Can I do a simple LAN-bridged WDS using WEP in Kamikaze 7.09?

I find this enigmatic note:

This is found on this page:

http://downloads.openwrt.org/kamikaze/d … -80001.2.1

All I want to do is a simple repeater node, no fancy routing or anything. I've been doing this for some while with WhiteRussian and all it required was matching WEP settings, channels, and a few NVRAM variables.

Responding to my own post. It seems like WDS with WEP is working fine.  I am using Kamikaze on BroadCom platforms.  One is WRT54GS the other is Buffalo.  I misunderstood the wording it seems.

Hi vincentfox,

can you give me a little hint on how to enable wds in Kamikaze 7.09? I am trying to setup WDS with WPA enabled on a Broadcom device (Asus WL-500gp) together with an SMC 2804WBRv2 device (which supports WDS), but no luck yet.

Please let me know the following:

1. Do you use the same ssid on both routers?
2. Which MAC do you use as the bssid on the other router (MAC of eth0 or eth1)?
3. Do you use the same channel on both routers?
4. Have you tried to enable WDS with WPA PSK?
5. Did you follow a tutorial other than the documentation on openwrt.org that you mentioned?
6. Do you use the same wep passwords?

Thank you in advance
Boeben

(Last edited by boeben on 26 Jan 2008, 12:52)

Responding to my own post as well.

Since I couldn't come up with a working WDS solution I had to find an alternative. I ended up putting the wireless adapter in the so-called STA mode. In this mode, the OpneWRT router acts as a client to the other access point. It has some advantages and some disadvantages compared to WDS.

STA advantages
    - the other router does not need to be reconfigured (useful if it is not an OpenWRT)
    - actually works (at least for me)
    - can be WPA PSK encrypted (as opposed to WDS - only WEP possible (I believe!))
   
STA disadvantages
    - you have to configure different subnets and therefore need to implement routing or NAT (I used NAT since my other access point is not manageable)
    - you have 2 ssids, so no "on the fly roaming" possible. You have a little disconnect in between.

So, here is my complete setup:

   Internet
      |                                  (via DHCP)
      |        192.168.2.1   192.168.2.2               192.168.3.1 (br-lan)
------------------   /          \   -------------------   /
|    Modem        |/            \|                       |/
|      +              |- - - - - -   |    OpenWRT     |   
| Access Point   |  (wireless)| Kamikaze 7.09 |
| non-OpenWRT |               |   STA Mode      |
| DHCP enabled |               | DHCP enabled  |
------------------                  -------------------
     |   \                                         /   |
     |     \                                     /     |

Wireless Clients              Wireless Clients
(192.168.2.0/24)              (192.168.3.0/24)
(via DHCP)                             (via DHCP)

First of all, you have to setup the STA link (i.e. connect your OpenWRT router to your shithole router). Therfore enter the correct ssid and key for your non-OpenWRT router in your /etc/config/wireless. Also make sure that you use 'wan' as option network, since you want to connect to the internet with this link.

Secondly, you have to configure your wireless adapter to act as a usual access point as well, so your wireless clients can connect.

more /etc/config/wireless
-------------------------

config wifi-device  wl0
        option type     broadcom
        option channel  5
        option disabled '0'

config wifi-iface
        option device   wl0
        option network  'wan'
        option mode     'sta'
        option ssid     'non-OpenWRT'
        option encryption       'psk'
        option hidden   '0'
        option isolate  '0'
        option key      'ClearText-Password'
        option bgscan   '0'
        option wds      '0'

config "wifi-iface" ""
        option device   'wl0'
        option mode     'ap'
        option ssid     'OpenWRT'
        option hidden   '0'
        option encryption       'psk'
        option key      'ClearText-Password'
        option network  'lan'
        option isolate  '0'
        option bgscan   '0'
        option wds      '0'

Once you finished configuring your wireless setup, go ahead and change your WAN interface from eth0.1 to wl0 (since this will be our interface for the default route)

more /etc/config/network (excerpt only)
------------------------

#### WAN configuration
config interface        wan
#       option ifname   "eth0.1"
        option ifname   "wl0"
        option proto    dhcp

