Posted: Wed Oct 16, 2024 2:21 Post subject: Discussion Thread - 802.11s Mesh Networks [Series]
Maybe i Misunderstand the s connection but I guess let me put my understanding of how i think this works and get holes poked in it..
If i have a normal WAP say jonny1 on channel 6 thru a 7800 and i want to "fake" mesh everything in the house so it switches...old style and i have another wap on a archer c7 v2 and that is also jonny1 on channel 6 and then I have my main router on another 7800 which also has a wap on jonny1 on channel 6....these are all bridged and depending on how i have the networks assigned, I could get away with them all on the same subnet and have say a phone autoswitch between signals as i walk thru the house. Yeah thats the old horrible way we used to do it but it worked and all served by 1 dchp (or static i guess)
Okay now i step into the future past and go to a segregated network. So one way of doing it is they backhaul to one another instead of having the wired drops etc etc. So they have a mesh but essentially its the same as above except a wire is replaced with the backhaul and it (phone) goes between ap as you cruise around on the same network.
If i then want to switch that network to have 2 vlans on the same equipment, basically adding a vwap...vap onto the mesh, why is that not handled just from the one main router/dhcp table and trunked at the main router via the port for each vlan.
So now in theory I have jonny1 and jonnymedia and jonny1 gets 192.168.1.x and jonnymedia gets 192.168.5.x, i am not following why i would need 4 bridge assignments instead of 2 at each part of the mesh.
Even drawing this out I guess i am missing where the extra are needed.
I currently have a more complex non mesh similar setup with everything segregated by vap, but thats because i have had so many headaches with mesh and such that its easier, and it allows me to have a few wifi points that I control on the routers to serve different vpn services etc etc.
So instead of jonny1 only...the bedroom has jonny6 and the front part of the house has jonny8 but the media is on jonnymed everywhere and add in a few vpn connections...
I have the media devices on vlan 2 lets say and they cant cross to 1, but on the router I can control via ip address if it uses the vpn or not. For example, I have 2 vaps on the bedroom router and if its on jonnymed its the us but if its on jonnyvpn1 its on the same bridge and vlan (I think, been awhile since I set all this up) but the router assigns a different ip address and thus it uses the vpn to britain instead of the us. So in the bedroom if i want to watch us stuff its on jonnymed but british is on jonnyvpn1.
So same VLAN/traffic segregated from the other traffic, but the router then switches it to the britain ip...still segregated from the jonny1 loop traffic but not necessarily from the other media traffic. What would be different about mesh or mesh S? And currently all is this (dhcp) is served from the local router on each segment, not from the main router....though thats where the mx4300 dhcp problems are showing up (separate issue)
Could i replicate this in mesh and wouldnt it only be 2 instead of 4 at say the bedroom router or am I missing something simple. Hopefully this makes sense...
Even following with Lex example, I am thinking should only need one for each vlan...normal, media, guest...Is it just to be extra segregating everything that you need the extra bridge?
Please poke holes and make suggestions...I am clearing cobwebs out and also trying to learn something at the same time
Complex setups expect complex questions. I will do my best to work through this to the best of my understanding of how this works and your concerns regarding this setup. I will assume you are referring to the previous post regarding my example setup, which I am actually using in production.
sanjonny wrote:
If i have a normal WAP say jonny1 on channel 6 thru a 7800 and i want to "fake" mesh everything in the house so it switches...old style and i have another wap on a archer c7 v2 and that is also jonny1 on channel 6 and then I have my main router on another 7800 which also has a wap on jonny1 on channel 6....these are all bridged and depending on how i have the networks assigned, I could get away with them all on the same subnet and have say a phone autoswitch between signals as i walk thru the house. Yeah thats the old horrible way we used to do it but it worked and all served by 1 dchp (or static i guess)
Yep, and that is the way I used to do it as well. Messy but it worked. Of course you have to play with the txpower to equalize the best you can for this to work well.
Quote:
If i then want to switch that network to have 2 vlans on the same equipment, basically adding a vwap...vap onto the mesh, why is that not handled just from the one main router/dhcp table and trunked at the main router via the port for each vlan.
