Hi,
I have a special question on confgurating our batman advanced setup. We have a Tinc VPN on tap0, and behind this VPN is a dhcp server and an internet gateway which is reachable trough the ip 10.18.0.1. On the router I have ath1, an adhoc wlan device, on which batman advanced is sending packagets. Now bat0 and tap0 are brindged to br-mesh. Like you can see in the configuration:
root@Floh:~# cat /etc/config/network [...] config 'interface' 'mesh' option 'type' 'bridge' option 'ifname' 'bat0 tap0' option 'stp' '1' [...]
root@Floh:~# cat /etc/config/batman-adv config 'mesh' 'bat0' option 'interfaces' 'ath1' option 'orig_interval' option 'log_level'
[batman] [client]-->[adhoc ath1]-->[bat0][br-mesh][tap0]-->internet-->[gateway/dhcp]
Other nodes running the same configuration but not connecting trought vpn can connect to the dhcp server through batman advanced and the adhoc device.
If a client (laptop) without batman advanced tries to connect, it has no success because it does not get an I address.
What can I do? I can not open a second wifi device in ap mode and add it to mesh. I know that this would be the best way but I´m trying this on an wrt54g and the b43 driver does not support multi essid.
Regards Clemens
Hi,
Am Freitag, den 28.01.2011, 23:46 +0100 schrieb Clemens John:
What can I do? I can not open a second wifi device in ap mode and add it to mesh. I know that this would be the best way but I´m trying this on an wrt54g and the b43 driver does not support multi essid.
I think if we don't want to change back our configuration (batman-adv on vpn with its mtu-problems etc.) the simplest way would be connecting a usual router to the wrt54g.
regards Bjoern
Hi,
I think if we don't want to change back our configuration (batman-adv on vpn with its mtu-problems etc.) the simplest way would be connecting a usual router to the wrt54g.
I don't think the VPN is the problem here but the fact that you can't bridge an interface running in adhoc mode. Ad-hoc is "lacks" a field in the wifi header which makes bridging impossible. However, I agree with your proposed solution - another router connected to the Ethernet of the wrt54g can solve the issue.
Regards, Marek
Am Samstag 29 Januar 2011, 19:00:50 schrieb Marek Lindner:
Hi,
I think if we don't want to change back our configuration (batman-adv on vpn with its mtu-problems etc.) the simplest way would be connecting a usual router to the wrt54g.
I don't think the VPN is the problem here but the fact that you can't bridge an interface running in adhoc mode. Ad-hoc is "lacks" a field in the wifi header which makes bridging impossible. However, I agree with your proposed solution - another router connected to the Ethernet of the wrt54g can solve the issue.
This is not possible in this case (I don´t have another router).
Is there onother (maybe harder) way or a hack to do get the same result like when bridging two interfaces? Maybe with iptables?
Or does anyone know what the status of multiple ssid on wrt54g with kernel 2.6 is?
Regards Clemens
Clemens John wrote:
Am Samstag 29 Januar 2011, 19:00:50 schrieb Marek Lindner:
Hi,
I think if we don't want to change back our configuration (batman-adv on vpn with its mtu-problems etc.) the simplest way would be connecting a usual router to the wrt54g.
I don't think the VPN is the problem here but the fact that you can't bridge an interface running in adhoc mode. Ad-hoc is "lacks" a field in the wifi header which makes bridging impossible. However, I agree with your proposed solution - another router connected to the Ethernet of the wrt54g can solve the issue.
This is not possible in this case (I don´t have another router).
Is there onother (maybe harder) way or a hack to do get the same result like when bridging two interfaces? Maybe with iptables?
Or does anyone know what the status of multiple ssid on wrt54g with kernel 2.6 is?
Regards Clemens
IIRC, this is not a software problem, this is a limitation with the hardware radio device, so I wouldnt hold my breath.
Wayne A
On 31/01/11 18:32, Clemens John wrote:
Am Samstag 29 Januar 2011, 19:00:50 schrieb Marek Lindner:
Hi,
I think if we don't want to change back our configuration (batman-adv on vpn with its mtu-problems etc.) the simplest way would be connecting a usual router to the wrt54g.
I don't think the VPN is the problem here but the fact that you can't bridge an interface running in adhoc mode. Ad-hoc is "lacks" a field in the wifi header which makes bridging impossible. However, I agree with your proposed solution - another router connected to the Ethernet of the wrt54g can solve the issue.
