OpenWrt 双频合一 + 多路由 Mesh 组网完整方案

OpenWrt 双频合一 + 多路由 Mesh 组网完整方案

一、架构设计

网络拓扑示例

互联网 | 主路由 (OpenWrt) - 192.168.1.1 | (有线/无线回程) Mesh节点1 (OpenWrt) - 192.168.1.2 | (无线回程) Mesh节点2 (OpenWrt) - 192.168.1.3 | 客户端设备 (自动漫游)

二、软件包选择和安装

1.基础软件包安装

# 所有节点执行opkg update# 安装完整的无线和mesh支持（推荐wpad-mesh-wolfssl，轻量）opkg remove wpad-basic-wolfssl opkginstallwpad-mesh-wolfssl# 安装mesh相关工具opkginstalliwinfo iw-full batctl batctl-full kmod-batman-adv# 安装网络诊断工具opkginstallnetperf iperf3 tcpdump-mini luci-app-statistics# 安装LuCI管理界面（可选）opkginstallluci luci-app-meshwizard luci-app-dawn

2.各版本特性对比

# 根据设备性能选择# 1. 低配设备（RAM < 128MB）：wpad-mesh-wolfssl# 2. 中配设备（RAM 128-256MB）：wpad-mesh-mbedtls# 3. 高配设备（RAM > 256MB）：wpad-mesh-openssl# 切换版本示例opkg remove wpad-mesh-wolfssl opkginstallwpad-mesh-openssl

三、双频合一基础配置

1.主路由配置 (192.168.1.1)

/etc/config/wireless

# 2.4GHz 配置config wifi-device'radio0'optiontype'mac80211'option channel'6'option htmode'HT20'option disabled'0'option country'CN'option txpower'20'config wifi-iface'wifinet0'option device'radio0'option mode'ap'option ssid'HomeMesh'option encryption'sae-mixed'# WPA3/WPA2混合option key'YourSecurePassword123'option network'lan'# 快速漫游配置option ieee80211r'1'option mobility_domain'a1b2'option ft_over_ds'1'option ft_psk_generate_local'1'# 802.11k/voption ieee80211k'1'option ieee80211v'1'# 802.11w 管理帧保护option ieee80211w'1'option pmf'1'# 5GHz 配置config wifi-device'radio1'optiontype'mac80211'option channel'44'option htmode'VHT80'option disabled'0'option country'CN'option txpower'23'config wifi-iface'wifinet1'option device'radio1'option mode'ap'option ssid'HomeMesh'# 相同SSIDoption encryption'sae-mixed'option key'YourSecurePassword123'# 相同密码option network'lan'# 快速漫游配置（必须与2.4GHz相同）option ieee80211r'1'option mobility_domain'a1b2'option ft_over_ds'1'option ft_psk_generate_local'1'option ieee80211k'1'option ieee80211v'1'option ieee80211w'1'# 5GHz优化参数option short_gi_80'1'option ldpc'1'option maxassoc'24'

2.配置DHCP和DNS

/etc/config/dhcp

config dhcp'lan'option interface'lan'option start'100'option limit'150'option leasetime'12h'option dhcpv6'server'option ra'server'# 为mesh节点预留IPlist dhcp_option'6,192.168.1.1'# DNS服务器option force'1'

四、Mesh组网配置（802.11s + BATMAN-adv）

1.Mesh回程网络配置

方案A：专用5GHz Mesh回程（推荐）

主路由配置：添加Mesh接口

# 在 /etc/config/wireless 中添加config wifi-iface'mesh_backhaul'option device'radio1'# 使用5GHz radio，如果支持双5GHz更好option mode'mesh'option mesh_id'MyMeshBackhaul'option encryption'sae'option key'MeshBackhaulKey456'option network'mesh'option disabled'0'# Mesh特定参数option mesh_fwding'1'option mesh_ttl'5'option mesh_hwmp_rootmode'3'# Root Announcement模式option mesh_rssi_threshold'-75'# 使用802.11soption mesh_type'802.11s'

