<li>Some operations can take several seconds or longer to complete. While the node is working on your request the only feedback you see will be from your browser, such as a spinner in the page header. Be patient and wait for the web interface to respond before trying to click other buttons.</li>
page has navigation controls to take you where you want to go.</li>
<li>Having several people viewing pages on the node's web interface at the same
time should not cause any problems. However, some pages of the node's web interface are intended to be used by only one person at a time. This is especially important on the setup pages where using them from multiple browsers or multiple computers at the same time will almost certainly cause conflicts.</li>
<li>For additional information, refer to the complete online documentation at <ahref="https://arednmesh.readthedocs.io/en/latest/">https://arednmesh.readthedocs.io/en/latest/</a>. </li>
<li><strong>Mesh Status</strong> takes you to a page which shows the Neighbor and Remote nodes as well as what services are being provided through those nodes.<br><br></li>
<li><strong>Neighbor Status</strong> If you have Link Quality Manager (LQM) enabled, you will see a button that takes you to the Neighbor Status page. See the AREDN® online documentation for a full description of Link Quality Manager. This page displays a table of RF neighbor nodes, their link quality metrics, and any actions that Link Quality Manager has taken to improve the communication between nodes. The Signal-to-Noise ratio in dB is shown for both sides of the radio link, as well as the distance between your node and the neighbor node. The distance is calculated based on the GPS coordinates (Lat/Lon) entered on each node. If no GPS coordinates were entered, then the distance cannot be calculated and that metric will not be considered in the LQM improvement process. The Link Quality is expressed as a percent and is calculated as the moving average of total sent packets over total sent packets plus retransmissions. The current status of each radio link is displayed, and the meanings of each status is shown below.
<ul>
<li>pending: LQM is collecting data and evaluating the link.</li>
<li>active: the link is viable and can be used.</li>
<li>idle: the link is usable and would be <em>active</em> but the node routing table does not yet have a route for sending traffic across the link.</li>
<li>blocked: the link is unusable and is blocked from use.</li>
<li>blocked - distance: the remote node is either too close or too distant, based on the LQM Min and Max Distance settings.</li>
<li>blocked - signal: the SNR on the link is too low to reliably pass data, based on the LQM Min SNR setting.</li>
<li>blocked - retries: the retransmission rate is too high to reliably pass data.</li>
<li>blocked - latency: the link latency is to high to reliably pass data.</li>
<li>blocked - dtd: LQM blocks the RF interface of any nodes to which a DtD link also exists.</li>
<li>blocked - dup: LQM blocks a link in cases when your node has an RF link to other nodes which themselves connect to each other via DtD. This can occur when there are multiple radios at a site using the same channel. The best remote node is chosen as the RF link for your node but the other possible RF connections are blocked as duplicates.</li>
<li>blocked - user: LQM blocks any node which you enter in the <em>User Blocked Nodes</em> field in the Advanced Configuration section.
<li>disconnected: the RF Neighbor is no longer online.</li>
Scan continuously is not recommended, particularly if the node is actively routing traffic. The scan is passive and only listens for other beacons through all channels. In passive mode Wifi Scan does not transmit probes on every channel, thus there is no risk of interfering with Radar stations on DFS channels, or other unintended transmissions. Multiple attempts of Wifi Scan will be necessary to find all devices in range.<br><br></li>
<li><strong>Select Theme</strong> switches display themes/styles. Black on white can be chosen when you need the best screen visibility on a laptop exposed to direct sunlight. Red on black is much
better suited for nighttime use as it helps preserve night vision.</li>
<p>The right column contains the signal strength metrics (Signal/Noise/Ratio), which are a reading of the strongest RF neighbor signal (if any). The <b>Charts</b> page is described below. Other values include the firmware version, the system time, the node uptime since its last boot, the load average, the available storage/memory on the node, and the number of items seen by the mesh routing daemon (olsrd).</p>
<p>This page shows RF signal information in both a realtime and an archived view. The default view shows the average signal of all connected stations in realtime.<br>
There are several control buttons below the node name:<br>
<ul>
<li><strong>Archive</strong> takes you to the charts for any archived signal data on this node.</li>
<li><strong>Realtime</strong> takes you to the charts for realtime (current) signal data as seen from this node.</li>
<li><strong>Quit</strong> takes you back to the node status page at http://nodename/cgi-bin/status</li>
<p>Below these control buttons, you will see the <strong>"Selected Device"</strong> dropdown. This control will display each RF neighbor that is heard by your node. Depending on the information known about a given neighbor, the neighbor may be listed by one of the following:
<li>Hostname: OLSR packets communicating hostname received (from any source)</li>
</ul>
<p>By changing the <strong>"Selected Device"</strong> value, the chart will automatically reload to show that node's information. Hovering over a data point within the chart will show additional information for that specific data point, such as:
<p>If no traffic is being routed to the neighbor, the rate and MCS values may be '0' until data is available to measure and determine the optimal settings.
