I was able to flash a Rocket M5 and begin the setup process. When I have the Rocket connected to a dumb switch (through a POE injector) and my computer is connected to the same switch with DHCP turned on on the computer ethernet, the Rocket assigns an IP address to the computer and I can access the Rocket and setup page.
But in order to setup a tunnel, I'll need the Rocket connected to my internet. So I plug my home network into the switch, and reset everything. The computer now gets the IP set from the home LAN but can't connect to the rocket. I've tried with the Rocket WAN set to DHCP and assigning a manual IP address that should work. As far as I can tell from the home network side, the router can see the MAC address of the Rocket but does not assign it an IP address and won't recognize a manually set address.
So is it expected that you can only see the rocket when it's assigning the addresses or should I be able to access it from my home LAN? I haven't changed any other networking configuration from default, except for disabling the mesh for now since I have it inside, and there aren't any nodes I could connect to anyway.
I've ordered an hAP ac lite so maybe that will fix the problem when that gets here.
While the Rocket can host the tunnel client software, I don't think it is capable of being a managed switch that can provide the WAN connection, the AREDN connection, and the local LAN connection for your computers. You need a managed switch which is either provided by the default config of a hAP lite, or by using another managed switch that is configured correctly.
Waiting for the hAP lite sounds like a very good idea as the way to set this up on a hAP is well documented.
Ed
The hAP simplifies that a bit because it has multiple network ports. Port 1 is the WAN port and unlike the Rocket it is untagged. Ports 2, 3, & 4 are the local AREDN LAN, and port 5 is the DtD connection and is still tagged VLAN 2.
Is there a guide on how to setup the vlans? I found some old forum posts but they generally use these terms without explaining how or where you'd do anything. I see only 1 setting for vlan in the aredn config page on the rocket and that's to set the vlan number. On my home router I can create vlans but it seems they must correspond to physical ports on the router which isn't ideal for my setup as my rocket is connected to a switch in my garage, which goes to my wifi puck which then goes via ethernet to another puck which then goes to the router, so there's a lot of connections on that one physical port on the router, basically all of them.
What is a puck?
A VLAN capable switch is handy for providing internet (WAN) access to a node or nodes.
A VLAN capable switch is handy for connecting multiple nodes together via ethernet connections.
You did not present a need for your 'rocket' to have internet (WAN) access.
You did not present a need for your 'rocket' to be connected by ethernet to other AREDN nodes.
A VLAN capable switch is handy for granting a workstation access to both an AREDN device and the internet.
You did not mention a workstation.
Please explain what your 2 'pucks' do to connect your devices to each other or the internet.
73, Chuck
>You did not present a need for your 'rocket' to have internet (WAN) access.
As I mentioned in the initial question the rocket needs internet access so that it can make a tunnel as there are no other nodes in the area.
>You did not present a need for your 'rocket' to be connected by ethernet to other AREDN nodes.
I mentioned that I will also be getting the hAP ac lite, so I believe, yes in fact, I did.
>You did not mention a workstation.
I mentioned that I can't access the configuration page. I believe that implies a workstation or device that works on the station
>Please explain what your 2 'pucks' do to connect your devices to each other or the internet.
Wifi pucks are hardware devices that create a home wifi mesh. In this instance I believe they are acting as switches as all connections for data are ethernet
Is there a situation where one would put up a node without at least one of: a) a tunnel to another node b) ethernet to another node c) ethernet to a workstation? I suppose you could have node to node wifi and then a workstation connected via wifi? But then can you access the config page?
Your Rocket and workstation are on the home LAN.
Your Rocket and workstation get an IP address from your home router.
Your Rocket should have DHCP server disabled.
You can access the Rocket's web pages from the workstation by IP address, but
your workstation cannot access the AREDN network with which your Rocket might be RF connected.
A hAP's WAN port connected to your home router and its LAN port connected to your workstation
will provide your workstation with internet access and access to the hAP's web pages.
