Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:wifi [2025-03-30 Sun wk13 13:17] – [/etc/config/uhttpd] baumkplinux_router:wifi [2025-05-24 Sat wk21 19:59] (current) – [/etc/config/uhttpd] baumkp
Line 1: Line 1:
 +{{tag>linux router wifi "wifi router" "access point"}}
 ======Wifi Router / Access Points====== ======Wifi Router / Access Points======
 I prefer to run higher quality wifi access points (AP) than the all in one type routers.   My current router is X86 based running Linux Nftables on bare metal and Bind9 and Kea as well as some other services in Docker on a VM. I prefer to run higher quality wifi access points (AP) than the all in one type routers.   My current router is X86 based running Linux Nftables on bare metal and Bind9 and Kea as well as some other services in Docker on a VM.
Line 14: Line 15:
 =====Wi-Fi Extender/Repeater with Bridged AP over Ethernet===== =====Wi-Fi Extender/Repeater with Bridged AP over Ethernet=====
 I always setup my Wifi Routers as Wifi Access Points (AP) using an Ethernet uplink only, also know as "Dump AP" or "Bridged AP" Effectively the AP becomes an extension of my LAN and all the providing the Wifi functionality, all DNS, DHCP, firewalling, NAT functions occur in the upstream Ethernet wired Router. I always setup my Wifi Routers as Wifi Access Points (AP) using an Ethernet uplink only, also know as "Dump AP" or "Bridged AP" Effectively the AP becomes an extension of my LAN and all the providing the Wifi functionality, all DNS, DHCP, firewalling, NAT functions occur in the upstream Ethernet wired Router.
 +
 +802.11r is fast transition from one AP to another in the same mobility domain (i.e. faster authentication when you roam from one AP to another)
 +802.11k/v is band steering (i.e. help the client device to find a nearby AP that it would consider roaming to or "stimulate" a device to roam if an AP is saturated)
  
 =====/etc/config/uhttpd===== =====/etc/config/uhttpd=====
Line 48: Line 52:
  option commonname 'OpenWrt'</code>  option commonname 'OpenWrt'</code>
 ++++ ++++
 +I copy my main '*.local.kptree.net' cer/crt and key files from LetsEncrypt to the openWRT machines /etc/uhttpd.crt and key files using 'scp' from the machine remote to the openWRT machines. Install sftp-server with ''opkg update'' and ''opkg install openssh-sftp-server''.
 +  *''scp .config/certificates/'*.local.kptree.net.key' root@wifi-ap1.local.kptree.net:/etc/uhttpd.key'' to copy across the key
 +  *''scp .config/certificates/'*.local.kptree.net.cer' root@wifi-ap1.local.kptree.net:/etc/uhttpd.crt'' to copy across the certificate
 +I have a separate script that extracts the various certificates key from Traefik combined certificate file that I need to use on my mail server, that is mentioned elsewhere on my wiki.
 +
 +After the certificates are updated the router must be rebooted or the uhttpd module restarted:
 +  *ssh into the router ''%%ssh root@wifi-ap1.local.kptree.net:/etc/uhttpd.crt%%'' and run ''%%/etc/init.d/uhttpd restart%%''
 +  *'Or run the command in ssh: '%%ssh root@wifi-ap0.local.kptree.net "/etc/init.d/uhttpd restart"%%''
 +
 +
 +
 +
  
 ====References==== ====References====