How-to, notes, thoughts

Openwrt Mesh 80211s

When I moved to the last apartment, there were too many wifi routers around me, and my old MikroTik (hAP ac lite) barely was able to cover my needs. It didn’t have external antennas, and with all the tuning, I wasn’t able to get even 100 MBit/s in all rooms. At the same time, my old friend purchased a new Chinese Xiaomi router. At that time, it was powerful and not expensive. So, I decided to try it. After about 6 months of waiting (it was the beginning of COVID), I finally got a router. It worked great out of the box, much better than my ten times tuned MikroTik. At some point, we moved to a house, and one router couldn’t cover all areas. Therefore, I decided to extend the coverage by purchasing another Xiaomi router. It was one of the cheapest solutions, around $35. At the same time, this router finally got OpenWrt firmware.

My set up

I didn’t want to put extra cables and decided to try using it as wireless repeater.

Locate disk

Router and how to setup OpenWRT: Xiaomi Redmi Router AC2100

Firmware version: 22.03.5

Devices:

  • Primary mesh device
    • This is the device that is connected to the internet (e.g. via a network cable to a cable/DSL modem)
    • This device acts as a router and will manage the DHCP, DNS, and firewall for the network
    • This device can also act as a wireless AP (access point)
  • Secondary mesh device(s)
    • These devices will extend the wireless network and act as wireless APs

Configuration steps

Main router:

Uninstall (note: it’s via SSH, do this on all devices):

opkg update
opkg remove wpad-mini
opkg remove wpad-basic
opkg remove wpad-basic-wolfssl

Install (note: do this on all devices):

opkg install wpad-wolfssl

Set up the mesh network using LUCI

  1. Configure the LAN interface

    1. Set the IP

      On the primary mesh device you’ll want to set a static IP (e.g. 192.168.0.1). On the secondary mesh devices you can also set a static IP on the same subnet (e.g. 192.168.0.2) or you can use DHCP instead.

      • Set a static IP: Network > Interfaces > LAN > Edit > Change IPv4 address > Save

      • Use DHCP: Network > Interfaces > LAN > Edit > Protocol > DHCP client > Save > Apply unchecked

    2. For all secondary mesh devices with a static IP:

      1. Network > Interfaces > LAN > Edit

      2. IPv4 gateway > Set to the IP of the primary mesh device (e.g. 192.168.0.1)

      3. Use custom DNS servers > Add the IP of the primary mesh device

      4. Save > Save & Apply

  2. (Optional) Disable unnecessary services

    For secondary mesh devices, you can optionally disable some services that will be provided by the primary mesh device

    1. System > Startup

    2. Click Enabled for each of these services (if you see Disabled, it means they’re already disabled):

      • dnsmasq
      • firewall
      • odhcpd

      (If you built your own OpenWrt package without these services (-dnsmasq, -firewall, -odhcpd), they will not be displayed on the Startup screen)

  3. Configure the mesh wireless network

    1. Network > Wireless

    2. Either Add a new network or Edit an existing network

      It shouldn’t matter whether the mesh network is the primary or secondary network

    3. Under Device Configuration > General Setup

      1. Set Channel to a specific channel (this must be the same on all mesh devices)

    4. Under Device Configuration > Advanced Settings

      1. Set Country Code

    5. Under Interface Configuration > General Setup

      1. Set Mode to 802.11s

      2. Set the Mesh Id

        This can be any string (e.g. 80211s-mesh), but it must be the same on all mesh devices

        I like to use a random value (e.g. generated using openssl rand -hex 6) since the mesh network may be visible by some clients

      3. Set Network to lan

        This will prevent the firewall from blocking traffic between the mesh routers so all devices on the mesh network can see each other

    6. Under Interface Configuration > Wireless Security

      1. Set Encryption to WPA3-SAE
      2. Set Key to a randomly generated secure string

    7. Save > Save & Apply

    8. If you see Wireless network is disabled under the mesh network, click Enable

  4. Configure the wireless network for clients

    Skip this step if you already have a wireless network for clients

    1. Network > Wireless

    2. Either Add a new network or Edit an existing network

      Make sure you don’t edit the mesh network you just created 😄

    3. Under Interface Configuration > General Setup

      1. Set Mode to Access Point

      2. Set ESSID to the same value on all routers

        This will make the network look the same to clients so they can automatically switch between any of the mesh routers