It is. I have one router handling off all the dhcp requests and it runs four dhcp servers. The main network dhcp server, and one for each of the three vlans (IoT, Guest and Media). I did not include this as part of the example as this was more or less written for people that already have such a setup on their network. You would need to add a dhcp server for each bridge containing the vlan on the main router.
Quote:
So now in theory I have jonny1 and jonnymedia and jonny1 gets 192.168.1.x and jonnymedia gets 192.168.5.x, i am not following why i would need 4 bridge assignments instead of 2 at each part of the mesh. Even drawing this out I guess i am missing where the extra are needed.
Yeah, this is where it gets complicated and hopefully I can do a halfway decent job of explaining it. The trunk port needs to be set up with each vlan, in this case wlan0.10-12 on the mx4300 and wlan1.10-12 on the ea8500. It's only purpose is to get the trunk over the wireless to the secondary node. Now that we have the trunk over on the secondary, we have to split them up, so this requires more bridge assignments in order to pull it off. In my case, I am only splitting them to hardware LAN ports, but could also split them off to VAPs if desired. I don't need this in my use case, so I am not doing it. However, if you do need VAPs, then you would not have four bridges, but you would also need an additional one for each VAP so your bridging tables would get quite large and confusing, especially if you don't label everything appropriately. This is why I specifically say over and over, LABEL EVERYTHING!
Quote:
I currently have a more complex non mesh similar setup with everything segregated by vap, but thats because i have had so many headaches with mesh and such that its easier, and it allows me to have a few wifi points that I control on the routers to serve different vpn services etc etc.
So instead of jonny1 only...the bedroom has jonny6 and the front part of the house has jonny8 but the media is on jonnymed everywhere and add in a few vpn connections...
Everyone is going to have a different setup. I am not using any VPNs over wireless. I only have one Wireguard VPN server so I can control my Home Assistant when away. That's enough for me. Sorry I am unable to provide any assistance here.
Quote:
I have the media devices on vlan 2 lets say and they cant cross to 1, but on the router I can control via ip address if it uses the vpn or not. For example, I have 2 vaps on the bedroom router and if its on jonnymed its the U.S. but if its on jonnyvpn1 its on the same bridge and vlan (I think, been awhile since I set all this up) but the router assigns a different ip address and thus it uses the vpn to Britain instead of the U.S. So in the bedroom if i want to watch U.S. stuff its on jonnymed but British is on jonnyvpn1.
As long as your main router is configured correctly for this to happen, it should trickle down to the wireless as well. Just change the VAP you are connected to, and it should work. This is way beyond my example post and sorry cannot really comment more on it. It beyond the purpose of this 802.11s series. As long as your main router can do it from the vlans, it should all just work on down the line provided the trunk ports are all intact and working.
Quote:
Could i replicate this in mesh and wouldnt it only be 2 instead of 4 at say the bedroom router or am I missing something simple. Hopefully this makes sense...
Even following with Lex example, I am thinking should only need one for each vlan...normal, media, guest...Is it just to be extra segregating everything that you need the extra bridge?
The vlans assigned to wlan0.10-12 and wlan1.10-12 (mesh trunk) are internal only and would not be visible on the VAPs. This is why you have to break them out via their own bridges to get them to either the LAN ports or the VAPs. In your case, "normal" would not need a vlan (unless you want it), it would be carried over wlan0 and wlan1. wlan0.xx and wlan1.xx would be the vlan trunk.
I am sure I've probably created more questions than answers. I have ask @ho1Aetoo to review this series of posts and make any suggestions he may have (as he is the resident vlan expert) but I have not heard back from him. Hopefully this helps somewhat. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Joined: 07 Jan 2011 Posts: 18 Location: San Jose, CA
Posted: Mon Dec 02, 2024 3:41 Post subject: Ethernet Backhaul and 802.11s as AP
Lexridge, great writeup. Is it possible to implement 802.11s with an ethernet (wired) backhaul? Presumably this means that 802.11s is implemented over the wired connections.
