So you have Althea flashed, and you’ve debugged basic connectivity issues, but something legitimately strange is going on. Now it’s time to do packet capture at all the Althea networking layers and see what’s going on.
To follow this guide you will need to be running linux and have wireshark installed on your own machine.
First plug into the affected router lan and install tcpdump. The router will need internet for this so hook it up via WAN or a Ethernet cable to another mesh router if networking over the connection you want to debug just plain doens’t work.
ssh [email protected]
opkg update; opkg install tcpdump
Now it’s time to do some packet capture, there are three layers for us to capture. The bare wire (or antenna), the per hop tunnel, and the exit tunnel where actual user traffic resides. We’re going to start by sampling the physical interface / bare wire. You can refer to the appropriate file for your device here. The items in the gateway_interfaces list are the mesh ports on that device.
ssh [email protected] tcpdump -U -i <your mesh interface> -w - | wireshark -k -i -
Wireshark will pop up when you run this command, if you see nothing you probably have the wrong mesh port for your connection, try another. Once you start seeing traffic do some speedtests, or otherwise reproduce your issue then inspect/save the packet dump.
Next we sample the per hop tunnel. First we’re going to login and run wg to list per hop tunnels with other mesh peers.
wg
You’re looking for something like this.
interface: wg14
public key: hw2rXXaIOfbcOXbvejB3AyuoSAb3QhPXjC5MwxRqkls=
private key: (hidden)
listening port: 60014
peer: ylLJMrY5Mmke5CMmfqrT/Nqqphh4NgW1E69KpM2+81M=
endpoint: [fd00::8379:a4a7:130b:2554]:60000
allowed ips: ::/0
latest handshake: 54 seconds ago
transfer: 45.45 MiB received, 185.44 MiB sent
persistent keepalive: every 5 seconds
The interface name wg14 is what we want here. Avoid interfaces with ipv4 addresses (unless you specifically want a gateway per hop tunnel) and if you see more than one unplug antennas/cables until you only have the connection you wish to debug and one other tunnel named wg_exit which we will get to later.
Now you can run
ssh [email protected] tcpdump -U -i wg<your number> -w - | wireshark -k -i -
Just like last time, do some speedtests, reproduce your issue. Then inspect and/or save the packet dump.
Finally we can inspect the exit tunnel, no digging to get a name required this time since it’s always named wg_exit
ssh [email protected] tcpdump -U -i wg_exit -w - | wireshark -k -i -
View and/or save the traffic dump.
So now we’ve inspected every layer of the Althea network, it should be either apparent what the issues is or you have enough sample traffic to provide to developers to find the issue. Please take care with the packet dumps from the wg_exit interface, they may contain information about your own browsing while the sample was taken.