方案B：使用现有频段（简化版）

所有节点通用Mesh配置

# 创建Mesh配置文件 /etc/config/meshcat>/etc/config/mesh<<'EOF' config mesh 'setup' option enabled '1' option mesh_type '802.11s' option mesh_id 'HomeMeshNetwork' option encryption '1' option key 'MeshSharedKey123' option frequency '5180' # 5GHz信道 option bandwidth '80' config batman 'bat0' option enabled '1' option aggregation '1' option gw_mode 'server' # 主路由设为server，节点设为client option gw_sel_class '20' option orig_interval '1000' option fragmentation '1' EOF

2.BATMAN-adv 配置

/etc/config/network - 添加batman接口

# 所有节点配置config interface'bat0'option proto'batadv'option routing_algo'BATMAN_IV'# 或 BATMAN_Voption aggregated_ogms'1'option ap_isolation'0'option bonding'0'option fragmentation'1'option gw_mode'client'# 主路由为 'server'option gw_sel_class'20'option orig_interval'1000'option bridge_loop_avoidance'1'option distributed_arp_table'1'option multicast_mode'1'option network_coding'0'option hop_penalty'30'# 将无线接口加入batmanconfig interface'mesh'option proto'batadv_hardif'option master'bat0'option mtu'1532'# batman需要更大的MTU

3.多节点网络配置

节点1 (192.168.1.2) - /etc/config/network

# Mesh网络接口config interface'mesh'option proto'static'option ipaddr'192.168.100.2'# Mesh管理IPoption netmask'255.255.255.0'option mtu'1532'# LAN桥接（接入点模式）config interface'lan'optiontype'bridge'option proto'static'option ipaddr'192.168.1.2'option netmask'255.255.255.0'option gateway'192.168.1.1'option dns'192.168.1.1'list ports'eth0'# 有线端口list ports'bat0'# 加入batman接口

节点2 (192.168.1.3) - 类似配置，修改IP即可

五、智能漫游优化

1.安装和配置DAWN（分布式漫游管理器）

# 所有节点安装opkginstalldawn luci-app-dawn# 配置DAWNcat>/etc/config/dawn<<'EOF' config dawn 'global' option enabled '1' option max_inactive '300' option min_probe_count '2' option min_rssi '-75' option min_connected_rssi '-65' option interval '30' option ht_support '1' option vht_support '1' option verify_probability '3' option use_station_count '1' option band_steering '1' # 频段引导 option ieee80211k '1' option ieee80211v '1' option ieee80211r '1' config zone 'home' list network 'lan' option max_stations '64' option min_rssi '-75' option min_connected_rssi '-65' EOF

2.创建漫游优化脚本

cat>/usr/bin/roam-optimize.sh<<'EOF' #!/bin/sh # 漫游优化脚本 # 设置漫游阈值 set_roam_threshold() { local iface=$1 local threshold=$2 # 设置RSSI阈值 iw dev $iface set mesh_param mesh_rssi_threshold $threshold 2>/dev/null # 设置主动漫游参数 echo "roam_threshold=$threshold" > /sys/kernel/debug/ieee80211/phy0/netdev:$iface/roam_params } # 为每个接口设置 for iface in $(iw dev | grep Interface | awk '{print $2}'); do # 获取频段 band=$(iw dev $iface info | grep -o "24\|5" | head -1) if [ "$band" = "24" ]; then set_roam_threshold $iface -70 # 2.4GHz阈值 else set_roam_threshold $iface -75 # 5GHz阈值 fi # 启用快速切换 iw dev $iface set mesh_param mesh_hwmp_rootmode 4 2>/dev/null done # 设置内核参数优化漫游 echo 100 > /proc/sys/net/ipv4/neigh/default/base_reachable_time_ms echo 50 > /proc/sys/net/ipv4/neigh/default/gc_stale_time logger "漫游优化已应用" EOFchmod+x /usr/bin/roam-optimize.sh

