Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:network:wifi:dumbap [2018/03/23 16:32] – Editorial tweaks; Clarify that it's LAN-to-LAN ports richb-hanover | docs:guide-user:network:wifi:dumbap [2024/02/01 19:55] – [Wireless Access Point (aka "Dumb" Access Point)] intro should be concise palebloodsky | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Dumb AP / Access Point Only ====== | + | ====== |
| - | This document | + | This page describes how to configure your device as a //wireless access point (AP)//, sometimes called a //" |
| - | From a user's point of view, it works like this: | + | One common reason for this is to add additional |
| - | * Connect | + | |
| - | * If the user's MAC matches a MAC in the list, it gets an appropriate IP and the user gets network | + | |
| - | ' | + | <WRAP box> |
| + | Summary of configuration for a Wireless AP: | ||
| + | - The wireless AP is connected LAN-to-LAN to the main router by some means e.g. ethernet cable, 802.11s mesh, etc. | ||
| + | - The wireless | ||
| + | - The wireless AP bridge LAN may have either a static or DHCP address on the same subnet as the main router bridge LAN interface. | ||
| + | - The wireless AP gateway IP address is set to the address of the main router, either in the configuration or by DHCP. | ||
| + | - The wireless AP does not provide DHCP service, DNS resolution, or a firewall. | ||
| + | </ | ||
| - | //Note: This recipe results in a bridged LAN that will work fine for home and small networks. It is similar to the " | + | {{section> |
| - | ===== Configuration via Web Interface LUCI ===== | + | ===== External Videos for Reference |
| - | Of course you can achieve this with using the web interface: | + | Several videos are available on the topic which may be useful |
| - | Once you have configured your wireless network with LUCI you can start configuring your dumb AP.\\ | + | Bare in mind they are somewhat outdated |
| - | - Disconnect the (soon-to-be) Dumb AP from your network, and connect your computer to it with an Ethernet cable. \\ | + | |
| - | - Use the web interface to go to Network -> Interfaces and select the LAN interface.\\ | + | |
| - | - Enter an IP address "next to" your main router on the field "IPv4 address" | + | |
| - | - Then scroll down and select the checkbox " | + | |
| - | - In the top menu go to System -> Startup, disable Firewall | + | |
| - | - Click the Save and Apply button. Hard-Restart your router if you' | + | |
| - | - Now go to http:// | + | |
| - | - Now use an Ethernet to connect one of the LAN ports on your main router to one of the LAN/switch ports of your " | + | |
| - | - You are done.\\ | + | |
| + | Using OpenWrt v21 with DSA example: | ||
| - | ===== Configuration via command line tools ===== | + | {{youtube> |
| + | |||
| + | Two videos which are outdated but explain firewall and APs: | ||
| + | |||
| + | {{youtube> | ||
| + | {{youtube> | ||
| + | |||
| + | WiFi roaming is much improved in newer mobile devices so configuring Fast Roaming, aka 802.11r, may not be required.\\ | ||
| + | This video can be misleading as 802.11r has nothing to do with mesh networking. | ||
| + | {{youtube> | ||
| + | |||
| + | ===== Configuration via LuCI ===== | ||
| + | |||
| + | These instructions refer to the interface found in OpenWrt 23.05. The interface of v21 upwards differs in significant ways from earlier versions of OpenWrt which we try to account for... but no guarantees. | ||
| + | |||
| + | This setup requires two routers, a computer with an Ethernet port, and an Ethernet cable. | ||
| + | |||
| + | Disconnect the wireless AP from your network.\\ | ||
| + | Use an Ethernet cable to connect your computer to one of the LAN ports (not the // | ||
| + | If you use a notebook, turn off WiFi while configuring your AP to only have one IP connection, a wired one, to your "to be" configured wireless AP.\\ | ||
| + | From a browser, navigate to LuCI by going to http:// | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Go to //Network -> Interfaces// | ||
| + | |||
| + | {{: | ||
| + | |||
| + | It is best to configure the wireless AP to use DHCP to obtain an address from the main router,\\ | ||
| + | but this guide will show how to do it the alternative way - by configuring a static IP address.\\ | ||
| + | |||
| + | Give the wireless AP an IP address "next to" your main router.\\ | ||
