A bunch of wireless access points running 802.11r in a bridged network, based on linux, hostapd, ect.
- distributed, redundant, optimised, converged coverage
Raspberry Pi 3B is ok for testing supporting either spectrum (2.4 or 5.0) in ht mode
SBC with dual concurrent radios to test .. Wally’s Communications DR6018 and DR6018-S V02
DD-WRT ( I really should revisit this, but seems like bloatware
Ubuntu server for ARM seems like a better option
apt-get install rfkill hostapd bridge-utils cpufrequtils dnsmasq htop lldpd sshpass wireless-tools
Don’t need to configure wlan interfaces into the bridge hostapd will do this, loopback is a /32 from within the bridge lan range (linux is crap at strict routing so this will actually work), loopback duplicated on all AP’s for distributed DHCP, DNSMasq, ect
gateway4: 192.168.200.250
wpa_passphrase=password here
ht_capab=[MAX-AMSDU-3839][HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40]
vht_capab=[SHORT-GI-80][SU-BEAMFORMEE]
#vht_oper_centr_freq_seq_idx=42
#rssi_reject_assoc_rssi=-75
#rssi_ignore_probe_request=-75
rssi_reject_assoc_timeout=10
nas_identifier=b827eb3b638c
r1_key_holder=b827eb3b638c
reassociation_deadline=1000
r0kh=ff:ff:ff:ff:ff:ff * 00112233445566778899aabbccddeeff
resolv-file=/etc/resolv.dns
server=/200.168.192.in-addr.arpa/192.168.200.250
address=/double-click.net/127.0.0.1
ipset=/yahoo.com/google.com/vpn,search
server=192.168.200.250@br0
Docker and Openshift Origin
Salt Stack package and configuration management
sshd authentication allow non privilege users during startup/shutdown
pretty sure if I set the radius interface and nas identifier it will control which interface hostapd used for broadcast
cluster DHCP and DNSMasq if required
Clean up and format this blog
TCP multipath dual ip uplinks
build standard vlan on bridge interface (management lan, user, security ect)
build mutiple SSID to vlan
something like vrf to ensure segmentation of SSID/VLANS
Manage all this via salt.. and look into dbus remote send
move to WPA3 or Radius or something more secure
Wifi spectrum management (channel management/switching)
DHCP PXE boot for future management of zigbee ect.
802.11ac dongle, onboard 5ghz radio and antenna are weak switched to 2.4(g)
local cluster/bind9 <--> local dnsmasq
local cluster/bind isc-dhcp-server <--> local dnsmasq
Why, bind9 able to look up root no fowarder required, and local entries for windows ect, but dnsmasq for fast caching .. is it overkill, bind9 is supposed to cache too in ram, but we want this highly available and fast
Same for dhcp fast/redundancy
http://www.routereflector.com/2016/11/working-with-vrf-on-linux/
https://www.raspberrypi.org/documentation/configuration/wireless/access-point-bridged.md
http://ftp.gwdg.de/pub/linux/linux-magazin/listings/raspberry-pi-geek.com/04/AccessPoint/Listing04.txt
https://www.linux.com/topic/networking/advanced-dnsmasq-tips-and-tricks/