Are there any here that have experience with managing a large OpenWrt AP network?

We have been looking at Uniquity (Unifi), Mikrotik (Capsman), OpenMesh (CloudTrax) and Ruckus, but the pricepoint of an open router is driving us back to finding a more entry point consumer AP solution. 

Suppose we roll out 1000 OpenWrt routers and want to impliment some method of easily managing them, both in terms of radios and routing, what should be be looking at?

Any Coova Chilli-based AAA service (or RYO).

5X TL-WR841ND (V7's) 'social' hotspots running BB and 'refined' Coova Chilli scripts (submitted to Coova) speaking to an AAA.  The AAA provider's 'manglement' dashboard is adequate.

N.B. the HTTP query string is the same for all AAAs that bundle 'open routers' with Coova Chilli.

Forgive my ignorance, but how is FreeRadius a router/network management tool?

Also, as far as I know, Choova Chilli is a hotspot manager, which is not at all what we would need? 

What does "AAA" stand for? 

(Sorry, your post makes little sense to me, so I have to ask for more detail)

(Last edited by lifeboy on 5 Apr 2016, 16:41)

Built into most AAA providers' OpenWrt / Coova Chilli-powered routers is a 'manglement' feature for monitoring and upgrades.

Download an install package from one and review the scripts.

The answer to the question is 'no' (this is not the forum of Juniper Networks nor Cisco Systems).

If you problem is how to apply the same config to hundreds of routers the solution is a crontab with a wget to a sh script in a http server, and run it every X minutes/hours.

Which fuctions do you need ?
You need to be more specific.

There is nothing for free like Cloudtrax, for example. Unifi is a bad solution for hotspots.

Considering 1000 devices, customized openwrt can be flashed in factory.

>some method of easily managing them, both in terms of radios and routing, what should be be looking at?<
You are mixing up various functionality. Cloudtrax has nothing to do with routing.
Same valid for Unifi.

iasimov gave you good hint regarding "radios and routing".

(Last edited by augustus_meyer on 9 Apr 2016, 11:22)

Content-free snark. So what if this isn't a Jupiter or Cisco forum? Fifteen years ago, would you have implied people looking for help deploying linux for a server to go to SUN, or IBM instead?

No, Redhat, for education. Installation is simple but should that task require assistance, one must ask how could the server ever be administered?

@eas - have you no advice for the OPer?

I'm just at the planning stage.  So I'm learning what is available "out there" and what we would have "figure out ourselves".  If I have 1000 OpenWRT devices installed and something goes wrong on unit 576, two things are needed: we need to know about it before the client/end user does and secondly we need to fix the problem.  If there are tools that people use for this, we'd like to learn form their best practice and not have to re-invent the wheel.

I just mentioned these to set the stage.  Cloudtrax's one-size-fits-all-SSIDs solution is not really a solution for an ISP.  We're looking at all CPE's being hotspots as well.  Something like "fon" on steroids.

Indeed, but that's not the problem I'm trying to solve.

Of course radios and routing are different, but in operational terms they are very much related.  There are many tools for monitoring, but not as many for configuration management.  Something like a TR-069 based solution is a good start it seems (GenieACS).  Mixed with RADIUSdesk, one should be able to configure individual user profiles grouped into RADIUS realms.  Additionally adding PRTG should provide a suitable suite to address all the core operation requirements. 

As far a routing is concerned, there are sufficient methods to deal with route failures and ensuring least cost routes, redunancy and whatever.  The "automagix" cloud routing done by Cloudtrax is not ideal, since while it may prove good in theory, human intervention may be required.  Actually the routing is not really our big concern, since it's pretty much covered.  Managing all aspects of the CPE, is.

Anyone have anything else to suggest or report of what they actually use over and above what has been mentioned so far?

You can use zabbix to monitor all your routers with centralized server.
As for executing commands I think crontab with wget + execute script to http server is the best option when no changes are needed the script is just blank when you need to add some feature to all routers just put that feature in that script and all routers will follow.
If you want just a few just add an if host_ip == ? or if host_ip == ? then in bash script.

(Last edited by Pietia on 11 Apr 2016, 10:58)

>something goes wrong on unit 576, two things are needed: we need to know about it before the client/end user does and secondly we need to fix the problem.<
First can be implemeneted using a watchdog. Second depends upon reason of failure. An auto soft reboot might suffice.
For remote config management for the openwrt-box I only know (and implemented) "Do it Yourself" solutions.
>Mixed with RADIUSdesk, one should be able to configure individual user profiles grouped into RADIUS realms. <
This is a special AAA issue. Not particularly for openwrt only; you might need coova-chilli for the hotpspot-AP, for example, as it contains radius interface. Or you use mikrotiks, but not very flexible regarding hotspot functionality :-)

I suspect, you will have to consider a customized solution for your requirements.

Really? fon sits in gateways deployed by ISPs (who generally employ TR-069 to remotely manage 100's of 1000s of locations).

Some words used by the OPer raise questions about the intent to commercialize OpenWrt or at a minimum embed open source works for profit.

Addressing the demands set forth in the RFP, Nagios is a freebie and haunting that forum might uncover some contributed active and / or passive agents for Linux-based routers.

Did anyone had a look at cucumberwifi.io ?

The cynical nature of this respondent is wearying.  One of the essential premises of FOSS is that it should not have to be gratis.  Actually, the mere suggestion that usage of foss should not be for profit is absurd.

My intentions are simple enough: I want to find out if and how we could use OpenWRT in a commercial environment and in time hopefully contribute to the project in the process.  If the hostile nature of some posters is intended to drive me away, the effort it wasted on me and I will henceforth simply ignore them.

You're correct. open-mesh.com and Ubiquity use openwrt for commercial products already for quite some time.

Indeed, OpenWrt, and FOSS in general, is deployed in commercial products.  And those firms mentioned performed the heavy lifting themselves to monetize OpenWrt whereas the OPer seeks a free ride via community contribution(s).

Interesting point, is there anywhere, where a user could make contributions ($) to the project.

Donate.

That is merely your interpretation of the questions.  If OpenWRT didn't want people to use the software freely, they would have said so quite clearly.  I've always believed that asking questions and learning is a good thing.  You don't have to share if you don't want to, Max!

Hi,

I came across this discussion while searching for something else.

You might want to look at APdesk and MESHdesk which is part of RADIUSdesk and totally Open Source.

We started initially with MESHdesk to create something like Cloudtrax but with more flexibility and features while remaining Open Source.

APdesk later followed.

Both works well with Atheros and Mediatek based chipset devices.
(Mediatek means you can shop for devices below $10 each from China if you want to save on hardware costs)

http://www.radiusdesk.com/docuwiki/user … _practical

We also recently added support for OpenVPN bridged tunnels:

http://www.radiusdesk.com/docuwiki/user … pn_bridges

And support for 3G dongles:

http://www.radiusdesk.com/docuwiki/user … le_support

Kind regards

(Last edited by dvdwalt on 14 Oct 2016, 13:18)

Interesting point, is there anywhere, where a user could make contributions ($) to the project.

Hi John,

Sure, you're welcome to contact us through the "Contact Us" form.

http://www.radiusdesk.com/docuwiki/contact_us

We will gladly accept contributions since the project has been mostly self funded the past couple of years. We used to have a PayPal button in the past but removed it due to a lack of interest.

Kind regards