An MCS value of zero (0) may also include non-802.11n encoding schemes (ie. 802.11a/b/g). The small box with three vertical dots in the upper right of the page allows you to download the current snapshot of the chart to a file on your local computer.</p>
<p>Data shown in the Archive charts are not stored in permanent memory on the node. The node will store approximately two days of archived data. After a reboot, this data is cleared.</p>
<p>The current Signal to Noise Ratio (SNR) is displayed to the left of the signal chart along with several audio controls. You can click the Sound <em>On</em> button to hear a tonal representation of your current SNR. Higher tone pitch indicates higher SNR values. Adjust the tone Pitch and Volume with the sliders, or you can turn off the tone by clicking the <em>Off</em> button.</p>
<li><strong>Local Hosts</strong> shows the local node as well as its LAN hosts (if any). It also displays the Advertised Services associated with these hosts.</li>
<li><strong>Current Neighbors</strong> is a list of direct neighbor nodes (1 hop). These links may be via RF, DtDLink (an Ethernet cable), or a tunnel (over Internet connection). The quality of the link is shown (described below) and Advertised Services are listed for the nodes and their attached LAN devices.</li>
<li><strong>Remote Nodes</strong> is a list of indirect mesh nodes (2 or more hops). Advertised Services are listed for those nodes and their attached LAN devices. Remote Nodes are sorted by ETX, referred to as "link cost" (described below).</li>
<li><strong>Previous Neighbors</strong> is a list of nodes that were previously Current Neighbors but which are no longer connected. The <em>When</em> column shows when each node was last linked as a Current Neighbor.</li>
<p><b>Link Quality (LQ)</b> is the percent of packets received from the neighbor in the OLSR mesh routing protocol from the perspective of the local host. OLSR packets exchange routing, advertised services, and other information including a packet sequence number to determine missing packets to characterize the quality of the link.</p>
<p><b>Neighbor Link Quality (NLQ)</b> is the percent of packets the neighbor received from the perspective of the local host in the OLSR mesh routing protocol. The NLQ is the LQ from the neighbor's perspective.</p>
<p><b>Expected Transmissions (ETX)</b> is a Bernoulli statistic of how many packets must be transmitted to successfully receive the round trip acknowledgement between neighbor nodes and is calculated with this formula: ETX = 1/(LQ x NLQ). Between multiple hop nodes, this is calculated by adding up the ETX for each hop. "1" is a perfect RF link between neighbors. A DtDLink is fixed at ETX="0.1" for packets traversing an Ethernet cable. OLSR selects the neighbor to send traffic to based on the lowest cost ETX path to the final destination. ETX should be interpreted with care. From a quality perspective, the ETX for Remote Nodes is not an end-to-end metric in the same way as for adjacent neighbors. For example, two nodes that are 5 hops apart with zero packet loss between them is characterized with an ETX=5. A single hop with ETX=5 (LQ and NLQ is ~45%) will stream poor quality video (if usable at all) given the packet loss, but a five hop route between nodes with ETX=5 will deliver smooth streaming quality video.</p>
<p><b>Transmitted Mbps (TxMbps)</b> is calculated with the formula (TxMbps = rate x EWMA) where rate is the 802.11 data rate in use by the transmitter and EWMA is the Exponentially Weighted Moving Average or the current time-weighted chance that a packet at this rate will reach the remote station. If no traffic is being routed to the neighbor, this value may be '0' until data is available to measure and determine the optimal rate. For further details: <ahref='http://wireless.wiki.kernel.org/en/developers/documentation/mac80211/ratecontrol/minstrel'>Rate Control Algorithm</a></p>
<li><strong>(wan)</strong> indicates the node is an Advertised Gateway. Typically this provides access to the Internet, but it may also be to an isolated network.</li>
<li><strong>(dtd)</strong> indicates the path to a neighbor across an Ethernet cable. The neighbor may be listed twice if both an RF and DtD path exists. The DtDLink path is always assigned an ETX of "0.1". All Remote Nodes have a DtDLink interface, consequently "(dtd)" is not shown for Remote Nodes.</li>
<li><strong>(tun*?)</strong> indicates the path to the neighbor is over an Internet tunnel. "?" is a number indicating the count of tunnel connections on that node.</li>
reboot is required for most changes on this page to take effect, and this should be done as soon as possible to avoid configuration mismatch problems.<br><br></li>
<p><strong>Node Name</strong> sets the hostname for the node. Hostnames can
contain letters, numbers, and dashes, but cannot begin or end with a
dash. Underscores, spaces, or any other characters are not allowed.