Also, I have heard of people using mesh products to implement an AP behind an existing router, also configured with the nodes hardwired.
Posted: Mon Dec 02, 2024 4:09 Post subject: Re: Ethernet Backhaul and 802.11s as AP
rknox wrote:
Lexridge, great writeup. Is it possible to implement 802.11s with an ethernet (wired) backhaul? Presumably this means that 802.11s is implemented over the wired connections.
I am pretty sure this is possible. It's written into the specification anyway. Whether DD-WRT supports this or not is unknown to me. I would assume it is supported.
Quote:
Also, I have heard of people using mesh products to implement an AP behind an existing router, also configured with the nodes hardwired.
Not sure I understand what you are getting at here. My main mesh AP is behind my main gateway router and is hard wired. If you are asking if you can hard wire another AP into a mesh point that operates as a pure AP, then yes this would be possible as well.
Both your questions are a little vague. Perhaps a more detailed view of what you are wanting to achieve is warranted.
Here is a pretty easy to understand write up on the basics of MESH networking:
https://www.cwnp.com/uploads/802-11s_mesh_networking_v1-0.pdf _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Joined: 07 Jan 2011 Posts: 18 Location: San Jose, CA
Posted: Mon Dec 02, 2024 4:52 Post subject: re: Ethernet Backhaul and 802.11s as AP
Thanks, I'll take a look at the document.
Basically, I have been using a NetGear R7000 running dd-wrt. I have some coverage issues and was looking to implement a mesh solution. I have however also run cable to key parts of my home. So, for me it seemed a good solution would be to grab the attractively priced MX4200/4300 units, implement it as you have described, but take advantage of the ethernet I already have in place. I don't have the AX units yet so was trying to find out if the wired backhaul solution had been tried.
Alternatively, I was thinking I could keep the R7000 but replace its lackluster wireless with a mesh AP consisting of MX4200s or similar.
I will probably get the MXs and start with your implementation.
Posted: Mon Dec 02, 2024 5:15 Post subject: Re: re: Ethernet Backhaul and 802.11s as AP
Since you already have the cables ran, I would definitely hook them up to each node. Let's see what happens!! I don't know what will happen, but would sure be great to find out. If nothing else, it will still give you access to the router if the mesh goes offline and super handy when configuring it to begin with.
You didn't mention if you would be using vlans. It may be easier to route or bridge all the wireless traffic to a vlan that is only available on wired connection. This kind of setup is all new to me too, so you should create a new thread on it as you proceed.
While 802.11s has been including in DD-WRT since what, 2018? It has never really been used except for a handful of folks and no howto was ever written for it. Well, until recently anyway. It was largely the OpenWRT (using mx4300s) folks coming over that really wanted it working and that stuck my interest to attempt to set it up myself (since I bought 4 of these things). So not much is written on this forum about it until recently. So we are all kinda learning as we go. The more people who use 802.11s in different ways is very useful and valuable to the dd-wrt community as a whole. Please keep us informed of your progress. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
I think adding the R7800 yesterday as a third router is where my issues started cropping up. I will test again soon and replace the EA8500 with the R7800 and see how that goes.
That quote comes from the 58753 build thread which is not the place for that dicussion so here I am.
I tried the Mesh setup again between R7800 and R7500v2, which is even more similar than R7800 to your EA8500.
No dice.
Reset, configure, and reboot both routers they never connect, Channel under status-> wireless is unknown and wlan0, Radio Mode Mesh, is not found with WiFi Analyzer.
Maybe that is normal?
Nothing was changed under Advanced Settings 802.11s Mesh Settings
Set WPA3 CCMP-128 (AES).
That quote comes from the 58753 build thread which is not the place for that dicussion so here I am.
Good choice. It was certainly not the place for this discussion.
Quote:
I tried the Mesh setup again between R7800 and R7500v2, which is even more similar than R7800 to your EA8500.
No dice.
Reset, configure, and reboot both routers they never connect, Channel under status-> wireless is unknown and wlan0, Radio Mode Mesh, is not found with WiFi Analyzer.
