Tellsanguis/blog_tech
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
blog_tech/i18n/en/docusaurus-plugin-content-docs/current/openwrt/backhaul-wifi-mesh.md
Tellsanguis 87a2508769 Ajout documentation OpenWRT et article freeze SSH, MTU et MSS clamping 
- Ajouter documentation complète OpenWRT dans section Homelab actuel
- Créer article blog expliquant problème freeze SSH via tunnel GRE-TAP
- Documenter solutions MTU et MSS clamping pour tunnels réseau
- Ajouter traductions anglaises complètes pour nouveau contenu
2025-12-02 12:43:12 +01:00

122 lines
4.5 KiB
Markdown
Raw Blame History

---
sidebar_position: 2
title: WiFi Mesh Backhaul with 802.11s
---
# WiFi Mesh Backhaul with 802.11s
This guide explains how to create a WiFi backhaul between two OpenWRT routers using the 802.11s (mesh point) protocol.
## Objective
Create a mesh WiFi link between two OpenWRT routers to extend the network without an Ethernet cable. The second router will be configured as a "Dumb AP" and will communicate with the main router via a secure mesh backhaul.
## Prerequisites
- Two routers with OpenWRT installed
- SSH or LuCI web interface access on both routers
- A configured main router (with active DHCP and firewall)
## Step 1: Configuring the Second Router as a Dumb AP
The second router must be transformed into a "Dumb AP" (basic Access Point without network services). There is an automatic script for this configuration, but we will detail the manual method via the LuCI interface.
### Automatic Script (Optional)
For automatic configuration, you can use **OneMarcFifty**'s script available on [GitHub - onemarcfifty/openwrt-mesh](https://github.com/onemarcfifty/openwrt-mesh).
### Manual Configuration via LuCI
You need to **disable** the following services on the second router:
1. **Firewall**: **System → Startup** → Disable `firewall`
2. **DNS**: **Network → DHCP and DNS** → Uncheck "DNS server"
3. **DHCP Server**: **Network → Interfaces → LAN → DHCP Server** → Check "Ignore interface"
These services are not necessary because the main router handles security, DNS, and IP address distribution.
### LAN Interface Configuration
Configure the second router's LAN interface to be on the **same subnet** as the main router:
1. Go to **Network → Interfaces → LAN**
2. Configure the following parameters:
- **Protocol**: DHCP client (recommended) or Static address
- If Static: **IPv4 address**: `.2` on the subnet (example: if the main router is at `192.168.1.1`, set `192.168.1.2`)
![DHCP configuration of br-lan interface](/img/openwrt/interface_br-lan_dhcp.png)
:::tip Configuration Backup
Before modifying the LAN interface, note the current IP or configure a backup interface to be able to access the router in case of problems.
![Backup interface](/img/openwrt/sauvetage_interface.png)
:::
## Step 2: Configuring the 802.11s Mesh Network
The 802.11s protocol allows creating a native WiFi mesh network. Both routers will use this protocol to establish the backhaul.
### Mesh Parameters
Both routers must have **exactly the same** following parameters:
1. **WiFi Mode**: Mesh Point
2. **Mesh ID**: unique identifier for your mesh (same value on both routers)
3. **Network Interface**: create a dedicated interface for the mesh (example: `mesh0`)
4. **Security**: WPA3-SAE (Personal) recommended
5. **Password**: strong and random password
### Generating a Secure Password
Use this command to generate a strong random password:
```bash
openssl rand -base64 32
```
Or from OpenWRT:
```bash
dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64
```
### Configuration via LuCI
1. Go to **Network → Wireless**
2. Select the WiFi interface to use for the mesh (usually radio0 or radio1)
3. Configure the following parameters:
![WiFi mesh backhaul configuration](/img/openwrt/config_backhaul_wifi.png)
**Essential Parameters**:
- **Mode**: Mesh Point (802.11s)
- **Mesh ID**: your mesh identifier (identical on both routers)
- **Network**: create or select a dedicated network interface for the mesh
- **Encryption**: WPA3-SAE
- **Key**: the previously generated password
:::warning Parameter Synchronization
Both routers must have **exactly** the same Mesh ID and the same password, otherwise they will not be able to establish the mesh connection.
:::
### Network Interface for the Mesh
Create a dedicated network interface for the mesh:
1. **Network → Interfaces → Add new interface**
2. **Name**: `mesh0` (or any other descriptive name)
3. **Protocol**: Static address or DHCP client
4. **Device**: select the created mesh device (usually `mesh0`)
This interface will serve as the basis for the GREtap tunnel in the next section.
## Verification
After configuration, verify that:
1. The second router obtains an IP on the same subnet as the main router
2. Both routers can ping each other
3. The mesh interface is active and connected (verifiable in **Network → Wireless**)
4. The mesh backhaul is established and stable
## Next Step
Once the mesh backhaul is configured, you can proceed to [GREtap configuration to extend VLANs](./gretap-vlan.md) through this mesh link.
Reference in a new issue View git blame Copy permalink