I think it would be cool to build a WiFi mesh network! And there are some standard tools to do so. There is 802.11s mode, which basically lets you create a mesh network (peers connect to each other and forward packets through each other). It's super easy to create such a mesh network, here is a guide. But 802.11s is rarely supported by WiFi drivers. I was able to find only two devices that supported it in my possession: an old USB WiFi dongle and a Steam Deck. Some other devices reported support but refused to work.

There is another option: B.A.T.M.A.N. It uses WiFi IBSS mode (or also called Ad-hoc). Basically, IBSS lets peers connect to each other, but there is no packet forwarding unlike in mesh mode, so batman-adv is used to create the mesh network. IBSS is supported by many more devices.

Do we need to use batman-adv though? Since IBSS provides connection between individual peers, that's all we really need to make yggdrasil work. The rest of the routing magic is managed by yggdrasil, so we actually don't need to use batman-adv. In fact, if you use 802.11s mesh mode, you should disable mesh packet forwarding when using yggdrasil.

So, how do we create an ad-hoc network and connect all the peers together?
First of all, make sure IPv6 link-local addresses get generated automatically, so we won't have to run any daemon to manage the interface:

sysctl -w net.ipv6.conf.eth0.addr_gen_mode=0

After that, the setup process is similar to 802.11s. Let's assume your WiFi interface is wlan0 and is displayed in iw list as phy0:

iw dev wlan0 del
iw phy phy0 interface add ibs0 type ibss
iw ibs0 ibss join ygg-net 2412 HT40+

And that's it! Now, you might need to remove the HT40+ at the end of the last command. My Raspberry Pi 4 refused to work in this 40MHz mode.
You can also add the Passsword parameter in MulticastInterfaces to create a password-protected network, but I see no point in access control here, since yggdrasil already encrypts all the traffic, and there is no access to the local network, unless you configure the WiFi interface. Wpa_supplicant also supports IBSS mode and lets you configure access control, but I had issues with it on some devices and was unable to configure the HT 40MHz mode.

You should be able to see the current interface configuration and the list of connected devices using these commands:

iw ibs0 info
iw ibs0 station dump

If you have yggdrasil running on each of the nodes, you should now see connections through ibs0 in the peer list:

yggdrasilctl getpeers | grep ibs0

If at least one of the nodes has access to the internet, and has peers in the config, you should be able to access any node on the yggdrasil network from any node on your WiFi mesh. This might not seem very useful at first, but you can setup a wireguard server on any yggdrasil node with internet access, and then all the mesh nodes can connect to it through yggdrasil.


2 Comments latest

  • Ilya_MZP Author

    Some drivers don't let you delete the WiFi interface, so you can use: iw wlan0 set type ibss

  • NickName

    It'd be coolest if yggdrasil had less size to use it on routers, it's really obstacle in many cases