[Solved] Batman-adv not routing traffic

Hi,

I've been following the wiki trying to set up batman-adv on two AVM FRITZ!Box 3370s.

What I'm trying to achieve is something like this:

router < cable > 3370-mesh0 < wifi > 3370-mesh1 < wifi/cable > Client

I am/was planning on adding two other devices to the mesh, but can't currently even get these two to work.

This is my current config:

/etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.4.240'
	option netmask '255.255.255.0'
	option gateway '192.168.4.1'
	option dns '1.1.1.1'

config device 'lan_dev'
	option name 'eth0.1'
	option macaddr '<somemac>'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 1 2 4 6t'

config interface 'bat0'
	option proto 'batadv'
	option routing_algo 'BATMAN_IV'
	option aggregated_ogms 1
	option ap_isolation 0
	option bonding 0
	option fragmentation 1
	#option gw_bandwidth '10000/2000'
	option gw_mode 'off'
	#option gw_sel_class 20
	option log_level 0
	option orig_interval 1000
	option bridge_loop_avoidance 1
	option distributed_arp_table 1
	option multicast_mode 1
	option network_coding 0
	option hop_penalty 30
	option isolation_mark '0x00000000/0x00000000'

config interface 'nwi_mesh0'
	option mtu '2304'
	option proto 'batadv_hardif'
	option master 'bat0'

config interface 'vlan1111'
	option type 'bridge'
	option stp '1'
	option ifname 'eth1.1111 bat0.1111'
	option proto 'static'
	option ipaddr '192.168.11.11'
	option netmask '255.255.255.0'
	option delegate '0'

/etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '6'
	option path 'pci0000:00/0000:00:00.0/0000:01:00.0'
	option htmode 'HT20'
	option disabled '0'
	option hwmode '11g'
	option country 'DE'
	option legacy_rates '1'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'psk2'
	option key '<somekey>'

config wifi-iface 'mesh0'
	option device 'radio0'
	option ifname 'mesh0'
	option network 'nwi_mesh0'
	option mode 'mesh'
	option mesh_fwding '0'
	option mesh_id 'mesh-test'
	option encryption 'psk2+ccmp'
	option key '<somekey>'

Same config on both boxes, except for the ipaddr on the lan and the vlan interfaces, '192.168.4.241' and '192.168.11.12' respectively.

I am able to ping both ways box to box, so the mesh itself is working.
Pinging the vlan addresses does not work as a client on either end.
The only thing I'm able to ping is the lan address of the Box right before the mesh.

I tried disabling the firewall, and changing the vlan subnet, but it does not change anything.

Any pointers as to what is wrong with this setup?

I haven't been able to completely follow your network topology, but it looks like you've got half of your LAN on mesh0 and half of it on mesh1. Then there are two IP addresses associated with the mesh itself.

I think what you are trying to accomplish is that the two halves of your LAN, 192.168.4.0/24, are bridged over the mesh. If so, it is that network that needs to be bridged over a VLAN of bat0, not 1111.

Perhaps something like

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1 bat0.1'    # Or, see below, option ifname 'eth0.1 bat0.101' 
	option proto 'static'
	option ipaddr '192.168.4.240'
	option netmask '255.255.255.0'
	option gateway '192.168.4.1'
	option dns '1.1.1.1'

(Though I'm not a big fan of low-numbered VLANs, due to reservation for "special use" by various switches.)

In option ifname 'eth0.1 bat0.1', while eth0.1 is locally used by the default OpenWrt config as your "LAN", the bat0 VLAN is your choice. Personally, I'd use bat0.101 or the like.

Using "high-numbered" VLANs in OpenWrt switch config usually requires explicitly setting vid and pvid, which I do in all my config for clarity. See https://openwrt.org/docs/guide-user/base-system/basic-networking#switch_configuration

1 Like

Thanks, I'm going to try that first thing tomorrow.

Sorry if I was not clear on the topology.
Ideally the whole network should consist of one router with dhcp, three or four mesh nodes as aps and a bunch of dhcp clients, mostly on wifi.
Basically something like this but not proprietary and expensive.

1 Like

Yes, that description aligns with "bridge your LAN interfaces to a VLAN of your choice on your bat0 interfaces".

To make my config a little clearer, I'll often use a completely different netblock for my mesh-to-mesh IP addresses, that I know never should be routed by my infrastructure. It isn't required, but, at least for me, using the Class B private block of 172.16.0.0 to 172.31.255.255 makes it immediately clear to me.

Well, first thing in the morning didn't quite pan out, sorry.

But I just tried bridging eth0 and bat0 as shown above and it worked.
Thanks a lot!

I've now set up all four mesh nodes and everything seems good so far.
However, there is one spot that does not get coverage and I'm out of OpenWrt capable hardware.

I do still have a repeater lying around, but again, the traffic of said repeater is not routed through the mesh.
Is there something I can do to make that thing work with this config?

Thanks.

1 Like

"Flash it with OpenWrt" :wink:

Repeaters are something of a strange beast, often being NAT-based devices with proxy-ARP and broadcast re-broadcast to make it look like the hosts behind the NAT are "as if" connected to the repeated network segment. This seldom works for anything but well-known, IPv4 services. IPv6 seldom works; never for the common relayd, that I know of.

Assuming that it is repeating your "client" AP, then, if it's not working, I'd guess it doesn't properly copy the batman-adv control packets between its inside / outside interfaces.

1 Like

That would explain it, thanks

I'd love to flash OpenWrt on that thing but there is no easy way to do it as it's wifi only.
It's also not on the supported devices list, so that would be quite a challenge.

I think I'll just buy another supported device, plug said spot and be done with it :slightly_smiling_face:

Thanks again.