Hi,
What am I doing wrong? I want to replace my 3 node TP-Link M9+ mesh network (using WiFi backhaul) with 3 x OpenWRT One. So far I can get 1 OpenWRT One working with WAN connection (PPPoE to my ISP), WiFi & LAN port, but when I add configuration for mesh11sd then reboot I lose the WiFi networks (nothing seen in "WiFi Analyzer" android app on my phone) and lose the LAN connection too.
When I include the package px-5g-mbedtls in the firmware builder https://firmware-selector.openwrt.org/?version=24.10.0&target=mediatek%2Ffilogic&id=openwrt_one I get an error:
opkg_install_cmd: Cannot install package px-5g-mbedtls
so I'm leaving that out, adding the minus to -wpad-basic-mbedtls and adding wpad-mbedtls kmod-nft-bridge ip-full vxlan mesh11sd, so my packages are:
Setting up my WAN connection and WiFi is done with this "Script to run on first boot (uci-defaults)":
uci set network.wan.proto='pppoe'
uci set network.wan.username='xxxx'
uci set network.wan.password='xxxx'
uci set network.wan.ipv6='auto'
uci set network.lan.ipaddr='192.168.1.1'
uci commit network
uci set wireless.radio0.country='AU'
uci set wireless.radio0.disabled='0'
uci set wireless.default_radio0.network='lan'
uci set wireless.default_radio0.mode='ap'
uci set wireless.default_radio0.ssid='iota-lan-2.4g'
uci set wireless.default_radio0.encryption='sae'
uci set wireless.default_radio0.key='xxxx'
uci set wireless.radio1.country='AU'
uci set wireless.radio1.disabled='0'
uci set wireless.default_radio1.network='lan'
uci set wireless.default_radio1.mode='ap'
uci set wireless.default_radio1.ssid='iota-lan'
uci set wireless.default_radio1.encryption='sae'
uci set wireless.default_radio1.key='xxxx'
uci commit wireless
uci set dropbear.main=dropbear
uci set dropbear.main.enable='1'
uci set dropbear.main.PasswordAuth='on'
uci set dropbear.main.Port='22'
uci set dropbear.main.Interface='lan'
uci commit dropbear
rootpassword='xxxx'
/bin/passwd root << EOF
$rootpassword
$rootpassword
EOF
That works fine. Now I ssh to the router and run these commands:
uci set mesh11sd.setup.auto_config='1'
uci set mesh11sd.setup.country='AU'
uci set mesh11sd.setup.auto_mesh_id='IotaMesh'
uci set mesh11sd.setup.mesh_gate_encryption='1'
uci set mesh11sd.setup.mesh_gate_key='xxxx'
# uci set mesh11sd.setup.auto_mesh_band='5g'
uci set mesh11sd.setup.mesh_gate_base_ssid='iota-mesh'
# uci set mesh11sd.setup.ssid_suffix_enable='0'
uci commit mesh11sd
At this stage it still works as before, but after a reboot I lose WiFi and LAN access as I said at the top.
The package name is px5g-mbedtls, typo in instructions or the name of the package has evolved ;-). I was instructed to stop the mesh11sd before issuing uci commands.
You seem to have glanced briefly at the documentation in the link but have not read it in any detail unfortunately.
Yes there was a typo in the name of one of the other packages to install, the correct name is px5g-mbedtls as stated by @mattimat
FYI This typo was corrected a couple of days ago.
The documentation clearly states that the uci-defaults should contain the following:
uci set mesh11sd.setup.auto_config='1' # Note: Set to 0 for Confidence Testing
uci set mesh11sd.setup.auto_mesh_id='MyMeshID'
uci set mesh11sd.setup.mesh_gate_base_ssid='MyNetwork'
uci set mesh11sd.setup.mesh_gate_encryption='1'
uci set mesh11sd.setup.mesh_gate_key='MyWifiCode'
uci commit mesh11sd
uci commit network
rootpassword="myrootpassword"
/bin/passwd root << EOF
$rootpassword
$rootpassword
EOF
The meanings of the uci commands are detailed in the Setup Options section:
It does NOT tell you to set up lots of detail configs in network and wireless.
The wan settings are ok as these do not have anything to to with setting up the mesh.
Where does the documentation tell you to do this?
I strongly suggest you go back and generate a new Rapid Deployment flash image, this time following the instructions.
Once you have it working, you can go back again and add all the complexities and details you want, most of which are done in the mesh11sd config.
There is one big problem though. Currently there is an issue with the OpenWrt build system that is failing to backport the latest version of mesh11sd to 24.10 packages, assuming that is that you are running 24.10.0.
For now you will have to either use snapshot or download the mesh11sd v5.0.1 ipk from github.
Here:
You will have to install this manually on 24.10.0 for now unfortunately.
Let me know how you want to continue and I can talk you through it.
Thanks @mattimat for 2 useful bits of info not in the docs at the time of my post.
Thanks @bluewavenet for your generous offer to help. I realise this takes time and effort and it is appreciated. I find some of your comments to be unkind, unnecessary and contrary to the community guidelines. I'm not taking it personally as I've read the same from you to other new users, but I do hope it stops.
Ok, back to the topic. You have provided the following useful info that was not in the docs:
px-5g-mbedtls changed to px5g-mbedtls
WAN port config "is ok" to be added to the uci-defaults
the LAN/wireless configuration should only be adjusted after the basic mesh is working
"most" of the LAN configuration is done in the mesh11sd config
mesh11sd won't currently work with 24.10.0 on the OpenWRT build system
I will try using the latest snapshot and be back if I need more help.
