During a recent workshop, we had a fairly complex network setup at the "center point" of the mesh - a radio station where tower access made it possible to mount three NanoStation M2 units very high, and one Rocket M2 lower down on the tower with small omni whip antennas:
The mesh-over-Ethernet domain is shown in the yellow circle.
Setup:
The three NanoStations and single Rocket were meshed together via Ethernet.
The three NanoStations were assigned different channels (1, 6, 11) and the corresponding mesh segments they pointed at had the same channel assignments. This was to reduce on-channel interference between the closely spaced nodes.
The Access Points were disabled on the NanoStations
The wireless mesh link was disabled on the Rocket
The rest of the network connected back to this tower, and with Access Points turned off on the rooftop mesh equipment, had excellent connections with low (less than 2.0) ETX values.
A problem occurred when connected to the AP at the base of the tower (the Rocket M2), and any node not meshed over Ethernet was accessed via the web: the connection would time out completely. It was possible to SSH to each node via the IP address, but not access the web interface.
It appeared that users attached to the nodes in one "segment" of the network wouldn't be able to see the users or access the resources on the other segments. This was not heavily tested, but it would have been the case that each sub-mesh connected to the NanoStation on the tower was not able to access resources on the other segments.
The problem was traced to the firewall on the four nodes on the tower that were meshed over Ethernet. When the firewalls were turned off, all of the nodes on the network were accessible from the clients attached to the Rocket at the base of the tower.
This requires further testing but could be resolved with some of the "automagic" configuration that would come along with the meshing over Ethernet rework as mentioned in other issues:
https://github.com/opentechinstitute/luci-commotion/issues/209
etc.
During a recent workshop, we had a fairly complex network setup at the "center point" of the mesh - a radio station where tower access made it possible to mount three NanoStation M2 units very high, and one Rocket M2 lower down on the tower with small omni whip antennas:
The mesh-over-Ethernet domain is shown in the yellow circle.
Setup:
The rest of the network connected back to this tower, and with Access Points turned off on the rooftop mesh equipment, had excellent connections with low (less than 2.0) ETX values.
A problem occurred when connected to the AP at the base of the tower (the Rocket M2), and any node not meshed over Ethernet was accessed via the web: the connection would time out completely. It was possible to SSH to each node via the IP address, but not access the web interface.
It appeared that users attached to the nodes in one "segment" of the network wouldn't be able to see the users or access the resources on the other segments. This was not heavily tested, but it would have been the case that each sub-mesh connected to the NanoStation on the tower was not able to access resources on the other segments.
The problem was traced to the firewall on the four nodes on the tower that were meshed over Ethernet. When the firewalls were turned off, all of the nodes on the network were accessible from the clients attached to the Rocket at the base of the tower.
This requires further testing but could be resolved with some of the "automagic" configuration that would come along with the meshing over Ethernet rework as mentioned in other issues: https://github.com/opentechinstitute/luci-commotion/issues/209 etc.