Hostnames are not case sensitive, but the case you enter will be preserved. Node names are prefixed with your callsign and may contain up to 63 characters, but it is best to keep node names as short as possible while still uniquely identifying the node.</p>
<p>Amateur radio operators are required to properly identify all transmitting stations. Therefore, the Node Name is beaconed automatically by the node every five minutes, so the hostname must contain your callsign. Recommended hostnames follow the (callsign)-(name) format, such as ad5oo-mobile or ad5oo-lhg-tower. This is similar to the MYCALL setting you would give a packet TNC, but without the 0-15 restriction for the name part.</p>
<p>It is here that you can also set a tactical name for your node. A tactical
name is an alias which may be helpful during an emergency deployment where (for example) several Red Cross shelters are being linked. In addition to the normal hostname you can give each node a tactical name such as shelter1, shelter2, shelter-north. Tactical names have the same restrictions as hostnames and are
accessible through DNS like the main node names. To set a tactical name, put a slash after the node name then give the tactical name. For example, "ad5oo-1/shelter5".</p>
<p><strong>Password</strong> is where you set the administration password
for the node. It needs to be entered again in the <em>Retype Password</em> field to
verify its accuracy. It is only required the first time the node is configured, so afterward it is not necessary to change a password unless you want to. Note that these password entries are NOT encrypted in transit, so this is best done from a direct wired connection to the node.</p>
<p><strong>Node Description</strong> is where you can enter additional info about the node, for example: "This device is maintained by (callsign). Please contact email@address for more info."
<ul>
<li><em>The description is optional</em> and there are no character restrictions in the field.</li>
<li>The maximum length allowed is 210 characters.</li>
<li>HTML tags are not allowed in the description field.</li>
<li>The description displayed on the main status page is automatically word-wrapped at about 70 characters and should not split a word in the middle.</li>
and <strong>WAN</strong> columns are where the details of each of these network
interfaces are set.</p>
<h3><aname=meshrf><b>Mesh RF Column</b></h3></a>
<p>The <strong>Mesh RF</strong> column shows settings for the mesh radio interface, including the IP address, netmask, SSID, Channel, and Channel Width.</p>
<li><aname=channel></a>The <strong>Channel</strong> and <strong>Channel Width</strong> selection determines the center frequency and signal bandwidth. AREDN® reminds operators that they must select frequencies, bandwidths, and power levels which comply with their country's amateur radio license requirements.<br><br></li>
<li><aname=power></a>The <strong>Power</strong> setting controls the maximum power the unit may transmit. A node may decrease its power output automatically as it enters higher data rates to maintain a linear spectrum. Some devices may have max power levels that change based on which channel/frequency the hardware is operating on, and in this case the max level will change when you save settings and will be capped at the max level supported by the hardware for that frequency.</li>
</ul></p>
<p>The final section of the <strong>Mesh RF</strong> column will show <strong>Power & Distance</strong> settings if you have the <strong>Link Quality Manager</strong><em>disabled</em>.</p>
from a neighbor station. If the distance parameter is too short, then
the transmitter will send duplicate data packets before the acknowledgement had time to return. If the distance parameter is too long, then the
transmitter will wait extra time before considering the data lost and re-transmitting. This value is only applicable to nodes that
communicate directly over RF and not multiple hop nodes on the
broader mesh network. The value should be set to the distance in meters
to the farthest direct RF node you expect to communicate with.
<br><br>Change the distance value by moving the slider, which moves in multiples
of 1000 meters (approximately 0.62 miles). A value of '0' will cause
the radio to auto-calculate the RF retry timer based on measuring the
actual time it takes acknowledgement packets to be received. The
automatic timer is tracked using a Exponential Weighted Moving Average (EWMA).
