Community discussions

MikroTik App
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 5:45 pm

Hello, strangely there aren't many resources on how to make Mikrotik mesh networks. I use RouterOS6.48.3. I have many wAPac and cAPac, but currently I tried basic mesh with one portal and one node.

I have tried this tutorial:
https://help.mikrotik.com/docs/pages/vi ... Id=8978441

Connection between 2 nodes is ethernet type (mesh port). Full network will contain WDS and Ethernet links.

Currently each node recognized each other as "outsider", how can I make them "neighbors" ?

Network model I am trying to establish using Mesh:
You do not have the required permissions to view the files attached to this post.
 
User avatar
bellis
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Nov 05, 2008 1:15 am
Location: Woodland, WA
Contact:

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 8:42 pm

I know this is an old post, but I too am having a similar issue.

Setting the ethernet mesh port type=WDS allows the FDP to show the Ethernet connected devices as MESH. My problem that I am running into is that I cannot seem to have a switch in between MT nodes. I've tried every example I can find, but there really isnt much out there for mesh over ethernet and wireless.

Did you ever get a working setup?
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 9:05 pm

This is not old post, I created it 3hr ago ^^

My current progress is what you also just said: "ethernet mesh port type=WDS" for ethernet ports.

I also dodged idea of using CAPsMAN with Mesh combination, because for CAPsMAN you would need one wlan which SSID is constant (for uninterrupted node intercommunication). Firstly I through that CAPsMAN is more intelligent and firstly sends out what needs to be changed in all routers and then broadcasts message to start applying changes, but it is not like that.

I will keep latest reply to this post updated as I progress (to not spam).

Edit1: Got locked out of wAP ac, because I set both (all) ethernet interface as mesh-port-wds. Probably hw-reset will be needed...
Last edited by vinigas on Thu Jul 22, 2021 10:11 pm, edited 2 times in total.
 
User avatar
bellis
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Nov 05, 2008 1:15 am
Location: Woodland, WA
Contact:

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 9:42 pm

HA! I mixed up your join date and post date. Looks like we are pounding our heads against the same wall. Feel free to reach out to me brian at nwtowers dot com. Would love to collaborate.

I have locked myself out several times, which is why I dev on boards with serial ;)
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 10:12 pm

Soo for new learners I would say that Mesh interface that you create in Mikrotik acts very similary as the bridge interface itself. Then you add mesh-ports if you select ethernet or wireless port-type, it means clients (outsiders) will be able to connect through it. WDS mesh-port type is used to interconnect between nodes and nothing else (it slighly goes off what WirelessDistributionSystem translates, because you can add ethernet medium and WDS packets will go through them).

If you want dynamic-mesh, then you go to each wlan interface and open WDS tab. Select default-bridge as mesh interface.
Then mesh network configuring is complete, what you is get is one virtual chunky L2 switch with ethernet and wireless (mesh-)ports.

Currently looking forward to possibility of using WDS-Ethernet port for administrating too. Maybe if I would add EoIP interface instead of Ethernet to Mesh port, then it would work out ? Just thinking.

Edit1: Or maybe just leave both (all) ethernet ports as WDS-mode and connect to it only through other nodes with RoMON or MAC or IP. This way ability to correctly administrate through ethernet port is lost (serial port is unavailable in wAP ac, at least without unboxing).
 
User avatar
bellis
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Nov 05, 2008 1:15 am
Location: Woodland, WA
Contact:

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 22, 2021 10:32 pm

So one thing to add, I tried to do WDS on a VLAN assigned to ethernet port, with the idea of WDS Mesh over a vlan, and use the ethernet native port as ingress/egress. The WDS does work over vlan, however when you add the ethernet interface to the mesh (as an ethernet type) the vlan WDS drops.

This may require dual ethernet cables, one for WDS and one for ethernet... unless there is some way found to ingress the mesh via ethernet on the same physical interface that is hosting WDS

edit 1: I set up OVPN from each node to the head end router, used the ovpn ethernet tunnel for WDS. Looks like this may work for single cable for both mesh ingress/egress as well as node to node traffic.
 
User avatar
bellis
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Nov 05, 2008 1:15 am
Location: Woodland, WA
Contact:

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 29, 2021 9:25 pm

No progress on my setup being able to mesh over ethernet nic unless set to WDS, which breaks ability to ingress/egress IP traffic.

Have you had any luck?
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 29, 2021 10:05 pm

I decided to use L2 MSTP (or RSTP if you like) plus dynamic WDS, and one bridge per router. WDS interfaces are dynamically added to the bridge as in Mesh scenario.

For controlling weights/costs I set wlan5G interface def50 range50-100
For wlan2G I set def200 range100-300

MSTP dynamically updates costs as signal strength changes. STP root ports are dynamically recalculated.

DHCP server, DNS-proxy on """Mesh portal""" main router.

I also set main router's bridge MSTP (STP) Priority to 0x1000. So that it would always be the main router (unless he is gone, then someone with lowest MAC will be elected temporarily).

Reduced MSTP MaxMessageAge(=6s) and ForwardDelay(=4s) to minimum values.

