[Commotion-discuss] Setting up nodes for dual purpose

[Dan Staples]

Is the idea that you want the mesh network and the private network to be entirely isolated from each other? And maybe you want the single device to provide an internet gateway to both networks? This can be done, but it will take some manual configuration and some familiarity with the OpenWRT advanced menus, such as setting up virtual network interfaces and setting firewall zones.

Of course if you want the two networks to be fully isolated, your best bet is to just use two different routers as that would make things a lot easier. But if you really want to use a single device to provide access points to both the private network and the Commotion network, a dual-radio device like the TP-Link WDR4300 or WDR3600 might be a good bet, so you can dedicate one radio to each network.

After installing and configuring Commotion as normal on the node, you'd need to create a new network interface for the private network, in Advanced->Network->Interfaces. Then you'd create a firewall zone for the new interface that doesn't allow forwarding to/from any other zones (besides WAN if your node has a gateway), in Advanced->Network->Firewall. Finally, you would create an access point that would be attached to the new network interface in Advanced->Network->Wifi.

If the device you are using has an ethernet LAN switch like the TP-Links I mentioned, you could optionally configure that to offer some dedicated port(s) to the private network if you wish, in Advanced->Network->Switch.

Here is some relevant documentation from OpenWRT:

http://wiki.openwrt.org/doc/uci/network
http://wiki.openwrt.org/doc/uci/firewall
http://wiki.openwrt.org/doc/uci/wireless
http://wiki.openwrt.org/doc/uci/network/switch

Dan

On 02/18/2015 09:13 PM, Alex Meyer wrote:
> Hey all, I am in the process of planning out a new network using commotion and was wondering if it was possible to set up selected nodes in the network to serve a dual purpose. The first would be to act as a standard node in the mesh network, but the second would be to also act as a base node for a private network.
> 
> Essentially, I am looking to set up the network so that particular nodes can be both secure and open if that makes sense. It would allow users to both connect to anyone on the mesh network (as well as repeat the signal) but also be able to set a secure network at home that only someone with a password can access (just like a standard home secure network).
> 
> Is this possible? If so, how'd you do it? And has anyone here had success doing it?
> 
> Thanks for any help
> 
> 
> _______________________________________________
> Commotion-discuss mailing list
> Commotion-discuss at lists.chambana.net
> https://lists.chambana.net/mailman/listinfo/commotion-discuss
> 

-- 
Dan Staples

Open Technology Institute
https://commotionwireless.net
OpenPGP key: http://disman.tl/pgp.asc
Fingerprint: 2480 095D 4B16 436F 35AB 7305 F670 74ED BD86 43A9