Getting Started With Two Mikrotik hAP AC Lite Nodes

20 posts / 0 new

Wed, 06/19/2019 - 15:44

KI5FBW

I’m trying to get a basic setup of two nodes where one has a linux machine on the LAN running a mumble server and the other has an android phone on the LAN with a mumble client. (Or really just trying to get a ping through)

So far I have not been able to get any device on one LAN to talk to any other device on the other LAN.

Iperfspeed between the two Nodes is good.

I am able to hit both nodes IPs with ping from any device on either LAN. But when I traceroute from one LAN to the next the packets stop at the second node.

Settings are default excluding the addition of iperfspeed, enabling the AP, and disabling WAN access.

I also don’t seem to be able to hit anything at all via their .local.mesh address but DNS can be a future problem.

My understanding from the documentation was that direct LAN mode would of allowed for open access from LAN to LAN.

I've tried various android phones and laptops on both networks, pinging and tracerouting all the way.

During troubleshooting I also added the linux machine to the DHCP Address Reservations, it now shows up on both Node mesh status screens as available (but is still only accessible from the LAN it is on). I also tried changing the Mesh RF settings to be the same IP up to the last number (I've since reset to default).

Any advice on this issue would be appreciated.

- Brandon, KI5FBW

Wed, 06/19/2019 - 20:56

AE6XE

Can you attach the support

Can you attach the support data download file back here in the forum from both hap ac lite devices. button found at bottom of Administration page in Setup.

"but is still only accessible from the LAN it is on". If I understand correctly, two devices plugged into the LAN of the same node can talk with one another (ruling out Firewall settings on the linux LAN device)? Sometimes linux devices don't respond, because their firewall is locked down.

Joe AE6XE

Wed, 06/19/2019 - 21:28

(Reply to #2) #3

KI5FBW

P.S.

I went ahead and added some accept all connections rules on the mumble port to make sure that wouldn't cause issues.

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:64738
ACCEPT tcp -- anywhere anywhere tcp dpt:64738 flags:FIN,SYN,RST,ACK/SYN

- Brandon, KI5FBW

Wed, 06/19/2019 - 21:17

KI5FBW

Attached

Attached
Yes, I tried to rule out as many issues as I could. I started with both devices on my standard home LAN. Then moved them to a single node’s LAN. Everything worked as expected both times.

- Brandon, KI5FBW

Support File Attachments:

Mobile2

Mobile1

Wed, 06/19/2019 - 23:00

(Reply to #4) #5

AE6XE

Not sure if this is the issue

Not sure if this is the issue, but the config settings I reviewed are different than the diagram. The beaglebone is configured on Mobile1's LAN with IP address of 10.179.170.75. Diagram shows the beaglebone on Mobile2? So if you do have the beaglebone plugged into Mobile2, then swap it over to Mobile1 LAN port. If your android mobile device connects to "KI5FBW-Mobile2AP", then tries to connect to the beaglebone, I'd expect it to work. Indeed on Mobile2, there is a DNS entry to resolve "beaglebone" and route back to Mobile1 LAN.

Joe AE6XE

Thu, 06/20/2019 - 08:11

(Reply to #5) #6

KI5FBW

Diagram Error

That is an error on the diagram. Beaglebone is currently plugged into Mobile1's LAN. Then I switch the android back and forth for troubleshooting.

Do we expect traffic to only be routed if there is a working DNS or with reserved DHCP? I can't even connect to ki5fbw-mobileX.local.mesh from devices on the node's LAN (though localnode.local.mesh works). I have to use their IPs.

- Brandon, KI5FBW

Thu, 06/20/2019 - 12:42

(Reply to #6) #7

AE6XE

Brandon, this is very

Brandon, this is very unusual this isn't working, it's sort of the 101 basic functionality of how mesh nodes work. Something atypical is going on. Let's try a few things to see if we can isolate further. reboot all devices to make sure nothing is cached from moving things around -- IP address needs renewed, etc. All end devices are configured DHCP.

Can you do a "nslookup beaglebone" on all nodes and devices to resolve the IP address? Does this work on all devices? (BTW, I'm sure you already known, risk of hostname conflict on larger networks, recommend doing "<callsign>-beaglebone" format.)

There is a "tcpdump" package that can be installed on the mesh nodes from the Administration screen -- connect to internet on hap ac lite port 1 for the package to be downloaded. To monitor traffic on its LAN (see what is coming in or going out): "tcpdump -i br-lan" Check to see that your traffic is going in the LAN of one node and coming out the LAN of the other node -- is routing correctly? To see the traffic on the 2GHz link, "tcpdump -i wlan1-1". Did it come across the link? This will help isolate the exact failure point -- on mesh nodes or at end devices.