This is not possible in this case (I don´t have another router).
Is there onother (maybe harder) way or a hack to do get the same result like when bridging two interfaces? Maybe with iptables?
Or does anyone know what the status of multiple ssid on wrt54g with kernel 2.6 is?
Regards Clemens
If your non-batman clients don't need incoming connections, you could NAT outgoing connections : [client]-->[adhoc ath1]-->NAT-->[br-mesh] You would have to run a DHCP server on the ath1 interface to give those clients a private IP and tell them to use the private IP on ath1 as their router.
-Kevin
--- Have a vacancy for a Network Engineer/IT guy in London, UK? Please let me know.
Am Dienstag 01 Februar 2011, 11:51:16 schrieben Sie:
If your non-batman clients don't need incoming connections, you could NAT outgoing connections : [client]-->[adhoc ath1]-->NAT-->[br-mesh] You would have to run a DHCP server on the ath1 interface to give those clients a private IP and tell them to use the private IP on ath1 as their router.
What do I have do insert into iptables to NAT ath1 to br-mesh? I´m a complete firewall noob.
Regards Clemens
On 04/02/11 15:38, Clemens John wrote:
Am Dienstag 01 Februar 2011, 11:51:16 schrieben Sie:
If your non-batman clients don't need incoming connections, you could NAT outgoing connections : [client]-->[adhoc ath1]-->NAT-->[br-mesh] You would have to run a DHCP server on the ath1 interface to give those clients a private IP and tell them to use the private IP on ath1 as their router.
What do I have do insert into iptables to NAT ath1 to br-mesh? I´m a complete firewall noob.
There might be an easier way using the config files of the distribution you're using, but from a script it would look something like this:
#! /bin/sh modprobe iptable_nat ## Work-around for bad ISPs which drop ICMP Fragmentation Needed packets: (Needs to be early in list) iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu iptables -t nat -A POSTROUTING -o br-mesh -j MASQUERADE
-Kevin
Am Sonntag 06 Februar 2011, 23:18:25 schrieben Sie:
On 04/02/11 15:38, Clemens John wrote:
Am Dienstag 01 Februar 2011, 11:51:16 schrieben Sie:
If your non-batman clients don't need incoming connections, you could
NAT outgoing connections : [client]-->[adhoc ath1]-->NAT-->[br-mesh]
You would have to run a DHCP server on the ath1 interface to give those clients a private IP and tell them to use the private IP on ath1 as their router.
What do I have do insert into iptables to NAT ath1 to br-mesh? I´m a complete firewall noob.
There might be an easier way using the config files of the distribution you're using, but from a script it would look something like this:
#! /bin/sh modprobe iptable_nat ## Work-around for bad ISPs which drop ICMP Fragmentation Needed packets: (Needs to be early in list) iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu iptables -t nat -A POSTROUTING -o br-mesh -j MASQUERADE
-Kevin
Thank you that got me a little bit further. But now the traffic from the wlan client (wlan0) gets into the router (br-mesh) and tries to reach the internet over the default route of the router, my local lan port. But I want to Use a special gateway (10.18.0.1) behind the vpn and in the same network as br-mesh, only for traffic comming from the clients. Traffic comming from the router itself should use the default gateway furthermore.
What can I do?
Regards Clemens
Hi,
I don't think the VPN is the problem here but the fact that you can't bridge an interface running in adhoc mode. Ad-hoc is "lacks" a field in the wifi header which makes bridging impossible. However, I agree with your proposed solution - another router connected to the Ethernet of the wrt54g can solve the issue.
This is not possible in this case (I don´t have another router).
Does Franco have another router which he could connect to the wrt54g?
Is there onother (maybe harder) way or a hack to do get the same result like when bridging two interfaces? Maybe with iptables?
I think this would break our setup.
Or does anyone know what the status of multiple ssid on wrt54g with kernel 2.6 is?
Maybe we should ask here: http://wireless.kernel.org/en/users/Drivers/b43#support
I have no experience with brcm-chips due to I have only a brcm4318 in my laptop.
regards Bjoern
b.a.t.m.a.n@lists.open-mesh.org
-
Bjoern Franke -
Clemens John -
Kevin Steen -
Kevin Steen -
Marek Lindner -
wayne