| + | By default, the main router will have an address of 192.168.1.1, | ||
| + | The address should be on the same subnet as your main router but out of the DHCP range used when assigning addresses to connected devices.\\ | ||
| + | By default, that means the wireless AP router IP should be between 192.168.1.2 and 192.168.1.100.\\ | ||
| + | If you're adding multiple wireless APs, you could use 192.168.1.3, | ||
| + | Save and apply the new IP address. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | A warning screen will apear because you changed the routers IP to 192.168.1.2. Press "Apply and keep settings" | ||
| + | |||
| + | Navigate back to the address you assigned in the previous step (say, http:// | ||
| + | Make sure your browser uses the new IP address you assigned in the previous step. \\ | ||
| + | Why? Because in the next step, the gateway needs to be changed to point to the main router, and LuCI will not allow you to change the gateway to 192.168.1.1 while the wireless AP router is using that IP address.\\ | ||
| + | If things are not working as expected, unplug the network cable from your computer for 10 seconds and plug in again. The currently still active DHCP Server on your wirless AP will then reasign a valid IP to you. \\ | ||
| + | |||
| + | Login in your router and go back to //Network -> Interfaces//, | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Change the IPv4 gateway to point to your main router, 192.168.1.1 by default. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Use the main router (192.168.1.1) for DNS. Same page but the //Advanced Settings// tab. Enter the IP of your main router in the //Use custom DNS servers// field and click //+//. | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Use the main router for DHCP (and disable DHCP for the Wireless AP). Same page again, now the //DHCP Server// tab. Ensure the //Ignore interface// checkbox is checked.\\ | ||
| + | |||
| + | {{: | ||
| + | |||
| + | Disable IPv6 DHCP. Same page, //DHCP Server// tab again, but click on the //IPv6 Settings// sub-tab. | ||
| + | **In versions of OpenWrt older than 21.02.0: | ||
| + | Press " | ||
| + | |||
| + | {{: | ||
| + | |||
| + | On the " | ||
| + | Most important steps are done, your wireless AP works!\\ | ||
| + | |||
| + | Review next steps for some fine tuning, enable WLAN or even add a Guest Network: | ||
| + | |||
| + | If you plan to add a " | ||
| + | **do not** do the next steps regarding turning off services labeled // | ||
| + | Deleting the WAN / WAN6 interfaces is compatible with having a GUEST network on your wireless AP. | ||
| + | |||
| + | - To save resources on the wireless AP router, disable unneeded services. | ||
| + | - Optionally, remove or disable the //WAN// and //WAN6// interfaces. | ||
| + | - //Note that by default OpenWrt does not enable wireless access.// | ||
| + | Click the //Save and Apply// button.\\ | ||
| + | |||
| + | Use an Ethernet cable to connect one of the LAN ports on your main router to one of the LAN ports (**not** the // | ||
| + | You may need to reboot or power cycle either or both routers, the device connecting your main router to the Internet, and potentially any connected devices. | ||
| + | Done!\\ | ||
| + | |||
| + | ===== Configuration via OpenWrt | ||
| The changes below assume an OpenWrt default configuration, | The changes below assume an OpenWrt default configuration, | ||
| Line 35: | Line 119: | ||
| ==== Step 1: Modify the Network ==== | ==== Step 1: Modify the Network ==== | ||
| - | Edit ''/ | + | Edit ''/ |
| === For switch-less devices, e.g. Alix Board, wr1043nd v2 === | === For switch-less devices, e.g. Alix Board, wr1043nd v2 === | ||
| Line 56: | Line 140: | ||
| option type ' | option type ' | ||
| option ifname | option ifname | ||
| - | option proto ' | + | option proto ' |
| </ | </ | ||
| - | Switch configuration on WR1043ND (barrier breaker): | + | Switch configuration on WR1043ND (barrier breaker). |
| < | < | ||
| Line 87: | Line 171: | ||
| option ifname | option ifname | ||
| option proto ' | option proto ' | ||
| + | </ | ||
| + | |||
| + | === Switch and dedicated WAN devices post 21.01 === | ||