Joe AE6XE

Thu, 06/20/2019 - 23:12

(Reply to #7) #8

KI5FBW

TCPDUMP time

Ok, I'm glad I'm not just totally missing some obvious problem.

Apologies for the wild post, debugging all evening and just trying to record information

tcpdump running on both interfaces on both nodes.

everyone seems to be able to sucessfully nslookup, except a macbook I tried which timed out and said it couldn't find a server (despite dns looking correct in it's interface config).
But then on the android, I turn around and try to ping beaglebone and it says it can resolve the ip and it doesn't even try to hit the node.
hmm, seeing stuff online suggesting android has a weird fallback to google dns if it can't get IPv6-only dns to work. Can IPv6 be disabled? forcing a fallback perhaps.

OSLR humming along just fine it seems on the wlan.
From mobile1 wlan:

00:48:19.714579 4168780798us tsft 1.0 Mb/s 2402 MHz 11b -31dBm signal -40dBm signal antenna 0 -31dBm signal antenna 1 
IP KI5FBW-Mobile2.local.mesh.698 > 10.255.255.255.698: OLSRv4, seq 0x590f, length 32

From mobile2 wlan:

00:48:27.290194 4176350177us tsft 1.0 Mb/s 2402 MHz 11b -32dBm signal -40dBm signal antenna 0 -33dBm signal antenna 1 
IP KI5FBW-Mobile1.local.mesh.698 > 10.255.255.255.698: OLSRv4, seq 0x1b86, length 92

when trying to do traceroute on the beaglebone to android. The android does not respond. Node2 sees the request.

tried pinging on the beaglebone to android. The android does not respond. Node2 sees the request.

when trying to do traceroute on mobile2 to beaglebone
seems to work

when trying to ping on mobile2 to beaglebone
I had to reset mobile1 to get it to work

when trying ping on android to beaglebone (can't use beaglebone, ip used)

02:37:41.020596 IP 10.180.129.118.22905 > localnode.53: 12623+ PTR? 75.170.179.10.in-addr.arpa. (44)
02:37:41.021356 IP localnode.53 > 10.180.129.118.22905: 12623* 1/0/0 PTR beaglebone.local.mesh. (79)

is the only thing that comes up, nothing over wlan or the other node.
android traceroute doesn't showup at all

It seems like maybe the android doesn't want to use the node for DNS outside of nslookup.
android seems to be causing most of the problems.

switching android to the same lan
pinging beaglebone now works without issue
mumble of course still works

so still no luck on the basic mumble setup (I'm noticing android does not even try to find the servers though, I see no traffic go out when I try and force a connection).

overall these are good tools for me to keep troubleshooting with, I'll have to work on it more tomorrow. Maybe try to use something else instead of android, if I can get the macbook to do anything usefull or just get my windows PC involved.

- Brandon, KI5FBW

Fri, 06/21/2019 - 00:17

(Reply to #8) #9

AE6XE

Note, we took out IPv6

Note, we took out IPv6 modules out of the mesh nodes to keep the RAM usage down. IPv6 had not been implemented for routing traffic, but possibly this is an issue for androids. Let me try to reproduce with my android and hap ac lite devices. Did you turn off the cell data on the andriod? Try a regular laptop instead of the Andriod to isolate the issue?

Joe AE6XE

Fri, 06/21/2019 - 18:18

(Reply to #9) #10

KI5FBW

Ok, so that potentially rules

Ok, so that potentially rules out any interesting DNS-IPv6 issues.
Yes I turned off cell data.

I'm about to start working on a normal laptop. Though my macbook initiall was causing DNS issues as well.

Fri, 06/21/2019 - 19:02

#11

KI5FBW

PC Testing

Something interesting when I tried it with my Windows PC.

If I ping the beaglebone (with the dns name) from the windows PC the packet makes it's way over to the beaglebone but then the beaglebone asks this
22:59:19.035731 ARP, Request who-has 10.180.129.114 tell beaglebone, length 50

And never gets a response.

Going in the other direction the beaglebone asks the same thing but never gets a response.

Fri, 06/21/2019 - 19:27

(Reply to #11) #12

AE6XE

Could there be a 10.x.x.x

Could there be a 10.x.x.x subnet for some other interface conflict on the beaglebone? It's as if the beaglebone thinks the 10.x.x.x class A subnet is on the local interface directly, rather than forwarding to the mesh node to route through. what does ifconfig show for the network interface on the beaglebone? It should have a netmask of something like 255.255.255.240. If it is 255.0.0.0, then it doesn't have the right definition of the LAN subnet it is on.