Set bridge AdminMAC to keep local bridge mac constant (for routers local DHCP-client lease).

Then used terminal "export" command and then made script out of that for executing it other routers, for keeping configuration consistent (to avoid typos). The only input needed to change for that in script is router identity friendly name.

So far works well, but I think for this solution I will need to add netwatch-script which would detect if main router is reachable and if it is not, then child routers would go from ap-bridge to station mode until main router is reachable again. Because as for now, the can be case then userdevice connects to strongest WiFi ap, but it doesn't have reachability to main router. This netwatch would allow to avoid that.

Child router's configuration export (annonymized):
# jul/25/2021 11:02:53 by RouterOS 6.48.3
# model = RBcAPGi-5acD2nD
/interface bridge
add arp=proxy-arp forward-delay=4s igmp-snooping=yes igmp-version=3 max-message-age=6s multicast-querier=yes \
    name=LanBridge protocol-mode=mstp region-name=Lan vlan-filtering=yes
/interface list
add name=LAN
/interface wireless security-profiles
add authentication-types=wpa2-psk disable-pmkid=yes eap-methods="" management-protection=allowed \
    management-protection-key=Shrek2 mode=\
    dynamic-keys name=wpa2_Lan supplicant-identity="" wpa2-pre-shared-key=Nun0fUrBus1ness
/interface wireless
set [ find default-name=wlan1 ] ampdu-priorities=0,1,2,3 band=2ghz-onlyn channel-width=20/40mhz-Ce country=\
    lithuania disabled=no disconnect-timeout=15s hw-protection-mode=rts-cts installation=indoor mode=ap-bridge \
    name=wlan2_2G_Lan security-profile=wpa2_Lan ssid=Lan wds-cost-range=100-300 wds-default-bridge=\
    LanBridge wds-default-cost=200 wds-mode=dynamic wireless-protocol=802.11 wmm-support=required wps-mode=\
    disabled
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/interface bridge port
add bridge=LanBridge interface=wlan2_2G_Lan path-cost=300 priority=0xC0 trusted=yes
add bridge=LanBridge interface=LAN priority=0x40 trusted=yes
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes use-ip-firewall-for-vlan=yes
/interface list member
add interface=ether1 list=LAN
add interface=wlan2_2G_Lan list=LAN
/ip dhcp-client
add disabled=no interface=LanBridge
/ip dhcp-relay
add add-relay-info=yes dhcp-server=192.168.128.1 disabled=no interface=LanBridge name=relay1 \
    relay-info-remote-id=the5.router.lan
/ip dns static
add address=192.168.128.1 name=the1.router.lan
add address=192.168.128.2 name=the2.router.lan
add address=192.168.128.3 name=the3.router.lan
add address=192.168.128.4 name=the4.router.lan
add address=192.168.128.5 name=the5.router.lan
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set winbox address=192.168.128.0/17
set api-ssl disabled=yes
/routing ospf interface
add cost=100 network-type=broadcast use-bfd=yes
add interface=LanBridge use-bfd=yes
/system clock
set time-zone-name=Europe/Vilnius
/system identity
set name=the5.router.lan
/tool mac-server
set allowed-interface-list=none
/
WMM support probably should set to enabled instead of required...

Non-WDS interfaces to the bridge are added dynamically through interface-list. For (non-WDS) interfaces which needs non-dynamic-default cost or priority, I add them separately to the bridge (while keeping them in interface-list).

What do you think about this solution?
 
User avatar
bellis
Frequent Visitor
Frequent Visitor
Posts: 54
Joined: Wed Nov 05, 2008 1:15 am
Location: Woodland, WA
Contact:

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 29, 2021 10:25 pm

That's a possible solution, but wouldn't MSTP/RSTP etc. just block all traffic on the lower priority ethernet connected devices, forcing data to go over wireless even though ethernet was physically available?
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 29, 2021 10:28 pm

For L3 packet routing (instead of STP/RSTP/MSTP) I would probably use OSPF+dynamicWDS+staticRouterIP+uniqueSubnet+loopbackInterface for each router. But this means then user is roaming between APs, his IP is constantly changing (unless user is inside VPN on top of OSPF network). I wanted to use only subnet, and didn't wanted to use network-on-top-of-another-network (e.g. EoIP) solutions.
 
User avatar
vinigas
just joined
Topic Author
Posts: 18
Joined: Thu Jun 18, 2020 8:48 pm
Location: Lithuania

Re: Mikrotik HWMP+ Ethernet not joining into mesh

Thu Jul 29, 2021 10:34 pm

The lower STP bridge priority, the more likely it will be elected as root bridge/switch.
The lower STP port priority, the more likely it will be elected as active port.

https://www.youtube.com/watch?v=Ilpmn-H ... yClassroom

I tested then I connect eth, data goes through it, then cable disconnected if signal is good enough, then 5G is choosen, elsewise 2G. It is important to choose one 5G channel and one 2G channel, otherwise WDS will not be created between different channels.

The only problem currently is that this setup can result in split-brain-situation. For that netwatch script acting on gateway reachability is needed.

Who is online

Users browsing this forum: Amazon [Bot], holvoetn, Plnt and 41 guests