Maybe that is normal?
Nothing was changed under Advanced Settings 802.11s Mesh Settings
Set WPA3 CCMP-128 (AES).
I did set SAE Passphrase same on both routers.
Sounds like you did everything correctly. I had the same problem with the radio showing up as "Unknown" and it took a few resets to get it working. My R7800 was running r56820 when I initially set it up on the mesh network and I then upgraded it wirelessly over the mesh to r58753 and it continued to work as well as I described in the build thread. Are you getting "Unknown" on both routers or just the R7800?
Maybe try going back to r56820, do a reset and try again. Once you enable 802.11s save and reboot and upon rebooting, first check the status of it before moving forward. Otherwise you are just wasting time.
Oh almost forgot, WiFi Analyzer does not show 802.11s SSIDs for some reason. Even with WPA3 filter turned on. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Yes both routers, R7500v2 and R7800.
Broke out my spare 7800 and fiddled with it couple hours tonight.
Tried with/without passphrase, different channels, SFE off, more.
Not going to happen.
Too bad since WDS is FUBAR.
Sad but I think some of these older routers are on the brink of non-support because of firmware size requirements. I am not saying that is the case, but so many things had to be removed from the R7800 just to make room for all the NSS and ECM kernel modules. While I was able to make 802.11s work on my R7800, it was a bigtime PiTA. The MX4300s and even the EA8500 just easily worked with no special settings. The EA8500 is using DD-WRT firmware for the radio, as opposed to Vanilla. I assume yours are the same since it's the default. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Good to hear you got it working. It is a bit odd these Netgear devices need so many resets to get the radios to turn on and get connected. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
Posted: Tue Dec 10, 2024 16:20 Post subject: Epilogue
The multiple resets were more likely PEBCAK related in my case.
Full config complete and serving as Gway.
All that I use is working other than WG server. Android client completes handshake but that is all, no internet.
WG client to Proton works fine.
Vap's on both radio's.
DDNS refused to update but after overnight that fixed itself.
Butas mentioned in OP wireless speeds suffer. Iperf between routers on 5Ghz 400Mb/s max.
Pc connected 5Ghz VAP only does 400Mb/s wan ->wlan with 500 Mb/s pipe which has been over 600 lately.
So mesh experiment over. With this speed limitation I am going back to WDS and last working build with vap enabled.
Edit: WG server working after a do-over. More PEBCAK suspected.
Last edited by bushant on Wed Dec 11, 2024 15:51; edited 1 time in total
I am getting around 35MBps throughput on mine but I am not using any VAPs on the secondary node EA8500. I am just using three of the LAN ports assigned to my media vlan12 (the WAN is presently an unused trunk port). It's plenty fast enough for my purposes. They are connected to an Onkyo home theatre receiver, a TCL 4k smart TV and a RPi3 running Volumio. All are 100Mb connections.
I also dropped the 5ghz MESH channel width down to 40mhz on both nodes as I felt 80mhz was overkill. It made zero difference in throughput. I have a suspicion whenever 802.11s is selected the channel width is locked at 80mhz (even though it lets me change it to 40mhz). Status/Wireless shows they are connected to each other using VHT80SGI. _________________ - Linksys EA8500: I-Gateway, WAP/VAP 5ghz only. Features: VLANs, Samba, WG, Entware - r60xxx
- Linksys EA8500: 802.11s Secondary w/VLAN Trunk over 5ghz - r60xxx
- Linksys MX4300: 802.11s Primary w/VLAN Trunk over 5ghz. 2.4ghz WAP/VAP only - r60xxx
- Linksys MX4300: (WAP/VAP (7)) Multiple VLANs over single trunk port. Entware/Samba r60xxx
- Linksys MR7350: WDS Station for extended Ethernet r60xxx
- Linksys MR7500, MX8500: None in production. Just testing. r60xxx
- OSes: Fedora 40, 10 RPis (2,3,4,5), 23 ESP8266s: Straight from Amiga to Linux in '95, never having owned a Windows PC.
- Forum member #248