As I mentioned earlier, you have to setup routing or NAT if you want to allow your wireless clients of your OpenWRT AP to connect to the internet. Either use the route command on both routers (or if that is not possible as in my case) use the following command to enable NAT on your OpenWRT box:

iptables -t nat -A POSTROUTING -o wl0 -j MASQUERADE

Now run /etc/init.d/network restart or reboot (i had to use reboot)

You can check your setup with multiple commands:

route
-----

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.3.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.2.0     *               255.255.255.0   U     0      0        0 wl0
default         192.168.2.1     0.0.0.0         UG    0      0        0 wl0

wlc ifname wl0 ap    --> should return 1 (means your OpenWRT box is configured as AP)
wlc ifname wl0 apsta --> should return 1 (means your OpenWRT box is configured as AP and STA)

Hope this helps someone. Was a pain in the a$$ to setup.

It seemed to work fine with 7.09 just by using the MAC of the peer as the SSID value.

That was for WEP though.

I have no idea what the status of WPA over WDS links is.

(Last edited by vincentfox on 27 Jan 2008, 22:10)

Some help needed here. I've a setup similar to boeben's and have tried his instructions above but with no luck. If I do a iwconfig I do see that the SSID that I'm trying to use linked to wl0. But I don't get the routing table that boeben has, routes linked with wl0 are missing. And of course when I try to ping my internet gateway from OpenWrt, it comes back with an unreachable message. Would anyone be kind enough to post their /etc/config/wireless and network files?

Thanks.

I had the problem with the missing routing table entries before, too. Rebooting the router solved my problem. Make sure your Shithole router is configured to issue a DHCP address to all clients (ie. your OpenWRT router too). If this doesn't work manually add your routes.
Your OpenWRT router can still be a DHCP server, since it is located on a different subnet. (if you followed my instructions)

By the way, i only see the SSID of the network that i want to connect to when i run iwconfig. This seems to be normal. I don't know how you can see the other SSID (except with other client software)

Oh also make sure you have disabled any WDS setups on your router, if you have tried to set this up before

(Last edited by boeben on 5 Feb 2008, 16:10)

boeben, thanks! Would you be able to post your entire /etc/config/network file and the results from iwconfig? I have a setup very similar to yours and the $#ithole router (in my basement) runs WEP and issues DHCP to all. Infact I have another DD-WRT in the same room as the OpenWRT that has been on my wireless network in the APClient (sta) mode forever!

(Last edited by confused2008 on 5 Feb 2008, 17:26)

more /etc/config/wireless

config wifi-device  wl0
        option type     broadcom
        option channel  5
        option disabled '0'

config wifi-iface
        option device   wl0
        option network  'wan'
        option mode     'sta'
        option ssid     'non-OpenWRT'
        option encryption       'psk'
        option hidden   '0'
        option isolate  '0'
        # option bssid  '00-04-e2-b9-f7-e4'
        option key      'password'
        option bgscan   '0'
        option wds      '0'

config "wifi-iface" ""
        option device   'wl0'
        option mode     'ap'
        option ssid     'OpenWRT'
        option hidden   '0'
        option encryption       'psk'
        option key      'password'
        option network  'lan'
        option isolate  '0'
        option bgscan   '0'
        option wds      '0'

more /etc/config/network

#### VLAN configuration
config switch eth0
        option vlan0    "1 2 3 4 5*"
        option vlan1    "0 5"

#### Loopback configuration
config interface loopback
        option ifname   "lo"
        option proto    static
        option ipaddr   127.0.0.1
        option netmask  255.0.0.0

#### LAN configuration
config interface lan
        option type     bridge
        option ifname   "eth0.0"
        option proto    static
        option ipaddr   '192.168.3.1'
        option netmask  255.255.255.0

#### WAN configuration
config interface        wan
#       option ifname   "eth0.1"
        option ifname   "wl0"
        option proto    dhcp

iwconfig
lo        no wireless extensions.

eth0      no wireless extensions.

eth1      no wireless extensions.

eth0.0    no wireless extensions.

br-lan    no wireless extensions.

wl0       IEEE 802.11-DS  ESSID:"dieter_paul"
          Mode:Master  Frequency:2.432 GHz  Access Point: 00:04:E2:B9:F7:E4
          Tx-Power:19 dBm
          RTS thr:2347 B   Fragment thr:2346 B
          Encryption key:off
          Link Noise level:-86 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:733  Invalid misc:0   Missed beacon:0

imq0      no wireless extensions.

imq1      no wireless extensions.

wl0.1     no wireless extensions.

let me know if this helps or if you need any explications....

