of any reason why 100base-t is not sufficient for most if not all your needs.
Everything that needs a decent connection PC's, workstations and servers have wired connections the wireless is pretty much just phones and esp devices.
So do away with the idea of mesh separate out the iot devices and one SSID with fast roaming for phones?
yes, ignore mesh. Since you are able to utilize copper stay with copper. As segmenting up your network goes you might want to first start with just working with multiple SSIDs each for your different devices. Once you have everything working how you want it you can then start reading and learning about VLANs to further add a layer of security to your network. You may need to further invest in network gear if your current gear is not able to process VLAN packets however.
I have all the gear no idea as they say, lots of managed switches L2. vlans is a to learn priority my SSID 's are already separated for NoT,IoT, master and guest but tagging and untagging and multicast are all alien to me at the moment.
you don't have to VLAN if you feel you do not need the extra security layer and with a small network such as yours there is no performance benefit either.
I have a few Chinese up cameras that have lots of holes so setting up a vlan for them is definitely a priority.
Currently i'm more concerned about just getting the network running and making my life easy later. I'm trying to follow the dumb ap OpenWRT guides and mix it into the image builder so I don't have to mess about installing Luci and disabling DHCP, firewall, ipvy etc everytime I mess up a setting and have to factory restore.
those CCTV cameras automatically upload your videos up to the cloud by default. I used wireshark to monitor what they were doing and found they were connecting to huawei servers in china and uploading live images. I configured my firewall to block these devices from accessing the internet so only my NVR can connect to them using RTSP.
Ok 2 bricked routers, one saved, one dead dead (needs a EPROM programmer) and one router that took way too long to flash aswell as probably 40hours of messing in the last 3days.
So I have 2 routers set up as dumb AP's 2ghz working with fast roaming a hand full of ssid's for various uses but.... No 5ghz it's all set up but my phone just won't connect I've double checked the passwords and Auth aswell as channels and country code but my phone just connects for a split second then goes back to 2ghz can the mobility domains match on 2ghz and 5ghz if the ssid names are different?
also my one dumb ap has 300gb flash now so any suggestion on software?