'Auto' is the default setting.
The best way to test an optimal distance settings is to do a throughput
test directly between two nodes using iperf3 to measure the performance of thier RF
link. Try different distance settings to peak out the iperf3 throughput.<br>
<br>The maximum distance settings the ath9k wireless driver allows is dependent on the Channel Width:<br>
<ul>
<li>20MHz: 46666 meters</li>
<li>10MHz: 103030 meters</li>
<li>5MHz: 215757 meters</li>
</ul>
<br>The auto distance setting is best used on stable point to point links.
Fifty percent performance increases have been observed. Auto distance
settings do not work well with many neighbors and marginal links. In this
senario, the round trip packet timing has a very wide range of values.
Consequently the timeout value becomes inflated and inconsistent.
Static settings should be used in this situation. It is best to measure
the link with iperf3 to compare thoughput and determine the best distance setting. Refer to the AREDN® online documentation for a complete explanation of this process.</li>
</ul>
<aname=linkqual></a>
<p>If you have the <strong>Link Quality Manager</strong><em>enabled</em>, the final section of the <strong>Mesh RF</strong> column will show
<strong>Power & Link Quality</strong> settings. Refer to the full AREDN® documentation online for more information about the Link Quality Manager.</p>
<li><strong>Tx Power</strong> allows you to select the RF output power for your node's mesh RF interface using a drop-down list.<br><br></li>
<li><strong>Max Distance</strong> is the maximum distance between nodes at which you can expect to achieve a usable radio link. The default value is 50 miles / 80 kilometers.<br><br></li>
<li><strong>Min SNR</strong> is the minimum Signal-to-Noise ratio that you require in order to reliably pass data between nodes. The default is 15 dB.<br><br></li>
<li><strong>Min Quality</strong> is the minimum Link Quality required in order to reliably pass data between nodes. The default value is 50%.<br><br></li>
<p>The settings in the lower Mesh RF section can be changed without rebooting the node by clicking the <strong>Apply</strong> button, but unless they are saved they will revert to the previously values after a reboot.</p>
<h3><aname=lanmode><b>LAN Column</b></a></h3>
<p>The <strong>LAN</strong> column displays the settings for the node's Local Area Network, including the network IP Address and netmask. The DHCP checkbox allows you to enable or disable the node's DHCP server, and it shows the final octet of the starting & ending DHCP address range based on the <em>LAN Mode</em> that you select from the top dropdown.</p>
<p>The default mode is <b>5 Host Direct</b> and in this mode every host
on the LAN has direct access to and from the mesh (ie., the LAN shares the same
address space as the mesh). Port forwarding is not needed because NAT is not
used, and there is no firewall between the LAN and the mesh. This mode was
created because many services do not traverse NAT, and Direct mode also reduces the amount of manual configuration needed to provide services to the mesh.</p>
<p>The mesh address space is automatically managed, so in Direct mode the LAN is not user configurable. Anyone familiar with configuring home routers using static IP addresses should already be comfortable with this mode.
Like commercial ISP access, you do not decide for yourself what the network
parameters will be. You must use the parameters which are given to you by the ISP. But
unlike most commercial ISP access, there is a DHCP server available on the mesh
node to configure the hosts that are attached to its LAN.</p>
<p>The only configurable option available in Direct mode is the size of the LAN subnet which can accommodate either 1, 5, 13, or 29 LAN hosts. The 1 host subnet can be useful for either a single server or a commercial grade router using its own NAT which is capable of more advanced routing functions than those
available on a mesh node. It is important not to use a subnet larger than is necessary because the
rules. A single DMZ server can be set up to accept all incoming traffic that
is not already handled by other rules or by the node itself. See <em>Port Forwarding</em> below for additional information.</p>
<p><aname=lanap><b>LAN Access Point</b></a></p>
<p>The <strong>LAN Access Point</strong> section will appear on devices having an unused radio interface. This allows the node to provide a standard FCC Part 15 wireless access point which local computers may connect to in order to obtain LAN access on the mesh node. It is configured similar to a typical home wifi access point.</p>
<p>The <em>Enable</em> checkbox allows you to enable or disable the LAN Access Point. If your node has more than one unused radio, then you may be able to select either the 2GHz or 5GHz band from the AP band dropdown. The SSID field allows you to create an SSID for client computers to use when connecting to your node's LAN network. Select a Wifi channel from the Channel dropdown. The default encryption is WPA2 PSK, and the password length must be between 8 and 63 characters. If the key is 64 characters, it is treated as hex encoded. A single quote character may not be used.</p>
<h3><aname=wansettings><b>WAN Column</b></a></h3>
<p>The <strong>WAN</strong> column displays the settings used to
connect with an upstream network, which typically can provide Internet access.
