We're finally getting the new access points configured.

They all have the same SSID: peoplesopen.net

They are all on the mesh subnet: 100.64.0.0/10

In fact they will be on their own chunk of the mesh subnet: 100.64.64.0/22

In order to make that work without having to use VLANs, we installed a new PCI card in the sudo mesh gateway which provides two additional gigabit ethernet interfaces.

One of these interfaces (eth2) now has the IP 100.64.64.1 and it is giving out IPs with DHCP from 100.64.64.50 and to the end of our local chunk of mesh subnet.

The large gigabit ethernet switch we had been using for everything is now being used for the 100.64.x.x subnet and the smaller gigabit switch on top of it is now used for the 192.168.x.x subnet.

I'm calling it a night now but the plan is to link our local 100.64.x.x subnet to the wider mesh with an auto-re-establishing tunnel from the sudo gateway and to isolate the 100.64.x.x and 192.168.x.x subnets in such a way that people on 192.168 can establish new connections to the mesh but the mesh cannot establish new connections to 192.168. We can then simply hook up any local services (like printers) to 192.168 and the wider mesh won't use all our toner printing cat pictures.

We've only configured one of the wifi routers correctly so far (the one in CCL) but copying the config is easy so the others will follows shortly.

The sudomesh access point in sudo room is still on 192.168

--
marc/juul