With the default "portal_detect=1" a node determines whether it is the "portal" node by attempting an upstream WAN connection. It only runs DHCP if this is successful. So in point 2 above, I believe it is essential (and not just "ok") to have my PPPoE WAN config when first trying mesh11sd.
Hang on, would it not be best to go full SNAPSHOT then? @neilbacon is unlikely to want Luci on all of the deployed Openwrt Ones, just the gateway running PPPoE and DHCP and DNS.
As you "read" the documentation but failed to notice the bold/italic warning in the first paragraph:
Please read this entire document before installing the mesh11sd package!
then did a skim over the rest, my comment is justified.
It was not intended to be unkind, it was just a statement of what must have happened.
Clearly, you consider answering your question:
as "contrary to community guidelines".
Nevertheless I am quite willing to help, but please try not to be hurt if you find you have not done something properly. Remember, documentation is hard and constructive feedback on it is always beneficial.
A quick, but maybe dumb question regarding the script to run on first boot:
uci set mesh11sd.setup.auto_config='1' # Note: Set to 0 for Confidence Testing
uci set mesh11sd.setup.auto_mesh_id='MyMeshID'
uci set mesh11sd.setup.mesh_gate_base_ssid='MyNetwork'
uci set mesh11sd.setup.mesh_gate_encryption='1'
uci set mesh11sd.setup.mesh_gate_key='MyWifiCode'
uci commit mesh11sd
uci commit network
rootpassword="myrootpassword"
/bin/passwd root << EOF
$rootpassword
$rootpassword
EOF
In the documentation, you mention that the luci wireless configuration can't include everything needed to set this up completely and UCI commands are needed. My question is what exactly to put in the MyMeshID, MyNetwork, and MyWifiCode blocks. Are these at all related to the regular wifi ssid you use on the router or completely separate and different?
In luci you can name your mesh, which I'm guessing is the same as MyNetwork and you can specify a password, which I'm guessing is the same as MyWifiCode and it is the MyMeshID that is absent in the Luci interface?
Maybe I'm overcomplicating this, it's just that I've never hard coded a script to run on first boot with the Firmware Selector. Can you maybe add some more detail to exactly what is supposed to be entered into MyMeshID, MyNetwork, and MyWifiCode? I've read the documentation but my mind isn't getting it properly.
###########################################################################################
# auto_mesh_id (optional)
#
# Configure the mesh_id of the wireless interface(s) when auto_config is enabled
# Default --__
#
# This string will be hashed to produce a secure mesh id
# If set, it must also be set to the same value on every mesh node
#
So the auto_mesh_id is a seed string used to generate a secure mesh id.
Typically it will look something like 534c56ddd669297e92d490daf46cfe
Users do not need to know this and recent versions of user devices do not even show it.
Then we have:
###########################################################################################
# auto_mesh_key (optional)
#
# Defaults to a sha256 key to be automatically used on all members of this mesh when auto_config is enabled
# Generates a secure sha256 key from the string value set in this option.
#
# If set, it must also be set to the same value on every mesh node
Typically it will be of the form 068012f8481fec11845178c8e1041b3751801a24ab3e222646a4424b82a13a0a'
Next, MyNetwork:
###########################################################################################
# mesh_gate_base_ssid
#
# Sets the mesh gate base ssid string
# If ssid_suffix_enable is set to 0, must be a maximum of 30 characters in length
# If ssid_suffix_enable is set to 1, must be a maximum of 22 characters in length
# Excess characters will be truncated
#
# Default - uses the ssid string set in the wireless config
#
#
# When set, overrides the ssid string set in the wireless config
and MyWifiCode:
###########################################################################################
# mesh_gate_key (optional)
# Determines the encryption key for this node's gate.
#
# Default: not set (encryption disabled)
# Set to a secret string value to use for encrypting the node's gate
# Ignored if mesh_gate_encryption is set to 0 or 4
#
Thank you. Just clarifying these variables have nothing to do with your regular wifi ssid, but separate and used just in the mesh system setup. Or does the setup need to know your regular wifi ssid?
Are the luci instructions in the wiki up to date? I can't use luci to do it?
Also, I'm making custom firmware and compiling from source code. The Makefile in your source code still references version 3.1.1. I was able to create a new Makefile that compiled 5.0.1, but that should be updated I think.
Focus on the fact that this install starts from the basic flash image with wireless disabled - basic defaults. Then mesh11sd starts up and configures everything for you depending on what you put in the "uci-defaults" text box in the firmware selector (or imagebuilder)
mesh_gate_base_ssid sets the "regular" ssid base string. Then a band identifier (eg 2g, 5g etc) is added, plus a suffix based in the mac address.
Note: A Mesh Gate is an access point that resides on a mesh node.
mesh_gate_key sets the regular "encryption key" for the ssid.
You cannot use luci with mesh11sd. This is because luci is concerned with static configurations that are done once and are remembered after a reboot.
Whereas mesh11sd "auto configures" a dynamic configuration every time it starts.
Version 5 onwards actually disables luci to prevent someone using it and potentially bricking the maeshnode. (It can be turned back on - for advanced mesh11sd users at their own risk).
How do we get the new version into the firmware selector? Now that I understand how it all works (thanks again), it needs to be mainstreamed into OpenWrt. I think it's a fantastic, indispensable contribution to the OpenWrt project. Anyone know who I can ask or message about this issue?
There is an outstanding PR waiting on Github. There is a problem with the OpenWrt 24.10 build system currently that makes the CI tests fail any new PRs. The delay is caused by waiting for someone to fix this.
You can take a look here:
I am going to open a new PR soon with v5.0.2, some minor fixes. We can start again with it then. Should be in the next day or so.