seemebreakthis

(Edit: If you have read this post before, please ignore what I posted before and re-read my updated content below, as there has been a number of drastic changes due to an inaccurate testing methodology in my previous attempt at configuring DAWN !)

For those who have not heard of DAWN, it allows Openwrt to steer clients to the AP with the strongest signal.

I spent a week experimenting with it to make it function the way I want it to (with several days' worth of effort wasted due to an app I used call "WiFi Analyzer" for my android phone. This app turns out to have the capability to make my phone make Wifi roaming decisions on its own, when I thought DAWN was the steering source). So these tips are what made it work for my environment. Please be reminded that every network setup is unique, and what works for me may require some additional tweaking for you.

It is very important to get up to speed with the basics by going through this website first and foremost: https://github.com/berlin-open-wireless-lab/DAWN

Use the site to do the initial installation and configuration.

As for the tips:

None of the faq's and wikis state this explicitly I believe: DAWN needs to be setup on EACH of your Openwrt bridge / gateway routers that's part of your connected / mesh Wifi. Each DAWN instance fires BSS transition instructions to clients that are currently connected to that particular router. So routers with no DAWN running on it will never be able to tell the clients it is time to move to another AP.

Also I had problem getting umdns (a DAWN dependency) to start working properly at router startup, so I had to write a startup script to give umdns some encouragement each time the router is powered on. If you run into the same issue, let me know and I can share my script. The symptom of DAWN not working due to this issue is the inability to show neighbor APs in DAWN's "View Network Overview".

Once you get DAWN up and running, it is all about tweaking the config file (and remember to update the file on each of your Openwrt router with DAWN running) to:

1. make each wireless client send proper beacon reports to show DAWN the signal strength of each AP that each client sees at any give time, and
2. make DAWN send out BSS transition requests in a nimble manner (otherwise wifi is disconnected before any roaming can even take place)

Note that for both points 1 and 2 above, I treated DAWN as a black box and just did a lot of trial and error experiments to make it work eventually. So some of the tweaks may look crazy, but it worked for me after making these changes.

1 - Making clients send beacon report that covers EVERY single AP they see (probably more power demanding resulting in more battery drain (?), but necessary for DAWN to have the information it needs to send out instructions accurately:

Under "config metric 'global'", update the values to the following:

    option min_probe_count '0'
    option bandwidth_threshold '0'
    option use_station_count '0'
    option max_station_diff '1'
    option eval_probe_req '0'
    option eval_auth_req '0'
    option eval_assoc_req '0'
    option kicking '1'
    option kicking_threshold '40'
    option deny_auth_reason '1'
    option deny_assoc_reason '17'
    option min_number_to_kick '2'
    option chan_util_avg_period '3'
    option set_hostapd_nr '1'
    option duration '200'
    option rrm_mode 'apt'

These values have the following effect:

• DAWN includes a feature to attempt steering "Legacy clients" that don't support 802.11v as documented in its github page. It DOESN'T work well. My testings show it very often severs the wifi connection of these 'legacy clients' before the client can make a new connection. And it also confuses clients that properly support 802.11v. My update disables this feature altogether.
• DAWN includes a alternative "kicking method" that considers the absolute RSSI (see "Kicking Method 2: Absolute RSSI" in DAWN's github website). It DOESN'T work well and serves to confuse everything. My update disables this feature altogether.
• DAWN's decision making process is sped up with changes made in min_number_to_kick. I tried decreasing chan_util_avg_period also but the kicking got too jittery.
• By changing rrm_mode and duration, WiFi clients will now send "active" beacon reports which means they will actively seek out APs they can connect to and gather info on each AP's signal strength to provide to DAWN. The duration parameter gives these clients enough time to gather the info it needs to generate beacon reports.

2 - Making DAWN work the way you want it to

This part is more like an art where your 'personal taste' comes into play. Here is my own underlying principle (yours may differ):

• I have several radios in both 2.4GHz and 5GHz. The stronger the signal, the more a 5GHz AP takes precedence even if there is a neighboring 2.4GHz AP with as strong a (or even stronger) signal.

• If all of the 5GHz APs are weak (say -70dBm or less), I will then prefer 2.4GHz that are more stable even at the same dBm level.

