Full record of Redmi AC2100 OpenWrt actual combat: Mesh networking, Wi-Fi roaming and complete configuration

Preface

This article records the complete process of converting two Redmi AC2100 into OpenWrt and then configuring them into a 有线回程多 AP 漫游 network.

I will write all the following clearly:

• To flash OpenWrt
• Complete steps to flash OpenWrt from factory under Windows
• Errors encountered during the flashing process and their solutions
• Some tutorials start with Breed
• Can Mac and Windows be flashed?
• Do I need to use a network cable?
• What is AP, NAT, Double NAT, Mesh, 802.11k/v/r, usteer
• How to configure two AC2100s into a wired backhaul roaming network
• Which problems are caused by “wrong configuration” and which problems are actually caused by “confusion of concepts”

If, like me, you were confused about these words at first, this article should save you a lot of detours.

---

1. What is my goal?

My initial goal was actually very simple:

1. Flash Redmi AC2100 from the original system to OpenWrt
2. Later, the two routers will be used to create a home Wi-Fi with better coverage.
3. Make Wi-Fi switching as natural as possible when the phone is moving around the house

At first, I wanted to try OpenWrt because the roaming effect of the original Wi-Fi with the same name was not ideal.

Later, after I really understood it, I found that this matter can actually be broken down into two levels:

• First layer: Flash the router into OpenWrt
• Second layer: Combine two routers to form a more reasonable home network

If these two layers are mixed together, it will be easy to mess up.

---

2. First look at the device model

The advantages of this device are:

• Cheap price
• Lots of community information
• OpenWrt has official support -Performance available for family scenarios
• It is very cost-effective to do AP and multi-point coverage

But be sure to confirm the model number first:

• What I’m talking about here is Redmi AC2100 / RM2100
• Not to be confused with 小米 AC2100 / R2100

If you download the wrong model in the image when flashing, problems will occur in all subsequent steps.

---

Let’s see if Breed needs to be brushed first.

I had this question at the beginning too.

1. What is Breed?

Breed is not OpenWrt, it is essentially a third party bootloader.

Some tutorials recommend flashing Breed first because it will be more convenient to flash firmware, save bricks, and restore the original factory later.

2. It is not recommended for novices to brush first

Because flashing Breed changes to bootloader, the risk is higher than flashing ordinary firmware.

If ordinary flashing fails, there is usually a chance to recover; If the bootloader is really damaged, the difficulty of recovery will go up to a higher level.

3. My conclusion

If you just want to:

• Flash into OpenWrt steadily
• For subsequent normal use
• Don’t bother with various recovery and multi-firmware switching for the time being.

That starts with 没必要先刷 Breed.

For Redmi AC2100, follow the official recommendations:

• The original factory downgraded it to an exploitable version
• Open SSH
• Write kernel1 and rootfs0

That’s enough.

---

4. The first few questions I asked before flashing the phone

1. Can Mac be flashed?

Yes.

Mac comes with:

• ssh
• scp
• Browser

In theory, it’s very suitable for brushing.

But I ended up using Windows because it was more convenient to connect network cables and do subsequent debugging.

2. What is PowerShell for Windows? Do you want to download it?

No need to download.

PowerShell is the command line environment that comes with Windows, similar to:

• A more modern cmd
• Or the Windows version of the Terminal command window

This time, the main purpose of flashing is to use it:

• ssh
• scp -Remote commands behind

3. Is it necessary to connect a wired network cable?

Basically.

The reason is simple:

• Open SSH to be stable
• The uploaded image must be stable
• mtd write This critical step cannot be left to chance with Wi-Fi.

Therefore, the correct idea for flashing this type of router is:

• Connect the computer to the LAN port of the router
• No Wi-Fi

If you are using a MacBook and there is no network port, prepare a USB-C 转 RJ45.

---

5. The actual flashing path I used

The path I ended up taking was this:

原厂 2.0.23 -> Web Exploit 开 SSH -> 上传 kernel1/rootfs0 -> mtd 写入 -> 重启进 OpenWrt

The advantages of this route are:

• Less risky than farming Breed first
• The steps are relatively clear
• There are more official and community information

---

6. Preparation before flashing

1. Firmware version

When I flashed, the original version was:

2.0.23

This is critical because the subsequent SSH opening method is related to this version.