| + | The syntax is slightly different for these devices. You will notice that there is a config device which lists the ethernet port(s) assigned to an interface (in this case the br-lan). It will also list the assigned port under the "list ports" clause. The gotcha here is that you must add a separate line for each "list ports" added to a device. If you try to add them to one "list ports" entry space or comma separated it will not work properly. Finally you can remove/ | ||
| + | < | ||
| + | option name ' | ||
| + | option type ' | ||
| + | list ports ' | ||
| + | list ports ' | ||
| + | |||
| + | config interface ' | ||
| + | option device ' | ||
| + | option proto ' | ||
| + | option netmask ' | ||
| + | option ipaddr ' | ||
| </ | </ | ||
| Line 113: | Line 212: | ||
| option key ' | option key ' | ||
| </ | </ | ||
| - | |||
| ==== Step 3: Disable DHCP Server ==== | ==== Step 3: Disable DHCP Server ==== | ||
| Line 122: | Line 220: | ||
| / | / | ||
| - | ==== Step 4: Disable Firewall ==== | + | If not disable dnsmasq service: |
| + | < | ||
| + | / | ||
| + | |||
| + | ==== Step 4: Disable DHCPv6 Server ==== | ||
| + | |||
| + | Disable [[docs: | ||
| + | < | ||
| + | uci set dhcp.lan.ra=disabled | ||
| + | uci commit | ||
| + | </ | ||
| + | |||
| + | Or disable service: | ||
| + | < | ||
| + | / | ||
| + | |||
| + | ==== Step 5: Disable Firewall ==== | ||
| < | < | ||
| / | / | ||
| + | |||
| + | ==== Step 6: Disable wpa_supplicant (if no STA WiFi interfaces) ==== | ||
| + | |||
| + | < | ||
| ===== Apply changes ===== | ===== Apply changes ===== | ||
| - | Reloading the network config should be enough, it should automatically restart if necessary. | + | Reloading the network config should be enough, it should automatically restart if necessary. Or just reboot. |
| < | < | ||
| ===== IPv6 ===== | ===== IPv6 ===== | ||
| + | If you would like your AP to receive IPv6 as a host only and not for routing you have to tell the DHCPv6 client not to request prefix delegation. | ||
| + | If you do not do this the AP will reject basic IPv6 addresses. | ||
| + | If you want to still be able to use IPv6 on the router itself change the '' | ||
| - | If you would like your AP to receive IPv6 as a host only and not for routing you have to tell dhcp6c not to request prefix deligation. | + | < |
| - | If you want to still be able to use ipv6 on the Router itself change the wan6 to lan6 and @wan to @lan | + | config interface ' |
| - | + | ||
| - | < | + | |
| option proto ' | option proto ' | ||
| option ifname ' | option ifname ' | ||
| - | option reqprefix no</ | + | option reqprefix |
| + | </ | ||
| + | |||
| + | ===== Disable Daemons Persistently ===== | ||
| + | Note that although the start-up of daemons such as firewall, dnsmasq, wpa_supplicant and optionally odhcpd have been set to disabled, when a new image is flashed to the device, they will be re-enabled. | ||
| + | < | ||
| + | # these services do not run on dumb APs | ||
| + | for i in firewall dnsmasq odhcpd; do | ||
| + | if / | ||
| + | / | ||
| + | / | ||
| + | fi | ||
| + | done | ||
| + | |||
| + | rm / | ||
| + | </ | ||
| + | |||
| + | ===== Populate Hostnames in Associated Stations ===== | ||
| + | Dumb APs will not have the data to display hostnames of the associated devices. | ||
| + | |||
| + | On the router, one can extract this data with the following one-liner: | ||
| + | < | ||
| + | < dhcp.leases | awk ' | ||
| + | </ | ||
| + | |||
| + | See the following discussion threads for additional approaches: | ||
| + | * Using fping to populate ethers file: https:// | ||
| + | * An improved fping approach: https:// | ||
| + | * Propagating dhcp.leases to secondary (dumb) access points: https:// | ||
| + | |||
| + | |||
| + | ===== Multicast ===== | ||
| + | |||
| + | DLNA and UPnP clients, and printer or SMB discovery protocols tend to work by using multicast packets. For example PlayStation, | ||
| + | |||
| + | On WiFi the //slowest// modulation available is used for multicast packets (so that everyone can hear them). If you have " | ||
| - | ===== Multicast Forwarding ===== | + | There are two possible fixes for this, one is to //enable// multicast snooping: '' |
| - | Multicast forwarding | + | |
| - | Add this into / | + | ==== Notes: ==== |
| - | < | + | |
| - | Replace **br-lan** with your actual bridge interface, sometimes also called **br0**. | + | |
| - | This will forward all multicast packets | + | * //Dumb AP wireless can be configured to control access as Open/ |
| + | * //' | ||
| + | * //This recipe is similar | ||
| + | * // | ||