In the <em>Protocol</em> dropdown the default connection type is DHCP client mode, which requests its network settings from the upstream DHCP server. You can select <em>Static</em> mode, which allows you to specify a static WAN IP address for your node as well as the appropriate netmask and default gateway address. You can also select <em>disabled</em> to completely disable the node's WAN.</p>
<p>The DNS servers are set by default to Google DNS and should not be changed
under normal circumstances. Many ISP's are adopting the practice of taking you to an ISP generated web page if you
incorrectly type a URL or if the host you are trying to reach no longer
exists. The proper behavior is for your browser to detect these
error conditions itself and report them accordingly. Google follows the rules and allows for the proper operation of the network.</p>
<p><b>Advanced WAN Access</b></p>
<p><aname=allowwan></a><b>Allow others to use my WAN</b>: When a node has Internet access from either its WAN or LAN, that access is available to the node itself and to any computer connected to the LAN network. When this option is enabled the node will also route traffic from its Mesh RF interface onto its WAN and typically out to the Internet. By default this is disabled since it is not a good practice to allow every remote mesh device to obtain Internet access through your node. If you choose to enable this option be aware that your node is transmitting as an FCC Part 97 amateur radio, so make sure that any Internet traffic sent over the radio complies with FCC Part 97 rules. If you simply want local wireless Internet access at a location, consider using a separate standard Part 15 access point instead of enabling this option on your node.</p>
<p><aname=preventwan></a><b>Prevent LAN devices from accessing WAN</b>: Normally any devices connected to the node's LAN network will also have access to its WAN. Enabling this option will cause the node <em>not</em> to give LAN devices access to the WAN. This means that computers on this node's LAN
will only use the 10.0.0.0/8 and 172.16.0.0/12 mesh network ranges. With this setting enabled you will not be able to access the Internet, even if your node has Internet available on its WAN port. This also applies to Internet available over the mesh. Use this only if your node needs to be connected to two networks at once, such as wired to the mesh as well as WiFi to a local served agency network.</p>
<p>The WAN Wifi Client feature allows you to connect an unused radio on your node to a local Wifi AP that can provide Internet access or some other type of network access. This can be useful in situations when you have no way to cable your node to a local router for WAN Internet access. Enabling the WAN Wifi Client will disable the WAN vlan which prevents your node from using its physical Ethernet port for WAN access.</p>
<p>Use the Enable checkbox to enable or disable the WAN Wifi Client. Type the SSID and password that are required to make a Part 15 Wifi connection to the local Wifi Access Point. If your node has more than one unused radio interface, then the WAN Wifi client band dropdown will be displayed allowing you to select the node's radio that you want to use. The password length must be a minimum of 8 and maximum of 64 characters. If the key length is 64, it is treated as hex encoded. If the password field is empty (length = 0), then no encryption will be used to connect to an open AP. A single quote character may not be used.</p>
<p>If you choose to specify your latitude, longitude, and gridsquare for location purposes, the lat/lon values should be in decimal format (ex. 30.444522 and -95.111234). If you will be enabling the Link Quality Manager, be sure to enter accurate GPS coordinates on your node.</p>
<li>Click the "Find Me!" button to use your location aware browser to populate the values automatically. This works very well if you are viewing the page from a mobile device with built-in GPS.</li>
<li>Use the "Apply Location Settings" button to apply the lat/lon and gridsquare values. <em>Save Changes</em> is not required to apply these settings temporarily.</li>
<li>If your node has an Internet connection available, the "Show Map" and "Upload Data to AREDN® Servers" buttons will be active. The "Show Map" button will display a map that allows you to click on the position where your node is located, or to drag an existing marker to a different location on the map. Both of these activities will automatically update the lat/lon fields on the page. The "Upload Data to AREDN® Servers" button will send your node information to an AREDN® server on the Internet.
<br><br>By submitting this information you hereby allow AREDN® to publish your node location on its mapping display and utilize the information for other purposes that AREDN® deems useful, including but not limited to statistical analysis. If you wish to remove your node location from the public mapping service, simply clear/erase your node's lat/lon values, click "Apply Location Settings", and then click "Upload Data to AREDN® Servers".