六、高级功能配置

1.频段引导 (Band Steering)

cat>/usr/bin/band-steering.sh<<'EOF' #!/bin/sh # 频段引导脚本 LOG_TAG="BandSteering" # 日志函数 log() { logger -t "$LOG_TAG" "$1" } steer_client() { local mac=$1 local current_band=$2 local target_band=$3 # 获取信号强度 local rssi=$(iwinfo $current_band assoclist 2>/dev/null | \ grep -i "$mac" | grep -o "RX: -[0-9]*" | cut -d' ' -f2) # 获取设备能力 local capabilities=$(iwinfo $current_band assoclist 2>/dev/null | \ grep -i "$mac" | grep -o "VHT\|HT") # 如果设备支持5GHz且信号较弱，引导到5GHz if [ -n "$capabilities" ] && [ -n "$rssi" ]; then if [ "$rssi" -gt -70 ] && [ "$current_band" = "wlan0" ]; then # 2.4GHz信号好但设备支持5GHz，保持连接 return 0 elif [ "$rssi" -lt -75 ] && [ "$current_band" = "wlan0" ]; then # 2.4GHz信号弱，尝试断开让设备连接5GHz log "引导 $mac 从 $current_band 切换到 $target_band (RSSI: $rssi)" iw dev $current_band station del "$mac" 2>/dev/null return 1 fi fi return 0 } # 主循环 log "频段引导启动" while true; do # 检查2.4GHz客户端 iwinfo wlan0 assoclist 2>/dev/null | grep -E "([0-9A-F]{2}:){5}[0-9A-F]{2}" | while read line; do mac=$(echo "$line" | awk '{print $1}') steer_client "$mac" "wlan0" "wlan1" done # 检查5GHz客户端 iwinfo wlan1 assoclist 2>/dev/null | grep -E "([0-9A-F]{2}:){5}[0-9A-F]{2}" | while read line; do mac=$(echo "$line" | awk '{print $1}') # 如果5GHz信号太弱，可以引导回2.4GHz rssi=$(echo "$line" | grep -o "RX: -[0-9]*" | cut -d' ' -f2) if [ -n "$rssi" ] && [ "$rssi" -lt -85 ]; then log "5GHz信号弱，引导 $mac 回2.4GHz (RSSI: $rssi)" iw dev wlan1 station del "$mac" 2>/dev/null fi done sleep 30 done EOFchmod+x /usr/bin/band-steering.sh

2.负载均衡

cat>/usr/bin/load-balancer.sh<<'EOF' #!/bin/sh # 客户端负载均衡 MAX_CLIENTS_PER_AP=20 # 每个AP最大客户端数 CHECK_INTERVAL=60 # 检查间隔(秒) balance_load() { # 获取各AP客户端数量 local clients_2g=$(iwinfo wlan0 assoclist 2>/dev/null | wc -l) local clients_5g=$(iwinfo wlan1 assoclist 2>/dev/null | wc -l) # 计算差值 local diff=$((clients_2g - clients_5g)) # 如果差值过大，尝试平衡 if [ ${diff#-} -gt 5 ]; then # 绝对值大于5 if [ $clients_2g -gt $clients_5g ]; then # 2.4GHz负载高，引导部分客户端到5GHz iwinfo wlan0 assoclist 2>/dev/null | \ grep -E "([0-9A-F]{2}:){5}[0-9A-F]{2}" | \ tail -$((diff/2)) | while read line; do mac=$(echo "$line" | awk '{print $1}') iw dev wlan0 station del "$mac" 2>/dev/null logger "负载均衡：将客户端 $mac 从2.4GHz断开" done fi fi } # 主循环 while true; do balance_load sleep $CHECK_INTERVAL done EOF

七、网络优化配置

1.内核参数优化

cat>/etc/sysctl.d/99-mesh-optimize.conf<<'EOF' # 网络核心参数 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.core.rmem_default = 131072 net.core.wmem_default = 131072 net.core.optmem_max = 65536 net.core.netdev_max_backlog = 5000 # IPv4参数 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 65536 16777216 net.ipv4.tcp_mtu_probing = 1 net.ipv4.tcp_congestion_control = bbr net.ipv4.tcp_slow_start_after_idle = 0 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_fin_timeout = 30 # 邻居表优化 net.ipv4.neigh.default.gc_thresh1 = 1024 net.ipv4.neigh.default.gc_thresh2 = 2048 net.ipv4.neigh.default.gc_thresh3 = 4096 net.ipv4.neigh.default.base_reachable_time_ms = 30000 net.ipv4.neigh.default.gc_stale_time = 60 # 无线优化 net.mptcp.enabled = 1 net.mptcp.checksum_enabled = 1 EOF# 应用配置sysctl -p /etc/sysctl.d/99-mesh-optimize.conf

