Re: [B.A.T.M.A.N.] Problems connecting VPN and WLAN with Batman-adv

["Linus Lüssing" <linus.luessing@web.de>]

[-- Attachment #1: Type: text/plain, Size: 3564 bytes --]

Hi Floh1111,

Welcome to the B.A.T.M.A.N. mailing list :).

On Fri, Apr 02, 2010 at 12:54:02AM +0200, Clemens John wrote:
> Hi,
> 
> I use batman advanced ("# batctl o" says "B.A.T.M.A.N. adv 0.2.1-beta r1578") 
> on OpenWrt trunk and I have the following problem:
> 
> I have a wlan meshnetwork in ahdemo mode which uses batman. The meshnetwork is 
> used by clients without batman and therefore I have another network on the 
> same wifi device in ad mode which is bridged with bat0.
> The bridge is in the network 10.18.1.0/24.
> 
> I think its like described in http://www.open-mesh.org/wiki/batman-adv-quick-
> start-guide
Yes, this configuration looks quite good already if I didn't miss
anything and if you're having wifi cards with an atheros chip.
What kind of devices are you using?
> 
> The problem is, that I have a vpn network on tap0 (10.18.0.0/24) and I dont 
> know how I can link this two networks/interfaces to each other with batman.
> I tried to assign tap0 to batman, but this doesnt work.
> 
> I want to be able to ping hosts that uses batman in the vpn and in the wlan 
> network. How can I do this?
Ok, now I have some more questions already :). What do you want to
gain with this vpn exactly, merging a couple of mesh clouds or
getting the network behind the vpn into the mesh? What is
creating this vpn right now, how are the two sites connected with
each other (over network identified with 'lan' I guess?).
Does pinging inside of the vpn itself without any mesh work?

From the configuration now, it looks like you're having another
batman-adv on the other side of the vpn as you've assigned tap0 to
batman. So keep in mind that the recipient on the other side of the tunnel
will get batman-adv ethernet frames only which encapsulate the
payload - there has to be a batman-adv on the other side to unwrap
the IP packets again.
And if there is a batman-adv on the other side of the tunnel, make
sure the vpn itself is transporting whole ethernet frames and not
only ip packets (in tinc this is "switched" mode for instance or
in OpenVPN having "dev tap" and not "dev tun").

Cheers, Linus

> 
> My configs look like this:
> 
> ---------------
> /etc/conf/network
> ---------------
> config 'interface' 'loopback'
>         option 'ifname' 'lo'
>         option 'proto' 'static'
>         option 'ipaddr' '127.0.0.1'
>         option 'netmask' '255.0.0.0'
> 
> config 'interface' 'lan'
>         option 'proto' 'dhcp'
>         option 'ifname' 'eth0'
> 
> config 'interface' 'mesh'
>         option 'type' 'bridge'
>         option 'ifname' 'ath0 bat0'
>         option 'proto' 'static'
>         option 'ipaddr' '10.18.1.101'
>         option 'netmask' '255.255.255.0'
> 
> config 'interface' 'vpn'
>         option 'proto' 'none'
>         option 'ifname' 'tap0'
> 
> ---------------
> /etc/conf/wireless
> ---------------
> config wifi-device  wifi0
>         option type     atheros
>         option channel  6
> 
> config wifi-iface
>         option device   wifi0
>         option mode     ahdemo
>         option bssid    02:CA:FF:EE:BA:BE
> 
> config wifi-iface
>         option device   wifi0
>         option mode     ap
>         option ssid     oldenburg.freifunk.net
> 
> ---------------
> /etc/conf/batman-adv-kernelland
> ---------------
> config batman-adv-kernelland general
>         option interface                'ath1 tap0'
>         option originator_interval
>         option log_level
> 
> thanks
> Floh1111



[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 836 bytes --]