<br><br>To see a sample of the information that will be sent to the AREDN® server, click <ahref='http://localnode.local.mesh/cgi-bin/sysinfo.json?hosts=1'>here</a> and <ahref='http://localnode.local.mesh:9090/topology'>here</a>. You can replace "localnode" with an actual node name to see the data from that node.</li>
<p>You can also set the timezone where your node is located as well as entering an NTP server that the node can connect to for time updates. You must click <em>Save Changes</em> to save the new timezone and NTP server settings.</p>
<hr>
<aname=ports><h2>Port Forwarding, DHCP, Services, and Aliases</h2></a>
data and save it to flash memory if no errors are found. The settings take effect in about 20 seconds and a reboot is NOT required. Note that the checks
performed are not comprehensive and it is possible to enter settings that will not work or possibly break the node's configuration.<br><br></li>
flash memory and undo any changes that have been made.<br><br></li>
<li><strong>Refresh</strong> will reload the page and it is useful for two things. It will update the list of DHCP leases for any new hosts that have been
connections from the Wifi, WAN, or both interfaces and forward them to an IP
address and port on the LAN. The destination port number need not be the same. If you have hosts on the LAN that provide services you want to make available to the mesh, a Port Forwarding rule will be required to make that connection possible.</p>
<p>If you want to forward a range of ports, the <strong>Outside Port</strong>
field will accept a hyphen-separated range in the form "xxxx-xxxx". When doing this, set the <strong>LAN Port</strong> to the low value of the port range. When forwarding a port range the Outside and LAN ports must match.</p>
<p>If you want to forward every port that is not already in use to a
using passive ftp mode. Web browsers are able to do this and handle ftp
downloads seamlessly.</p>
<p><strong>Advertised Services</strong></p>
<p>When you want to let others know about services you are providing, the
Advertised Services you create will appear on the <em>Mesh Status</em> page of all other nodes. All advertised services need a name, and no services can be
<p>If your service is accessible via web browser, such as from a web or ftp server, you can make the name appear as a clickable link by checking the <em>Link</em> box. All links need two parameters: a protocol and a port number.
Web servers use the http protocol and ftp servers use the ftp protocol. Other
services may use other protocols. The port number should be the one used as
that host. The DHCP Address Reservations section is where you do that. In order for port forwarding to work, the IP address must match that of the destination host. If the LAN device is currently connected and has been given an IP address by DHCP it will
be listed under <em>Current DHCP Leases</em>. If you click the <b>Add</b> button
leave the information as it is or edit it to suit your needs. You can also manually enter your own information into the blank fields under DHCP Reservations and click <em>Add</em> there to create your own entry.</p>
<p>For each of the sections on this page, simply entering information into the
fields is not enough. The settings are not updated until the <b>Add</b> button is clicked. Before saving changes the new fields must be either added or cleared.</p>
<p><strong>DNS Aliases</strong></p>
<p>This section allows you to give a LAN host a more meaningful name than the existing hostname. Enter the Alias Name and select the host from the IP Address dropdown, then click <em>Add</em>. This option is more useful in Direct Mode as described below.</p>
unique</u> across the entire network. For example, "raspberrypi" might be a typical server name but it is a poor choice for a mesh hostname because there can be only one host with this name on the entire mesh. Just as you used your callsign in the node name, it would also be a good idea to use it in DHCP Reservation hostnames. Therefore, <nobr>"ad5oo-raspberrypi"</nobr> is a good hostname since it will be unique and only the callsign holder needs to keep
track of the hostnames he is assigning to his devices.</p>
<p><b>NOTE:</b> If you do not want OLSR to propagate a LAN hostname across the mesh, you can click the <b>Do Not Propagate</b> checkbox. This will prevent your LAN host from being displayed on the Mesh Status pages of other mesh nodes, making it inaccessible from across the network.</p>
<p>The hostnames being discussed here are those that are defined under DHCP
Reservations and available to the mesh, not those of the LAN hosts
themselves. While it is convenient for them to be the same, there is no
requirement that they must be. For example, the
name <nobr>"ad5oo-raspberrypi"</nobr> used above can be the mesh name for
a host that calls itself "skywalker". But be aware that if this host is a
webserver, the webserver configuration should use the
name <nobr>"ad5oo-raspberrypi"</nobr> because the name "skywalker" will not be
size will be translated into the new subnet address space.</li>
</ol></p>
<p><strong>Port Forwarding</strong></p>
<p>It is still possible to do Port Forwarding in Direct mode, but you will only be allowed to select the WAN interface so Port Forwarding is only meaningful for WAN-connected nodes. Enter the Outside Port being passed to your node from its upstream gateway, select a LAN host to service the requests, and enter the LAN Port on that host which is listening for those requests. Finally, click <em>Add</em> to add the port forwarding rule.</p>
<p><strong>DNS Aliases</strong></p>
<p>DNS Aliases can be very useful in Direct mode. Enter an Alias Name that will be unique across the entire network, select a LAN host from the dropdown, and click <em>Add</em> to add the alias to the list. Once a DNS Alias has been defined then that alias name will be progagated across the mesh, even if the specific host's DHCP Reservation has the <em>Do Not Propagate</em> box checked. The DNS Alias name will also appear in the host dropdown so that you can define an Advertised Service that will be progagated to the mesh under that Alias Name.