Thanks much but still no luck! I tried your exact settings and iwconfig reported this:

wl0       IEEE 802.11-DS  ESSID:"MyWirelessNet"
          Mode:Master  Frequency:2.437 GHz  Tx-Power:19 dBm
          RTS thr:2347 B   Fragment thr:2346 B
          Encryption key:<too big>
          Link Noise level:-79 dBm
          Rx invalid nwid:0  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:38  Invalid misc:0   Missed beacon:0

The access point MAC address of the non-Wrt router (that I'm trying to connect to) is missing here and hence no connection either.

The expected entries in the routing table are missing and when I try to add a route:

root@OpenWrt:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan

root@OpenWrt:~# route add default gw 192.168.0.1 wl0
route: SIOC[ADD|DEL]RT: Network is unreachable

I have no idea what I'm missing. All I know is it should not be this difficult!

Any ideas would be greatly appreciated.

(Last edited by confused2008 on 6 Feb 2008, 04:58)

Ok, managed to solve my problem. My internet connected non-OpenWRT router had "shared key" WEP, had to change that to "open"! I really appreciate the help from boeben, thanks a lot!

(Last edited by confused2008 on 10 Feb 2008, 05:10)

Here's the config file I use for WDS with WPA between two Broadcom-based routers:

config wifi-device wl0
        option type     broadcom
        option channel  1

config wifi-iface
        option device   wl0
        option network  lan
        option mode     ap
        option ssid     somename
        option encryption psk+psk2
        option key      yourpassphrase

config wifi-iface
        option device   wl0
        option network  lan
        option mode     wds
        option ssid     someothername
        option bssid    xx:xx:xx:xx:xx:xx
        option encryption psk2
        option key      yourpassphrase

Both devices use the same basic config. The only difference is the bssid, which should be set to the other device's wireless interface MAC address.

I also replaced the file /etc/hotplug.d/net/20-broadcom_wds with

include /lib/wifi

setup_broadcom_wds() {
        local iface="$1"
        local remote="$(wlc ifname "$iface" wdsmac)"

        [ -z "$remote" ] && return

        config_cb() {
                [ -z "$CONFIG_SECTION" ] && return

                config_get type "$CONFIG_SECTION" TYPE
                [ "$type" = "wifi-iface" ] || return

                config_get network "$CONFIG_SECTION" network
                [ -z "$network" ] && return

                config_get addr "$CONFIG_SECTION" bssid
                [ "$addr" = "$remote" ] && {
                        local cfg="$CONFIG_SECTION"

                        include /lib/network
                        scan_interfaces

                        setup_interface "$iface" "$network"

                        config_get encryption "$cfg" encryption
                        config_get key "$cfg" key
                        config_get ssid "$cfg" ssid

                        sleep 10

                        case "$encryption" in
                                psk|PSK)
                                        nas4not "$network" "$iface" up auto tkip psk "$key" "$ssid"
                                ;;
                                psk2|PSK2)
                                        nas4not "$network" "$iface" up auto aes psk "$key" "$ssid"
                                ;;
                                psk+psk2|psk2+psk|PSK+PSK2|PSK2+PSK)
                                        nas4not "$network" "$iface" up auto aes+tkip psk "$key" "$ssid"
                                ;;
                                *)
                                ;;
                        esac
                }
        }

        config_load wireless
}

case "$ACTION" in
        add|register)
                [ "${INTERFACE%%0.*}" = wds ] && setup_broadcom_wds "$INTERFACE"
        ;;
esac