With this in mind, I only ended up utilizing the rssi_weight and disabled other calculation methods to determine each AP's final score. Here are the settings:

config metric '802_11g'
    option initial_score '200'
    option ht_support '0'
    option vht_support '0'
    option no_ht_support '0'
    option no_vht_support '0'
    option rssi '0'
    option rssi_val '-10'
    option low_rssi_val '-50'
    option low_rssi '0'
    option chan_util '0'
    option chan_util_val '140'
    option max_chan_util '0'
    option max_chan_util_val '170'
    option rssi_weight '4'
    option rssi_center '-25'

config metric '802_11a'
    option initial_score '80'
    option ht_support '0'
    option vht_support '0'
    option no_ht_support '0'
    option no_vht_support '0'
    option rssi '0'
    option rssi_val '-10'
    option low_rssi_val '-65'
    option low_rssi '0'
    option chan_util '0'
    option chan_util_val '140'
    option max_chan_util '0'
    option max_chan_util_val '170'
    option rssi_weight '8'
    option rssi_center '-65'

One caveat - be very cautious if you decide to use rssi_val or low_rssi_val (my above suggestion disables them). If used, the final scores can become super jerky especially when an APs signal strength borders on the threshold. This can easily cause insane jumping back and forth between different APs, and you end up confusing your network client and DAWN.

That's pretty much it ! DAWN works beautifully but only when your settings are right.

No docs yet on wiki - https://openwrt.org/docs/guide-user/base-system/basic-networking#switch_configuration_dsabridge-vlan - just says 'TO DO'.

But all you need to do in LuCi is go to Network -> Interfaces -> Devices -> Configure br-lan -> Bridge VLAN filtering -> Enable VLAN filtering -> define your VLANs -> then for 'bat0', tag the VLANs that you want the data of which to flow through your mesh.

Simple as that. Of course you also need to define your network interfaces (one per VLAN), and remember to attach br-lan.1, br-lan.2, etc (where 1, 2.... are actually your VLAN IDs) to each of your network interfaces.

Summary: It has actually been a few months since my site came into existence. But being a newcomer to Lemmy I thought I'd post my experience once again here.

---

I had close to zero experience in web site development. I had never written a line of code in PHP nor used a PostgreSQL database, let alone creating and managing one.

However, I thought this lack of experience made me a good candidate to test just how powerful ChatGPT is. After two weeks of on-and-off construction, I finally completed a completely functional website that serves as an "online guest book" and is open for everyone to try out. A feat that I probably could never have achieved without any help.

Here are some of the amazing highlights of how ChatGPT helped:

• Debugging - I took the approach of using a website design software and incorporating snippets provided by ChatGPT. Very often, that would lead to unknown errors, and I just found myself copying and pasting the entire file and giving one single word of instruction to ChatGPT - debug. Time and again, it managed to pinpoint the errors after a few back and forths.

• Geolocation and other features - I just told ChatGPT what I wanted to do, and it pointed me in the right direction very quickly. In the case of geolocation, it led me to the right library to use that I had no idea about (geoip geolite2), walked me through the procedure to install it on my NAS, and got it up and running within something like one hour. I am absolutely certain it would have taken me days if not weeks to get it going given my programming background or lack thereof.

• Backend admin site (that only I get to use so no fancy formatting required) - I did not even have to write a single line of code for it. I just told ChatGPT what I wanted the backend admin site to do, and it churned out 4 files for me just like that (with the usual problem of stopping midway through then having to encourage it to continue). I told ChatGPT what errors I encountered with the files, and it kept revising the code until it started running smoothly after a few tries. Two hours later, the backend admin site was done.

Anyway, give this site a try and see what you think: https://www.stringtone.com. The concept is simple, and all of the intelligence and many of the security measures came directly from ChatGPT.

It has been a fun project, but yes, I still have no clue how I can construct something similar without getting ChatGPT's help.

As titled. I receive these reports from other servers like Google / Yahoo / Outlook.com, but I want to 'play nice' in the world of email exchange and do my part in generating these reports for other e-mail servers as necessary.

I doubt Synology Mail Server generates these reports by default. So is there any way to set up DMARC RUA/RUF report generation?

Does anyone here have a working setup of automated acme.sh that renews the certificates every three months?

I tried to setup something but I think I saw an error message when I run it, and due to the way let's encrypt rejects requests when the certificate is not due for renewal, I can't really tell what exactly is the problem as I simply can't repeatedly run my process and check where the error stems from.

Would be great if someone can share a setup that they are currently using that works.

Edit: It finally came time to renew again, and what I have already entered into task scheduler was fired, and the certificate seems to have been renewed successfully.

So basically, just download the latest acme.sh, then add a task in your task scheduler that runs this:

bash /root/.acme.sh/acme.sh --renew -d xyz.com