Fri, 06/21/2019 - 19:54

(Reply to #12) #13

KI5FBW

I saw that ARP request on the

I saw that ARP request on the node.

This is ifconfig
eth0: flags=-28605<UP,BROADCAST,RUNNING,MULTICAST,DYNAMIC> mtu 1500
inet 10.179.170.75 netmask 255.255.255.248 broadcast 10.179.170.79
inet6 fe80::564a:16ff:fef4:48f6 prefixlen 64 scopeid 0x20<link>
ether 54:4a:16:f4:48:f6 txqueuelen 1000 (Ethernet)
RX packets 192 bytes 22124 (21.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 696 bytes 57233 (55.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 55

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 350 bytes 32896 (32.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 350 bytes 32896 (32.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

usb0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.7.2 netmask 255.255.255.252 broadcast 192.168.7.3
inet6 fe80::564a:16ff:fef4:48f8 prefixlen 64 scopeid 0x20<link>
ether 54:4a:16:f4:48:f8 txqueuelen 1000 (Ethernet)
RX packets 17272 bytes 1502607 (1.4 MiB)
RX errors 0 dropped 10 overruns 0 frame 0
TX packets 1388 bytes 290544 (283.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

usb1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.6.2 netmask 255.255.255.252 broadcast 192.168.6.3
ether 54:4a:16:f4:48:fb txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

Fri, 06/21/2019 - 20:50

(Reply to #13) #14

AE6XE

I don't think the beaglegone

I don't think the beaglegone should expect an arp response for IP address or devices that aren't on the local subnet/network. do "arp -a" on all the devices to see the information a devices knows about and can respond on -- should be devices on the local subnets. If the beaglebone did not reply back to the ping, in a subsequent packet, in response, then it may be a firewall rule issue or other config setting not allowing ICMP reply. Is the beaglebone firewall running? If so, might turn it off so all traffic is passed though, to rule this option out. Swap out and put a basic ipcam on one mikrotik and access from the andriod of the other to see if you can access -- isolate the problem to the beaglebone.

Fri, 06/21/2019 - 20:03

#15

KI5FBW

Another interesting thing

Now I'm just trying to ping the other node from the beaglebone

getting this on the localnode
04:28:38.131405 ARP, Request who-has KI5FBW-Mobile2.local.mesh tell beaglebone.local.mesh, length 28

with no response from the node

Fri, 06/21/2019 - 21:00

#16

KI5FBW

I can't even ping the local

I can't even ping the local node using dns
ping gives this on localnode and there is no response
05:29:29.587399 ARP, Request who-has KI5FBW-Mobile1.local.mesh tell beaglebone.local.mesh, length 28
this happens during a nslookup
05:29:58.086822 IP beaglebone.local.mesh.46059 > localnode.local.mesh.domain: 21563+ A? ki5fbw-mobile1.local.mesh. (43)
and it gets the ip correctly

Fri, 06/21/2019 - 21:57

#17

K5DLQ

do you have all of your non

do you have all of your non-mesh network interfaces disabled?

Sat, 06/22/2019 - 09:41

(Reply to #17) #18

KI5FBW

I don't believe so.

I don't believe so.

I attached my settings screen. That is the only configuration I have done for either.

Image Attachments:

Sat, 06/22/2019 - 10:44

(Reply to #18) #19

AE6XE

uncheck the "prevent LAN

uncheck the "prevent LAN devices from accessing WAN". The mesh node will not give the beaglebone a default route. This is an old option that few use. This might be the issue. You'd probably need to add a "10.x.x.x" route to forward trafffic back to the mesh node for access to the greater mesh network to check this option.

Sat, 06/22/2019 - 12:38

#20

KI5FBW

SOLVED

That was the problem. I guess Android and Mac start to behave off-nomially when there is no default route. Even if DHCP sets the DNS address.

I guess I read that configuration item as an easy way to prevent any potential legal issues with sending encrypted data over the mesh. Even when I'm hooked into WAN (which I generally am using for configuration access)

Thanks to both of you for the assistance.

- Brandon, KI5FBW

Amateur Radio Emergency Data Network

Menu SF

You are here

Getting Started With Two Mikrotik hAP AC Lite Nodes

Amateur Radio Emergency Data Network

Search form

Menu SF

You are here

Getting Started With Two Mikrotik hAP AC Lite Nodes