Gluon: Multiple mesh_lan interfaces. Anything named different than mesh_lan won't be able to mesh
I am in situation where lan mesh needs to be provided into multiple seperate L2 networks like legacy did.
We use the new vxlan based gluon_wired proto already.
I therefore defined in the /etc/config/network
config interface 'mesh_lan'
option ifname 'eth0.97'
option mesh 'bat0'
option transitive '1'
option index '4'
option proto 'gluon_wired'
option macaddr '02:19:99:67:8a:fa'
option disabled '0'
config interface 'mesh_test'
option ifname 'eth0.98'
option mesh 'bat0'
option transitive '1'
option index '4'
option proto 'gluon_wired'
option macaddr '02:19:99:67:8a:fb'
option disabled '0'
eth0.97 and eth0.98 are my vlans in wich batman should be available in. This should not be a bridge because in this seperate vlans are different dhcp instances running. This creates vx_mesh_lan and vx_mesh_test but mesh_test is not meshing at all with the nodes behind eth0.98.
~# ip link
...
14: mesh-vpn: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1312 qdisc tbf master bat0 state UNKNOWN qlen 1000
link/ether 2a:da:d6:07:f3:ef brd ff:ff:ff:ff:ff:ff
15: vx_mesh_test: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue master bat0 state UNKNOWN qlen 1000
link/ether 2a:da:d6:07:f3:ec brd ff:ff:ff:ff:ff:ff
16: vx_mesh_lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1430 qdisc noqueue master bat0 state UNKNOWN qlen 1000
link/ether 2a:da:d6:07:f3:ec brd ff:ff:ff:ff:ff:ff
To confirm eth0.98 has connectivity to the nodes I swaped eth0.97 and eth0.98. In this case only nodes behind eth0.98 appear in the mesh. If I rename mesh_lan to say for instance mesh_first no mesh on ether interface would work.
I also tested a single mesh_x interface. Anything named different than mesh_lan does not mesh at all.
We are running v2018.1
Sprinterfreak
All 8 comments
Each mesh interface must have a unique index; allowed indices are in the range 0..7. This defines the MAC address of the mesh interfaces actually added to bat0.
The default assignment of indices is described in http://gluon.readthedocs.io/en/v2018.1.x/dev/mac_addresses.html. If you're using 11s, the IBSS indices 2 and 6 are unused by default and can be used for additional interfaces.
This is obviously a bit unsatisfying; we will likely introduce something nicer, possibly even removing the need to manually specify an index, when we add a "supported" way (with an interface in the advanced settings) to define additional mesh interfaces.
NeoRaider
on 15 Jul 2018
Even changing the index of the second mesh_* interface to anything previously undefined does not fix the issue.
This also does not explain why it won't mesh if you simply rename a single mesh_lan interface to say mesh_test. There seems to be anything hardcoded to the name mesh_lan.
This is my config updated
config interface 'mesh_lan'
option ifname 'eth0.97'
option mesh 'bat0'
option transitive '1'
option index '4'
option proto 'gluon_wired'
option disabled '0'
config interface 'mesh_test'
option ifname 'eth0.98'
option mesh 'bat0'
option transitive '1'
option index '5'
option proto 'gluon_wired'
option disabled '0'
batctl if
primary0: active
mesh-vpn: active
vx_mesh_lan: active
vx_mesh_test: active
logread | grep mesh
Sun Jul 15 15:38:01 2018 daemon.notice netifd: Interface 'mesh_lan' is enabled
Sun Jul 15 15:38:01 2018 daemon.notice netifd: Interface 'mesh_test' is enabled
Sun Jul 15 15:38:02 2018 daemon.notice netifd: Interface 'mesh_vpn' is enabled
Sun Jul 15 15:38:02 2018 daemon.notice netifd: Network device 'mesh-vpn' link is up
Sun Jul 15 15:38:02 2018 daemon.notice netifd: Interface 'mesh_vpn' has link connectivity
Sun Jul 15 15:38:02 2018 daemon.notice netifd: Interface 'mesh_vpn' is setting up now
Sun Jul 15 15:38:02 2018 daemon.info fastd[2985]: adding peer <mesh_vpn_backbone_peer_gwsec>
Sun Jul 15 15:38:02 2018 daemon.info fastd[2985]: adding peer <mesh_vpn_backbone_peer_gwpri>
Sun Jul 15 15:38:02 2018 daemon.info fastd[2985]: resolving host `gw21.ffrgb.net' for peer <mesh_vpn_backbone_peer_gwpri>...
Sun Jul 15 15:38:02 2018 daemon.info fastd[2985]: resolving host `gw22.ffrgb.net' for peer <mesh_vpn_backbone_peer_gwsec>...
