I am trying to create a batman mesh with 2 nodes for a research project at school. I have been having a lot of trouble with it working. I couldn't find any comprehensive tutorial online that worked out of the box, so I tried to just do it using the knowledge I have and learned. Its been 2 weeks and this is where I have gotten.
The mesh shows up, but doesn't connect to the internet. It has a self-assigned IP. When I connect to each node individually, they both connect to the internet and both can ping each other. Its really weird, and I'm not sure whats wrong. I keep trying to play around with it and it just isn't working.
The simplest way to run a small mesh is to bridge the mesh user side (bat0) into the LAN network on all the routers. This gives the effect of interconnecting the LAN ports with Ethernet cable. Exactly like a wired network of a main router and one or more "dumb APs", one of the routers will be the uplink to the Internet. It should be the only one running a DHCP server.
It is more secure though to make the mesh a separate network with its own forwarding to the Internet. This requires adding a firewall zone and rules for the new network on the main router.
Firewall rules will be somewhat independent of the underlying packet-transport. I believe what @mk24 is suggesting is that the nodes that participate in the mesh be handled as their own security zone, making thinking about what rules you need/want a lot easier than mixing with management access to the router and the router's own access to the Internet, in general.