802.11s Rapid Deployment
An 802.11s mesh backhaul can be rapidly deployed by taking advantage of the OpenWrt Firmware Selector (or the Image Builder) and the Mesh11sd package.
We will go through the simple steps to create a flash image that contains all that is required to deploy a mesh network backhaul.
In this case we will use one hardware model, but there is no requirement for all the nodes of the mesh to be the same hardware. Obviously, a flash image will have to be made for each hardware type.
For this example we will use the GL-iNet MT300N-V2, a tiny low cost device capable of 300Mb/s in backhaul operation.
Using The Firmware Selector to Create a Custom Image
The Firmware Selector can be found here:
https://firmware-selector.openwrt.org/
Open the link in your browser.
Select the model
Select the version of OpenWrt
Click on “Customize installed packages and/or first boot script”
In the upper text box, labelled “Installed Packages”, you will see a list of packages.
At or near the end you will see wpad-basic-mbedtls. Add a minus sign (-) in front of it, ie -wpad-basic-mbedtls
At the end of the list add wpad-mbedtls
Also add kmod-nft-bridge
and
mesh11sd
For our example of the GL-MT300N-V2, the upper text box will now look like this:
base-files busybox ca-bundle dnsmasq dropbear firewall4 fstools kmod-gpio-button-hotplug kmod-leds-gpio kmod-mt7603 kmod-nft-offload kmod-usb-ohci kmod-usb2 libc libgcc libustream-mbedtls logd luci mtd netifd nftables odhcp6c odhcpd-ipv6only opkg ppp ppp-mod-pppoe procd procd-seccomp procd-ujail swconfig uci uclient-fetch urandom-seed urngd -wpad-basic-mbedtls wpad-mbedtls kmod-nft-bridge mesh11sd
Now, in the lower text box, add the following:
uci set mesh11sd.setup.auto_config='1' uci set mesh11sd.setup.auto_mesh_id='MyMeshID' uci set mesh11sd.setup.mesh_gate_encryption='3' uci set mesh11sd.setup.mesh_gate_key='mywificode' uci commit mesh11sd uci set network.lan.ipaddr='192.168.9.1' uci commit network rootpassword="myrootpassword" /bin/passwd root << EOF $rootpassword $rootpassword EOF
Replace MyMeshID with a secret mesh id string of your choice.
Replace mywificode with a wifi access code you will use for connecting user devices to the mesh gates (access points).
Replace myrootpassword with a secret root password of your choice.
NOTE: Selecting mesh_gate_encryption='0' will enable OWE Transition mode, supporting “Enhanced Open” encryption on client devices that support it (most recent ones) or falling back to legacy “open unencrypted” for those that don't.
This is ideal for “guest” type systems and public venues, providing a level of security previously not availble.
Note: For CPE mode, see: cpe_mode
Optionally, you can replace 192.168.9.1 with another “private” ipv4 address to be used as the ipv4 gateway for the mesh network.
NOTE: this ip address is configured exactly the same for every mesh node, but is only enabled for a Portal node.
A portal node will have its wan port connected to a lan port on the upstream (isp) router which provides your Internet feed.
Finally, click “REQUEST BUILD” to build your customised firmware.
Once the firmware build has completed, you should download it and reflash all your meshnode devices (of the same hardware type).
If you have more than one hardware type, repeat the above build process for each type, keeping the configuration the same between types.
Deploy Your Meshnodes
There are two types of deployment for your meshnodes.
- As a fully routed mesh network with an Internet feed uplink connected to the wan port of one of the nodes.
- As a mesh extension of an existing local area network with a link to the existing lan connected to the lan port of one of the nodes.
As you can see, the only difference between these two deployment types is the connection, wan in the “routed mesh” version and lan in the “mesh extension” version.
There is NO configuration difference, everything is handled by auto_configure in the node.
Connect an ethernet patch lead, on just one meshnode, either to its wan port or its lan port, depending on whether you want “routed mesh” or “mesh extension”.
Connect the other end of the patch lead to a lan port of your isp or existing router, and power up the node.
For a “routed mesh”, this node will autoconfigure as a portal node, routing ip traffic from the isp or other router's lan to the new mesh backhaul subnet.
For a “mesh extension”, this node will configure as a peer node, bridging traffic from the isp or other router to the mesh backhaul.
Place all the other meshnodes in their desired locations, with at least pairs of nodes within range of each other.
Power them all up and wait for a few minutes for booting to complete and the mesh backhaul to establish.
Additional Setup Options
CPE mode
One of the most useful options in a “Community” or “Public” mesh network is CPE mode.
CPE mode (Customer[Client] Premises Equipment, is a special configuration mode for a mesh gate, where the gate provides a nat routed ipv4 network for clients.
For CPE mode, enter the following into the Firmware Selector lower text box:
uci set mesh11sd.setup.auto_config='1' uci set portal_detect='3' uci set mesh11sd.setup.auto_mesh_id='MyMeshID' uci set mesh11sd.setup.mesh_gate_encryption='3' uci set mesh11sd.setup.mesh_gate_key='mywificode' uci commit mesh11sd rootpassword="myrootpassword" /bin/passwd root << EOF $rootpassword $root password EOF
Note: For CPE mode, it is recommended that a ipv4 lan address is not specified. One will be automatically generated based on the mac address of the node.
Other Options
There are also numerous setup options that can be added to the configuration, such as the wireless band to use, the backhaul channel, the mesh path cost etc.
Full details can be seen here:
https://github.com/openNDS/mesh11sd/tree/master#6-setup-options