SECN 1.1 Bridged Client Mode Operation

Revision as of 06:49, 3 July 2013 by Terry Gillett (talk | contribs) (Added bridged client issue explanation link)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Author T Gillett

The SECN firmware based on batman-adv provides a straightforward way of transparently networking devices wirelessly. For devices that can't mesh directly, SECN nodes allow connection to the mesh via Ethernet or Wifi.

However if you have a requirement to connect a target device that only has an Ethernet port to an existing wifi Access Point (AP) then you have to provide two SECN devices - one to 'mesh enable' the existing AP device, and one to connect to the target device.

If there are many target devices, the overhead of one extra device is small, but if there is only a single target device, then the cost obviously is double.

In this situation it would be nice to have a device that acts as a wifi client and makes the data connection available at an Ethernet port. This is commonly referred to as 'bridged client mode' for a router device.

While looking into how to use the TP Link WR703N unit as a simple wifi client, I came across this excellent wiki page that talks about using OpenWrt devices for this purpose:

Simple bridged client operation is not possible due to a limitation in the way the 802.11 protocol has been set up. The issue is explained here:

However there are a number of workarounds available that have various pros and cons.

One of these workarounds uses the "relayd" package to provide a pseudo-bridged mode, and a How To set this up is documented here:

I have hacked the standard SECN-1.1 firmware for the WR703N device to operate this way.

The three config files that need to be edited are:


There is also a change required to the /etc/init.d/config_secn script

Note: Because the SECN web interface runs at startup, you have to configure the wifi settings for 'ssid' and 'encryption' you want in the SECN web interface (or in /etc/config/secn) rather than just editing /etc/config/wireless as they will get changed to the secn values on startup.

I have included my modified files below for reference. My main router/AP operates on the 192.168.1.x subnet and the IP address assigned to the relay client device is

The lan interface on the relay client *must* be assigned an IP address on a different subnet, and I have used the default setting of

Note that the mesh interface has been disabled in the wireless config file, but the stanza needs to be left in place for correct uci referencing in the SECN 1.1 firmware.

We will look into including this functionality in a future SECN release.

# /etc/init.d/config_secn
# <<snip>> Previous sections
uci set wireless.@wifi-iface[1].encryption=$ENCRYPT
uci set wireless.@wifi-iface[1].key=$PASSPHRASE
uci set wireless.@wifi-iface[1].ssid=$SSID
# Modify this  line for sta mode
#uci set wireless.@wifi-iface[1].mode="ap"
uci set wireless.@wifi-iface[1].mode="sta"
uci set wireless.@wifi-iface[1].disabled="$AP_DISABLE"
# <<snip>> And the rest that follows

#  /etc/config/network
config 'interface' 'loopback'
      option 'ifname' 'lo'
      option 'proto' 'static'
      option 'ipaddr' ''
      option 'netmask' ''
config 'interface' 'lan'
      option 'proto' 'static'
      option 'netmask' ''
      option 'dns' ''
      option 'ifname' 'eth0'
# The ip address assigned below must *not* be in the subnet used by
# the main router
      option 'ipaddr' ''
      option 'gateway' ''
config 'interface' 'wifi0'
# The wifi interface is configured to get an IP from the main router's
# DHCP server
      option 'proto' 'dhcp'
config 'interface' 'stabridge'
      option 'proto' 'relay'
      option 'network' 'lan wifi0'
# This line is optional, but, if used, is set to match the ip address
# assigned to the wifi client interface by the dhcp server in the main router
# eg
# It is used to provide access to the relay router's interface from
# downstream devices if reqd.
      option 'ipaddr' ''

#  /etc/config/wireless
config 'wifi-device' 'radio0'
      option 'type' 'mac80211'
      option 'macaddr' '5c:63:bf:9a:f1:72'
      option 'hwmode' '11ng'
      option 'htmode' 'HT20'
      list 'ht_capab' 'SHORT-GI-20'
      list 'ht_capab' 'SHORT-GI-40'
      list 'ht_capab' 'RX-STBC1'
      list 'ht_capab' 'DSSS_CCK-40'
      option 'disabled' '0'
      option 'country' 'DE'
      option 'txpower' '15'
      option 'channel' '11'
config 'wifi-iface'
      option 'device' 'radio0'
      option 'encryption' 'none'
      option 'network' 'wifi1'
      option 'bssid' '02:CA:FF:EE:BA:BE'
      option 'mode' 'adhoc'
      option 'sw_merge' '1'
      option 'ssid' 'vt-mesh'
# Disable the mesh interface
      option 'disabled' '1'
config 'wifi-iface'
      option 'device' 'radio0'
      option 'network' 'wifi0'
      option 'encryption' 'psk'
      option 'disabled' '0'
      option 'mode' 'sta'
      option 'ssid' 'my-wifi-ssid'
      option 'key' 'my-wifi-key'

#  /etc/config/firewall
# <<snip>> Previous section
# Edit this section as marked ###
config zone
      option name             lan
      option network          'lan wifi0'   ###
      option input            ACCEPT
      option output           ACCEPT
      option forward          ACCEPT   ###
# <<snip>> Plus the rest that follows...