If your pucks are acting as switches then your pucks can provide the DtD (VLAN2) link to the Rocket.
In this setup, only other AREDN nodes can use the puck's LAN.
Your workstation would have internet access, access to the Rocket, and access to the Rocket's AREDN network.
The tunnel would be setup in the hAP.
Your home LAN and the DtD link to the Rocket are 2 separate networks.
I hope this helps, Chuck
Ed
Meanwhile one thing catches my attention. It is relatively simple to setup a tunnel CLIENT where you accept a connection to someone else's server. It's much, much more difficult and a bit complicated to become a tunnel SERVER and provide mesh connections to other users.
I strongly suggest you don't even try to setup a tunnel server until you get more familiar with the basic setups. In addition, it's really bad practice for routing to have a dasiy chain of tunnels creating a mesh where we go hop to hop to hop without actual rf being the backbone, I'd focus on getting the managed switch in the hAP working first, then start learning from there.
Ed
For anyone else that has this problem it seems to be that the Rocket M5 can't get a WAN ip address from DHCP or static, it's just blank. Oddly, setting the WAN setting to disabled it actually got an ip address, for a while anyway. Everything else seems to now work though. I'm able to see the status of each node in the neighbor tab, services work and are shared, and if set as an access point it allows access to the internet to devices connected to it's lan.
For an AREDN device to get WAN access
(and for its LAN devices to get WAN access)
a VLAN switch is needed.
The hAP(lite, ac2, ac3) come with a VLAN switch already configured for
WAN, LAN, and DtD.
Several GL-iNet devices with AREDN firmware also provide this service.
73, Chuck
Let me try to say this in slightly different way, and if I make an error Chuck can clarify.
All AREDN devices live on VLAN2 which is where the devices can talk to each other dtd. All AREDN devices also provide DHCP router functions to a LAN port so you can connect to the device and use it. If you put a dumb switch on the ethernet port of your Rocket, then you have more IP addresses on your LAN so more people can use the connection.
But you can't connect another AREDN node as both will want to treat the other node as a LAN and it won't work. So if you want more than one AREDN node in one location cabled together, OR if you want to have WAN capacity so you can tunnel or do other things with actual internet ... you MUST have a managed (smart) switch and use the correct ports for each network.
The hAP ac lite is unique in that it is a managed switch pre-configured correctly when you flash it, AND it also has two radios which you can put on as AREDN rf or on LAN (part 15 wifi). So you get radios AND you get a managed switch and you can connect your Rocket to port 5 because it's pre-configured ot do that.
Now for a larger installation ... SOME dumb un managed switches can connect to Port5 and extend the number of devices on VLAN2 ... and some don't do this well. You can also get a larger managed switch and assign ports to whichever network you want.
When you turned off the DHCP on the Rocket, and plugged it into port 5 ... the Rocket stopped fighting the hAP for who gets to be the router. You can only have ONE router per network and now that DHCP on the Rocket is turned off you have it correct. There is another fancy way you can program a managed switch so that all the AREDN VLAN2 devices can have their DHCP on, but the smart managed switch would be setup so only one port will allow that device to be the router and it ignores the attempts by other devices to be the router. I understood this once a while ago when I setup a switch, and now belive I need a refresher.
This networking stuff can be a steep learning curve and now my brain hurts. Glad you are up and running!
73, Ed
PS added afterthought ... I think it's possible for this to also work but I wouldn't recommend it ...
You could choose to use the DHCP on the Rocket instead and turn that on, while also turning OFF the DHCP for the hAP. In that case the router function and all port assignments, tunnels stuff etc would be the business of the Rocket instead of the hAP. The hAP would be a managed switch without being the router. Again ... I would suggest letitng the hAP remain the router as it has more memory and then you can change rf nodes without too much bother.
