SECN 1.1 Bridged Client Mode Operation
Author T Gillett
The SECN firmware based on batman-adv provides a straightforward way of transparently networking devices wirelessly. For devices that can't mesh directly, SECN nodes allow connection to the mesh via Ethernet or Wifi.
However if you have a requirement to connect a target device that only has an Ethernet port to an existing wifi Access Point (AP) then you have to provide two SECN devices - one to 'mesh enable' the existing AP device, and one to connect to the target device.
If there are many target devices, the overhead of one extra device is small, but if there is only a single target device, then the cost obviously is double.
In this situation it would be nice to have a device that acts as a wifi client and makes the data connection available at an Ethernet port. This is commonly referred to as 'bridged client mode' for a router device.
While looking into how to use the TP Link WR703N unit as a simple wifi client, I came across this excellent wiki page that talks about using OpenWrt devices for this purpose:
Simple bridged client operation is not possible due to a limitation in the way the 802.11 protocol has been set up. The issue is explained here:
However there are a number of workarounds available that have various pros and cons.
One of these workarounds uses the "relayd" package to provide a pseudo-bridged mode, and a How To set this up is documented here:
I have hacked the standard SECN-1.1 firmware for the WR703N device to operate this way.
The three config files that need to be edited are:
/etc/config/network /etc/config/wireless /etc/config/firewall
There is also a change required to the /etc/init.d/config_secn script
Note: Because the SECN web interface runs at startup, you have to configure the wifi settings for 'ssid' and 'encryption' you want in the SECN web interface (or in /etc/config/secn) rather than just editing /etc/config/wireless as they will get changed to the secn values on startup.
I have included my modified files below for reference. My main router/AP operates on the 192.168.1.x subnet and the IP address assigned to the relay client device is 192.168.1.121
The lan interface on the relay client *must* be assigned an IP address on a different subnet, and I have used the default setting of 10.130.1.20
Note that the mesh interface has been disabled in the wireless config file, but the stanza needs to be left in place for correct uci referencing in the SECN 1.1 firmware.
We will look into including this functionality in a future SECN release.
# /etc/init.d/config_secn # <<snip>> Previous sections uci set wireless.@wifi-iface.encryption=$ENCRYPT uci set wireless.@wifi-iface.key=$PASSPHRASE uci set wireless.@wifi-iface.ssid=$SSID # Modify this line for sta mode #uci set wireless.@wifi-iface.mode="ap" uci set wireless.@wifi-iface.mode="sta" uci set wireless.@wifi-iface.disabled="$AP_DISABLE" # <<snip>> And the rest that follows
# /etc/config/network config 'interface' 'loopback' option 'ifname' 'lo' option 'proto' 'static' option 'ipaddr' '127.0.0.1' option 'netmask' '255.0.0.0' config 'interface' 'lan' option 'proto' 'static' option 'netmask' '255.255.255.0' option 'dns' '184.108.40.206' option 'ifname' 'eth0' # The ip address assigned below must *not* be in the subnet used by # the main router option 'ipaddr' '10.130.1.20' option 'gateway' '10.130.1.1' config 'interface' 'wifi0' # The wifi interface is configured to get an IP from the main router's # DHCP server option 'proto' 'dhcp' config 'interface' 'stabridge' option 'proto' 'relay' option 'network' 'lan wifi0' # This line is optional, but, if used, is set to match the ip address # assigned to the wifi client interface by the dhcp server in the main router # eg 192.168.1.121 # It is used to provide access to the relay router's interface from # downstream devices if reqd. option 'ipaddr' '192.168.1.121'
# /etc/config/wireless config 'wifi-device' 'radio0' option 'type' 'mac80211' option 'macaddr' '5c:63:bf:9a:f1:72' option 'hwmode' '11ng' option 'htmode' 'HT20' list 'ht_capab' 'SHORT-GI-20' list 'ht_capab' 'SHORT-GI-40' list 'ht_capab' 'RX-STBC1' list 'ht_capab' 'DSSS_CCK-40' option 'disabled' '0' option 'country' 'DE' option 'txpower' '15' option 'channel' '11' config 'wifi-iface' option 'device' 'radio0' option 'encryption' 'none' option 'network' 'wifi1' option 'bssid' '02:CA:FF:EE:BA:BE' option 'mode' 'adhoc' option 'sw_merge' '1' option 'ssid' 'vt-mesh' # Disable the mesh interface option 'disabled' '1' config 'wifi-iface' option 'device' 'radio0' option 'network' 'wifi0' option 'encryption' 'psk' option 'disabled' '0' option 'mode' 'sta' option 'ssid' 'my-wifi-ssid' option 'key' 'my-wifi-key'
# /etc/config/firewall # <<snip>> Previous section # Edit this section as marked ### config zone option name lan option network 'lan wifi0' ### option input ACCEPT option output ACCEPT option forward ACCEPT ### # <<snip>> Plus the rest that follows...