2.无线驱动优化

cat>/etc/modules.d/99-wifi-optimize<<'EOF' # 无线驱动参数 options ath9k nohwcrypt=1 options ath10k_core skip_otp=y options mac80211 probe_wait_ms=500 options cfg80211 ieee80211_regdom="CN" EOF

八、自动配置同步脚本

1.配置同步脚本

cat>/usr/bin/sync-mesh-config.sh<<'EOF' #!/bin/sh # Mesh配置同步脚本 MASTER_ROUTER="192.168.1.1" CONFIG_FILES="wireless network firewall" BACKUP_DIR="/etc/mesh-backup" DATE=$(date +%Y%m%d_%H%M%S) # 创建备份 backup_config() { mkdir -p $BACKUP_DIR/$DATE for file in $CONFIG_FILES; do cp /etc/config/$file $BACKUP_DIR/$DATE/ done } # 从主路由同步配置 sync_from_master() { for file in $CONFIG_FILES; do # 使用scp或tftp下载配置 scp root@$MASTER_ROUTER:/etc/config/$file /tmp/$file.master if [ -f /tmp/$file.master ]; then # 合并配置（根据实际情况调整） merge_config $file fi done } # 合并配置函数 merge_config() { local file=$1 case $file in wireless) # 保留本地的MAC地址和设备特定设置 grep -E "(option ssid|option encryption|option key|option mesh_id)" /tmp/$file.master > /tmp/master_settings # 合并到本地配置 uci import $file < /tmp/master_settings ;; network) # 只同步Mesh相关配置 grep -A5 -B5 "mesh\|bat0" /tmp/$file.master > /tmp/network_mesh # 应用配置 ;; esac } # 主函数 case "$1" in backup) backup_config ;; sync) sync_from_master ;; restore) restore_config ;; *) echo "用法: $0 {backup|sync|restore}" exit 1 ;; esac EOFchmod+x /usr/bin/sync-mesh-config.sh

九、监控和诊断

1.Mesh网络监控面板

cat>/usr/bin/mesh-monitor.sh<<'EOF' #!/bin/sh # Mesh网络监控 clear echo "=== Mesh网络监控面板 ===" echo "按 Ctrl+C 退出" echo "" while true; do echo "时间: $(date '+%Y-%m-%d %H:%M:%S')" echo "" # 显示Mesh状态 echo "1. Mesh邻居节点:" batctl n 2>/dev/null | awk 'NR>1 {print $1, $4, $5, $6}' echo "" # 显示无线接口状态 echo "2. 无线接口状态:" for iface in $(iw dev | grep Interface | awk '{print $2}'); do echo " $iface:" echo " 客户端数: $(iwinfo $iface assoclist 2>/dev/null | wc -l)" freq=$(iw dev $iface info 2>/dev/null | grep channel | awk '{print $2}') echo " 信道: $freq" done echo "" # 显示系统状态 echo "3. 系统状态:" echo " CPU负载: $(uptime | awk -F'load average:' '{print $2}')" echo " 内存使用: $(free -m | awk 'NR==2{printf "%s/%sMB (%.1f%%)", $3,$2,$3*100/$2}')" echo " 温度: $(sensors 2>/dev/null | grep temp | head -1 | awk '{print $2}')" echo "" # 显示网络流量 echo "4. 网络流量 (最近10秒):" for iface in bat0 wlan0 wlan1; do if [ -d "/sys/class/net/$iface" ]; then rx1=$(cat /sys/class/net/$iface/statistics/rx_bytes) tx1=$(cat /sys/class/net/$iface/statistics/tx_bytes) sleep 1 rx2=$(cat /sys/class/net/$iface/statistics/rx_bytes) tx2=$(cat /sys/class/net/$iface/statistics/tx_bytes) rx_rate=$((($rx2 - $rx1) / 1024)) tx_rate=$((($tx2 - $tx1) / 1024)) echo " $iface: RX ${rx_rate}KB/s | TX ${tx_rate}KB/s" fi done sleep 5 clear done EOFchmod+x /usr/bin/mesh-monitor.sh