For example the guides and here we're saying to turn off DHCP. But there isn't just one DHCP setting, there is DHCP for the node to assign addressses the LAN it creates, and there is the the DHCP setting for the node to acquire an address from whatever it's plugged in to. Do you turn off both? The behavior I'm assign from the Rocket is that regardless of what is selected or assigned or where it's plugged in it does not, except maybe randomly, ever acquire an address from another device, which then shows as it's WAN ip address on the node status page. This also means that here where I have the Rocket plugged in to port 5 of the Hap Lite that the Hap lite DHCP page does not show the Rocket on it's DHCP assignments page. It's also weird that nothing shows the MAC address, but that's another issue. The weird thing to me is that despite not having an IP address it to work, I suppose because it already has the 2 other address that it shows as LAN addresses.
The other setting I wonder about is the VLAN setting on the advanced config page. The Hap Lite seems to default to no vlan (no number in the field), and the Rocket defaults to a Vlan of 1 and can not be set to not have a value. Setting the Hap Lite to any number seems break everything for me so at the moment it is blank. Should I set the Rocket Vlan to 2 as you described? I don't see anywhere in the Hap Lite to view or change the Vlan settings for attached devices, so I guess we can just trust that it's set up as described.
An AREDN node that is connected via the WAN port will display the WAN IP address given to it by the outside network. So my hAP here has both an IP address on WAN and it has an AREDN IP address called LAN which was served up by the node controlling LAN DHCP.
On a site with multiple devices, where one node hosts the tunnel client that particular node has both LAN and WAN addresses, but the other nodes only have LAN addresses. The devices which are not hosting the WAN connection to an outside network don't need a WAN address as packets for them are handled inside the logic of the managed switch.
Hope that helps, sounds like you're setup ok just looking for fields to be populated that don't need to be.
Ed
To break out the WAN, LAN, and DtD ports, you need a switch that supports 802.1Q.
+0.999
There are (backup) file samples for some common affordable VLAN capable switches
(Netgear GS-10[58]E) somewhere here at arednmesh.org.
Just like you said:
If you only need to DtD 2 or more nodes and don't need to provide WAN or assign LAN hosts,
the tie them all together with a simple switch on a DtD port of a
VLAN switch, Mikritik hAP[,ac2,ac3,) or GL-iNet AR750.
73, Chuck
Sorry, I thought I had this all figured out, but one more question... If I have the wan settings on the HAP lite at default in this configuration, with the Rocket in port 5, the rocket isn't able to access things like firmware updates. (If on the administration page I click refresh next to download firmware, it says:
Error: no route to Host
If I set the HAP lite to Allow other MESH nodes to use my WAN to on, then the rocket can download firmware.
But I would think the desired setup is to leave that off. But shouldn't locally connected devices be able to do things like update firmware by default?
Thank you
"shouldn't locally connected devices be able to do things like update firmware by default? "
KD0RJR:
Not with a hAP running AREDN firmware.
The DtD port on the hAP passes VLAN2 (DtD) tagged packets, not VLAN1 (WAN) tagged packets.
The LAN attached devices on the hAP get WAN access if the hAP has WAN access.
A solution to update the firmware on all your remote devices, is
enable WAN, save setting, reboot,
update all remote nodes,
disable WAN, save setting, reboot.
WAN can be shared over 'locally connected devices' with fancier hardware.
[You may stop reading here.]
e.g. I have a Netgear GS108E VLAN 8 port switch in the garage configured as
(VLAN11(NODE LAN LAN) (VLAN22(NODE LAN) (VLAN33(NODE LAN) TRUNK(VLAN1, VLAN2, VLAN11, VLAN22, VLAN33).
The TRUNK carries tagged VLANs 1, 2, 11, 22, 33 to the home.
In the home I have a VLAN switch where I untag the VLAN1 traffic to a WAN port which grants, eventually, internet access to nodes in the garage.
The home VLAN switch's WAN port goes to my home router's LAN and
my home router's WAN goes to my ISP.
(I can/could untag VLANS 11, 22, 33 to LAN ports on the home VLAN switch, then
devices in the home could get DHCP LAN addresses from the 3 AREDN devices cabled into the garage's GS-108E switch.)
73, Chuck