      3. Set Network to lan

    4. Under Wireless Security

      1. Set Encryption to WPA2-PSK
      2. Set Key to the same values on all routers

    5. Save > Save & Apply

Set up the mesh network over SSH

  1. Connect to the device, e.g.

    ssh [email protected]

  2. (As needed) Set the root password

    passwd

  3. (As needed) Change the IP address

    Make sure each router on the mesh network has a different IP on the same subnet (e.g. 192.168.0.2)

    1. Edit /etc/config/network

      vi /etc/config/network

    2. Under config interface 'lan' set option ipaddr

    3. Restart the network

      service network reload

  4. For all secondary mesh devices:

    uci set network.lan.gateway='192.168.0.1'
uci add_list network.lan.dns='192.168.0.1'

    (Replace the IP address with the IP of the mesh device that is connected to the internet)

  5. Configure the mesh wireless network

    1. Edit /etc/config/network

      vi /etc/config/network

    2. Under config wifi-device 'radio0':

      1. Remove this line to enable the wireless radio:

                option disabled '1'

      2. Update the options to set the channel and country, e.g.

                option channel '1'
        option country 'IO'

    3. Still in /etc/config/wireless, add a new section to create the mesh interface

      config wifi-iface 'mesh'
        option device 'radio0'
        option network 'lan'
        option key 'gqjfjfn7smcKu&bx'
        option mesh_rssi_threshold '0'
        option mesh_fwding '1'
        option mode 'mesh'
        option mesh_id 'ef4ef8ebb23d'
        option encryption 'sae'

      (Replace key and mesh_id with your own values)

  6. Restart the wireless interface

    wifi

  7. (Optional) Tail the logs to make sure it worked

    logread -l 20 -f

    e.g.

    # logread -l 20 -f
Fri Jan  8 18:31:12 2021 daemon.notice wpa_supplicant[2257]: wlan0: MESH-GROUP-STARTED ssid="ef4ef8ebb23d" id=0
Fri Jan  8 18:31:12 2021 daemon.notice wpa_supplicant[2257]: wlan0: new peer notification for 24:a4:3c:ae:df:83
Fri Jan  8 18:31:13 2021 daemon.notice wpa_supplicant[2257]: wlan0: mesh plink with 24:a4:3c:ae:df:83 established
Fri Jan  8 18:31:13 2021 daemon.notice wpa_supplicant[2257]: wlan0: MESH-PEER-CONNECTED 24:a4:3c:ae:df:83

  8. (Optional) View the mesh status

    iw dev wlan0 station dump

    e.g.

    # iw dev wlan0 station dump
Station 24:a4:3c:ae:df:83 (on wlan0)
    inactive time:	10 ms
    rx bytes:	11614506
    rx packets:	50030
    tx bytes:	13971217
    tx packets:	23604
    tx retries:	1760
    tx failed:	0
    rx drop misc:	3220
    signal:  	-52 [-54, -56] dBm
    signal avg:	-54 [-56, -58] dBm
    Toffset:	21971078389 us
    tx bitrate:	115.6 MBit/s MCS 13 short GI
    rx bitrate:	57.8 MBit/s MCS 11 short GI
    rx duration:	0 us
    expected throughput:	42.388Mbps
    mesh llid:	0
    mesh plid:	0
    mesh plink:	ESTAB
    mesh local PS mode:	ACTIVE
    mesh peer PS mode:	ACTIVE
    mesh non-peer PS mode:	ACTIVE
    authorized:	yes
    authenticated:	yes
    associated:	yes
    preamble:	long
    WMM/WME:	yes
    MFP:		yes
    TDLS peer:	no
    DTIM period:	2
    beacon interval:100
    connected time:	1429 seconds
July 15, 2023 openwrt