AR150 Wireless Mesh

Routers
31

@Justin

A lot of people helped get me this far and paying it forward feels right.

By chance, did you eventually go with BATMAN or OLSR?
I went with kmod-batman-adv from a field of OLSR, 802.11s, and BATMANd. Reasons:
  • VLANs worked on kmod-batman-adv on my first attempt. I had 3 days left until I tilted the towers. Crunch, the great equalizer!
  • k-b-a, like 802.11s runs at layer 2 (Data Link/MAC) so AP clients can roam without additional tricks. OLSR and BATMANd run at layer 3 requiring things like RELAYd to make it work. Put simply, k-b-a presented a great VLAN trunking switch in the sky. That allowed me to simplify the design.
Considerations for the future:
  • If 802.11s will support VLANs it has some advantages like diagnostics and visualization included. k-b-a needs alfreD to visualize the network although it adds other capabilities.
  • k-b-a includes a great deal of "hand wavium"(tm) that one must learn. Multicast rates require a minimum speed or k-b-a ignores them as if they didn't exist. Have fun diagnosing that without visualization. Small packets ping with a reasonable rtt, large packets are dropped. Suddenly we're looking for an MTU issue when it is simply we've caused the radio to shift speeds mid-packet and the link no longer exist to k-b-a.
  • 802.11s allows for slower links. This is good for instance if you have someone running Square. The protocol is light and the additional radio time is not much of a consideration on a network of Square users. They won't stream music, but that isn't the goal. In contrast, k-b-a will require 2 radios to bring the signal level up enough to allow a functioning link. That's two additional towers, radios, power, batteries, enclosures, hops, man hours, etc... when all I have is a client worth $10 on the other end of the link who wants Square. The network needs to bend to meet their expectation and be cost effective.
 

If so, is adding that file all you needed to do to make encryption work?


If you have an functioning adhoc link regardless of the protocol (batmand, k-b-a, OLSR) these steps will add CCMP/AES:

  1. opkg update
  2. opkg remove wpad-mini
  3. opkg install wpad authsae (authsae does Authorization by the Simultaneous Authentication of Equals and is the real magic here)
  4. edit /etc/config/wireless
  5. For your adhoc network
    1. change option encryption to "psk2"
    2. add option key "yourkey"
  6. repeat on all other routers
  7. wifi down
  8. wait 5...4...3...2...1...
  9. wifi up
  10. MAGIC! (lol)
Two tips:
  1. Use a generator to create your encryption key! It'll be static across all your devices. Make it a challenge to the supercomputer brute squad. (examples: https://www.grc.com/passwords.htm - OR - http://randomkeygen.com/ )
  2. Use a generator to create your BSSID! Never use a BSSID you find in an example. (examples: https://www.hellion.org.uk/cgi-bin/randmac.pl - OR - http://www.miniwebtool.com/mac-address-generator/ )