Sun Jul 15 15:38:02 2018 daemon.notice netifd: Interface 'mesh_vpn' is now up
Sun Jul 15 15:38:02 2018 kern.info kernel: [ 10.357657] batman_adv: bat0: Adding interface: mesh-vpn
Sun Jul 15 15:38:02 2018 kern.info kernel: [ 10.360663] batman_adv: bat0: The MTU of interface mesh-vpn is too small (1312) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
Sun Jul 15 15:38:02 2018 kern.info kernel: [ 10.373621] batman_adv: bat0: Interface activated: mesh-vpn
Sun Jul 15 15:38:02 2018 user.notice firewall: Reloading firewall due to ifup of mesh_vpn (mesh-vpn)
Sun Jul 15 15:38:03 2018 daemon.notice netifd: Interface 'mesh_lan' has link connectivity
Sun Jul 15 15:38:03 2018 daemon.notice netifd: Interface 'mesh_lan' is setting up now
Sun Jul 15 15:38:03 2018 daemon.notice netifd: Interface 'mesh_test' has link connectivity
Sun Jul 15 15:38:03 2018 daemon.notice netifd: Interface 'mesh_test' is setting up now
Sun Jul 15 15:38:03 2018 daemon.notice netifd: Interface 'mesh_lan' is now up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_test' is now up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'vx_mesh_lan' is setting up now
Sun Jul 15 15:38:04 2018 daemon.notice netifd: mesh_lan (3159): Command failed: Unknown error
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'vx_mesh_test' is setting up now
Sun Jul 15 15:38:04 2018 user.notice firewall: Reloading firewall due to ifup of mesh_lan (eth0.97)
Sun Jul 15 15:38:04 2018 daemon.notice netifd: mesh_test (3160): Command failed: Unknown error
Sun Jul 15 15:38:04 2018 daemon.notice netifd: mesh_lan (3159): Command failed: Unknown error
Sun Jul 15 15:38:04 2018 daemon.notice netifd: mesh_test (3160): Command failed: Unknown error
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_lan_mesh' is enabled
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'vx_mesh_lan' is now up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: tunnel 'vx_mesh_lan' link is up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Network alias 'vx_mesh_lan' link is up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_lan_mesh' has link connectivity
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_lan_mesh' is setting up now
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_test_mesh' is enabled
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'vx_mesh_test' is now up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: tunnel 'vx_mesh_test' link is up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Network alias 'vx_mesh_test' link is up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_test_mesh' has link connectivity
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_test_mesh' is setting up now
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_lan_mesh' is now up
Sun Jul 15 15:38:04 2018 daemon.notice netifd: Interface 'mesh_test_mesh' is now up
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.274850] batman_adv: bat0: Adding interface: vx_mesh_lan
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.277997] batman_adv: bat0: The MTU of interface vx_mesh_lan is too small (1430) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.291321] batman_adv: bat0: Interface activated: vx_mesh_lan
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.349073] batman_adv: bat0: Adding interface: vx_mesh_test
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.352252] batman_adv: bat0: The MTU of interface vx_mesh_test is too small (1430) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
Sun Jul 15 15:38:04 2018 kern.info kernel: [ 12.365616] batman_adv: bat0: Interface activated: vx_mesh_test
Sun Jul 15 15:38:04 2018 user.notice firewall: Reloading firewall due to ifup of mesh_lan_mesh (vx_mesh_lan)
Sun Jul 15 15:38:05 2018 user.notice firewall: Reloading firewall due to ifup of mesh_test_mesh (vx_mesh_test)
Probably the firewall (see /etc/config/firewall).
NeoRaider
on 15 Jul 2018
Firewall did the trick.
The new interface has to be added manually to the firewall rules
uci add_list firewall.wired_mesh.network='mesh_test'
This solved the issue finally.
Sprinterfreak
on 15 Jul 2018
Do we have this in the documentation somewhere (or at leat the wiki)?
Adorfer
on 30 Jul 2018
i don't think so - and we don't add info about unsupported/custom adjustments to "official" docs/wiki
rotanid
on 30 Jul 2018
@sprinterfreak:
What are you trying to achieve? Why do you need a second mesh?
rubo77
on 30 Jul 2018
@rubo77
- seperate L2 to avoid any to any mesh connections for instance over transparent wifi bridges.
- keep transparent bridged-links to untrusted destinations as restricted as possible.
Sprinterfreak
on 2 Aug 2019
Related issues
lephisto
路
5Comments
CodeFetch
路
5Comments
rubo77
路
5Comments
RalfJung
路
5Comments
mweinelt
路
3Comments
Most helpful comment
Firewall did the trick.
The new interface has to be added manually to the firewall rules
uci add_list firewall.wired_mesh.network='mesh_test'This solved the issue finally.