I noticed that the subdomain dev.libre-mesh.org runs with a self-signed
certificate, which is annoying because casual people browsing (and
security paranoid) won't accept to add an exception in order to read
more and will leave...
A free browser-accepted certificate can be obtained from StartSSL 
(for that specific domain, wildcards and extended verification certs are
not for free of course, but we there is no need for them).
I have just pushed the feature/ground-routing branch to our git repo, the good
news is that it is already usable and working, the bad news is that it seems
that openwrt doesn't offer a way to know who switch%d is so it could arbitrary
be eth0 or eth1 depending on the model and seems there is no way to determine
it from software side -_-
what I have done now is assume in the code that swtich$i will be mapped to
eth$i and although it is not true it works on all device i have and on device
we use the most like tl-wdr3x00
what openwrt do is ship a spefic confing for each different device, this config is
manually written by the person who write the support for that device so plain
old boring manual human work...
what we can do is
1) leave stuff as is, so users with "unusual" devices have do do some adjust
2) Introduce some kind of very very hardware specific module like the unpopular
lime-hwd-tl-wdr3600 we had this summer for each device with a "switch map"
readeable by a program
3) Push openwrt developers to implement some kind of mechanism to make switch
map readeable from software side
I have been working on adding support for ground routing in libre-mesh in this
days around winter solstice, today i have done various tests and as they
satisfied me i have merged the work on develop branch, although it is stable
and usable, some buggy switch chip of some router like tl-wdr3500 need some
little (remove Ground routing port from other vlans) configuration tweaking
after lime autoconfiguration, while for example the tl-wdr3600 works out of the
Moreover ground routing works also with CPE that doesn't have an integrated
switch like e ubnt-bullet :)
Debugging/Patches/Feedback are all welcome
Today I have compiled and installed the last libre-mesh develop branch
with the last openwrt-trunk. Congratulations to everyone! It worked fine
almost out-of-the-box. The next points are my thoughts/questions
regarding the current state of lime:
1) The firewall problem is not yet fixed, so raw images which does not
include the firewall packet are not properly working.
2) Last OpenWRT/trunk does not have the iptables nat module
(CONFIG_PACKAGE_kmod-ipt-nat) by default enabled (WTF?), so it should be
added as dependency for lime-system. May be also related with the
default strip kernel/libraries options (which comes enabled).
3) Would be nice to write the current options (even if they are the
default ones) to /etc/config/lime once the lime-config script is
executed. So it should 1) use the options specified in the file 2) fill
the non-specified options. Then in the config file you got a picture of
the current whole system configuration, when you upgrade the node these
options are preserved and the node is configured in the same exact way
it was before.
4) Is there any way to specify: "do no configure (or ignore) this radio
device" to lime-config?
5) In my tests, when I try to set some parameters for a specific radio
device (i.e only radio1), lime-config crashes. My first thought is that
if there is a specific configuration for radioX, lime-config expect to
find all the needed parameters there. I think it should try to find
first the parameters in the specific configuration and afterwards (if
the parameter does not exist) look in the generic/default wifi
now adhoc_ssid is parameterizable with %H that will be substituted by hostname
and with %Mn that will be substituted by the n'th byte of the device primary
mac address, if you have personal clones and wanna test the feature just
rebase on top of develop branch
We're having the problem that bmx6 nodes sometime come up on different
The interfaces are getting fd66:0066:0066:00XX::/64 IPs, where XX is the
interface index. This means that some nodes are on different subnets, since
they don't all have the same wifi interface index. Is this intentional, and
if so, why? It means that just running "bmx6 dev=wlan0" on each node will
not result in a working mesh where every node can reach every other node on
their bmx6-assigned addresses.
It seems that either the mask should be changed to /56 or the interface
index should be used as the eigth or higher byte instead of the seventh?
Perhaps it would be better to replace the ff:fe inserted into the middle of
the MAC address with the interface index?
Here's the responsible code from
if (!global_prefix_cfg.mask && !dev->global_prefix_conf_.mask &&
autoIP6 = bmx6AutoEUI64Ip6(dev->if_link->addr, &autoconf_prefix_cfg);
autoIP6.mask = DEF_AUTO_IP6_DEVMASK;
autoIP6.ip.s6_addr = DEF_AUTO_IP6_BYTE6;
autoIP6.ip.s6_addr = (uint8_t)dev->if_link->index; //different ULAs
for equal MAC addresses!!