<p>The tunneling feature is now included by default. Click <b>Tunnel Server</b> to view the server settings. These include your node's tunnel server IP address and the DNS Name by which Internet connected devices can contact your server. To authorize a tunnel client connection, enter the client node name, a password that you want this client to use for authentication purposes, and an optional text description for the client connection. Click <em>Add</em> to add the new client to your clients list, and you can click the <em>Enable</em> checkbox to enable or disable this client connection. Finally, click <em>Save Changes</em> to save your tunnel server settings. Refer to the full AREDN® documentation online for additional information.</p>
<p>Click <b>Tunnel Client</b> to enter the settings required in order for your node to make a client connection to a tunnel server on a remote node. Enter the DNS Server Name given to you by the tunnel server owner, as well as the password and network number they have assigned to your client. You may optionally enter a comment or description. Click <em>Add</em> to add the new server to your list, and you can click the <em>Enable</em> checkbox to enable or disable this tunnel connection. Finally, click <em>Save Changes</em> to save your tunnel client settings. You are allowed to delete client connection information by clicking the <em>Del</em> button at the right of each row.</p>
<p>For both the tunnel client and server connections, the cloud icon at the right of each row will change color to indicate whether the connection is active (blue) or not (gray).</p>
<p>The <strong>Firmware Update</strong> section shows the current firmware version as well as the hardware type. There are three options for updating node firmware.
<ol>
<li>If you have a firmware image on your computer which you previously downloaded from the AREDN® website, click the <em>Browse</em> button to select the firmware file to upload from your computer to your node. Click <em>Upload</em> and the new firmware will be uploaded and installed.<br><br></li>
<li>If the node has Internet access (either from its WAN port or across the mesh) you can use the <em>Download Firmware</em> option. Click <em>Refresh</em> to fetch the list of available images, then select the image to download. Click <em>Download</em> and wait for the firmware to be downloaded and installed.<br><br></li>
<li>If you have previously copied a new firmware image directly to your node, you can apply that new file by clicking <em>Apply Local Firmware</em>. This button will only be active if the node detects the new firmware file in the location and with the name shown next to the button.<br><br></li>
<p>If you want to upgrade your node's firmware while keeping the existing configuration settings, click the <em>Keep Settings</em> checkbox.</p>
<p><strong>Package Management</strong> allows you to install and remove
software packages on the node. <em>Upload Package</em> allows you to
install a package file that you previously downloaded to your computer from the AREDN® website. If your node has access to the Internet, <em>Download Package</em> allows you to retrieve a package over the Internet from the AREDN® website. Click <em>Refresh</em> to populate the list of packages available for download, but do not do this unless necessary. The package information database is stored on the node and will use about 100KB of storage space, so only use this function if it is absolutely necessary.</p>
<p>The <strong>Remove Package</strong> list shows all packages on the
node. Selecting a package and clicking <em>Remove</em> will remove
<p><b>WARNING:</b> Changing advanced settings can be harmful to the stability, security, and performance of the node and potentially the entire mesh network.
You should only continue if you are sure of what you are doing.</p>
<p>The failsafe feature is a method for restoring a node to an operational state after it has fully booted its firmware.</p>
<ul>
<li>Press and hold the reset button for 5 seconds to reset the root password to 'hsmm' and clear DHCP leases.<br><br></li>
<li>Press and hold the reset button for 15 seconds to return the node to a "firstboot" configuration. All previous configuration settings will be lost.