2.自动化诊断工具

cat>/usr/bin/mesh-diagnose.sh<<'EOF' #!/bin/sh # Mesh网络诊断工具 echo "=== Mesh网络诊断报告 ===" echo "生成时间: $(date)" echo "" # 1. 检查基础服务 echo "1. 服务状态检查:" services="network firewall batman-adv dawn" for service in $services; do if /etc/init.d/$service enabled > /dev/null 2>&1; then status="已启用" else status="未启用" fi echo " $service: $status" done echo "" # 2. 检查Mesh连接 echo "2. Mesh连接状态:" if command -v batctl > /dev/null; then echo " BATMAN邻居:" batctl n 2>/dev/null else echo " batctl未安装" fi echo "" # 3. 检查无线接口 echo "3. 无线接口状态:" iw dev | grep -A5 "Interface" echo "" # 4. 检查漫游配置 echo "4. 漫游配置检查:" for iface in wlan0 wlan1; do if [ -d "/sys/class/net/$iface" ]; then echo " $iface:" iw dev $iface get mesh_param 2>/dev/null | grep rssi fi done echo "" # 5. 性能测试 echo "5. 网络性能测试:" echo " 正在测试到主路由的延迟..." ping -c 5 192.168.1.1 | tail -2 echo "" # 6. 建议 echo "6. 诊断建议:" echo " - 确保所有节点使用相同信道" echo " - 检查节点间信号强度（应大于-75dBm）" echo " - 确保所有节点时间同步" echo " - 检查是否有信道干扰" EOFchmod+x /usr/bin/mesh-diagnose.sh

十、部署和测试

1.部署步骤

# 步骤1：准备所有路由器# 在每个设备上刷入相同版本的OpenWrt# 步骤2：配置主路由# 按上述配置设置主路由，确保能正常上网# 步骤3：配置节点路由# 复制主路由的无线配置，修改IP地址和角色# 步骤4：建立Mesh连接# 启动所有节点，检查batctl n输出# 步骤5：优化和测试# 运行诊断脚本，调整信道和功率

2.测试脚本

cat>/usr/bin/test-mesh-roaming.sh<<'EOF' #!/bin/sh # Mesh漫游测试脚本 echo "开始Mesh漫游测试..." echo "请准备一个客户端设备（如手机）" echo "" echo "测试1: 基本连接" echo "请将设备连接到 'HomeMesh' 网络" read -p "连接成功后按回车继续..." echo "" echo "测试2: 信号强度检查" echo "请记录设备在各位置的信号强度:" echo "位置1 (靠近主路由):" echo "位置2 (中间点):" echo "位置3 (靠近节点路由):" read -p "记录完成后按回车继续..." echo "" echo "测试3: 漫游测试" echo "请拿着设备从主路由慢慢走到节点路由" echo "观察连接是否中断，切换时间应<100ms" echo "可以使用 ping 192.168.1.1 -t 测试" read -p "测试完成后按回车继续..." echo "" echo "测试4: 双频切换" echo "请检查设备是否自动连接到5GHz" echo "如果一直连接2.4GHz，可能需要启用频段引导" read -p "检查完成后按回车继续..." echo "测试完成！" EOFchmod+x /usr/bin/test-mesh-roaming.sh

十一、故障排除

常见问题解决

# 1. Mesh连接失败# 检查信道是否一致iw dev mesh0 info|grepchannel# 检查Mesh ID是否相同iw dev mesh0 info|grepmeshid# 2. 无法漫游# 检查802.11k/v/r是否启用iwinfo wlan0 info|grep-E"802.11"# 检查DAWN是否运行/etc/init.d/dawn status# 3. 性能不佳# 检查信道干扰iw dev wlan0 survey dump# 检查节点距离# 信号强度应大于-75dBm# 4. IP冲突# 检查所有节点IPcat/etc/config/network|grepipaddr

这个完整的方案提供了从基础配置到高级优化的所有步骤，您可以根据实际网络环境和设备性能进行调整。建议先从基础的双频合一配置开始，稳定后再逐步添加Mesh和高级功能。