2. OpenWrt file

When flashing from the original factory for the first time, you only need these two files:

• openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-kernel1.bin
• openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-rootfs0.bin

I completed the following set of addresses at that time. If I just flash it from the original factory for the first time, the first two will be enough:

• kernel1.bin https://downloads.openwrt.org/releases/25.12.2/targets/ramips/mt7621/openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-kernel1.bin
• rootfs0.bin https://downloads.openwrt.org/releases/25.12.2/targets/ramips/mt7621/openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-rootfs0.bin
• sysupgrade.bin https://downloads.openwrt.org/releases/25.12.2/targets/ramips/mt7621/openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-sysupgrade.bin

Note:

• First time flashing from the original factory, 不用 sysupgrade.bin
• sysupgrade.bin is used for future upgrades in OpenWrt

If you want to find the directory yourself, you can also directly open the official directory:

• https://downloads.openwrt.org/releases/25.12.2/targets/ramips/mt7621/

In addition, the official entrance to Xiaomi’s original firmware is:

• https://www.miwifi.com/miwifi_download.html

The one I use when flashing my phone here is 2.0.23. The official OpenWrt Redmi AC2100 device page also clearly states:

• Web Exploit method requires the original manufacturer to be 2.0.23
• This method is also compatible with 2.0.503

If the machine itself is already 2.0.23, there is usually no need to download the original firmware.

3. Hardware preparation

• Windows PC
• a network cable
• Power on the router
• Connect the computer to the LAN port of the router

---

7. The complete process of flashing OpenWrt from the original factory under Windows

The following part is a set of steps that I actually took.

Step 1: Log in to the original backend

Browser opens:

http://192.168.31.1

Complete the initialization and set the original administrator password.

Step 2: Get stok

After logging in to the backend, there will be something similar in the browser address bar:

http://192.168.31.1/cgi-bin/luci/;stok=xxxxxxxxxxxx/web/home#router

This stok will be used later.

Step 3: Enable SSH

Prepare an SSH password first. It is recommended to:

• 8 people or more
• Don’t use special characters yet

Then access the link to enable SSH in the browser address bar and set the root password.

After this step is completed, the router will open the 22 port.

Step 4: SSH login test

Execute in Windows Terminal / PowerShell:

ssh root@192.168.31.1

The first time I encountered here was an algorithm problem.

The error reported is:

Unable to negotiate with 192.168.31.1 port 22: no matching host key type found. Their offer: ssh-rsa

This means:

• Router SSH has actually been opened successfully
• It’s just that the new version of OpenSSH that comes with Windows does not accept the old ssh-rsa it provides by default.

Solution command:

ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1

Step 5: Execute protective commands

I later changed all the steps of “must log in to SSH first and then type by hand” to 本地直接远程执行, because it was often difficult to paste after SSH login in the old Windows console.

It is recommended to execute directly in the local terminal:

ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1 "nvram set uart_en=1 && nvram set boot_wait=on && nvram set bootdelay=5 && nvram set flag_try_sys1_failed=1 && nvram commit"

The main functions of this set of commands are:

• Open UART
• Enable boot_wait
• Leave some room for later recovery and troubleshooting

Step 6: Upload firmware

Transfer the two files to router /tmp:

scp -O -o HostKeyAlgorithms=+ssh-rsa .\openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-kernel1.bin root@192.168.31.1:/tmp
scp -O -o HostKeyAlgorithms=+ssh-rsa .\openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-rootfs0.bin root@192.168.31.1:/tmp

Confirm that the file exists:

ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1 "cd /tmp && ls"

Step 7: Official flashing

Because the file name is too long, it is easy to make mistakes when typing by hand, so I later summed up two methods:

Method A: Change the file name to a shorter one first

In SSH change to:

• kernel1.bin
• rootfs0.bin

Refresh:

mtd write kernel1.bin kernel1
mtd -r write rootfs0.bin rootfs0

Method B: Directly execute long commands remotely on the local terminal

Finally, I recommend this:

ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1 "cd /tmp && mtd write openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-kernel1.bin kernel1"
ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1 "cd /tmp && mtd -r write openwrt-25.12.2-ramips-mt7621-xiaomi_redmi-router-ac2100-squashfs-rootfs0.bin rootfs0"

Note:

• The first brush kernel1
• The second brush rootfs0
• The second command contains -r, which will automatically restart
• Do not turn off the power during this step

Step 8: Enter OpenWrt

After flashing, wait a few minutes and then visit:

http://192.168.1.1

When I first entered OpenWrt, I asked “what is the default password” and here’s what happened:

• Many OpenWrts are 空密码 when first entered
• Sometimes you will be prompted directly to set a password
• If the login box pops up, the common ones are:
• Username: root
• Password: Leave blank

Step 9: Two prompts I saw when entering OpenWrt for the first time

When I entered the backend for the first time after swiping, I also encountered two pop-up windows that were easily misleading.

1. Check firmware updates online

OpenWrt will pop up a prompt to the effect of:

• Do you want to go to the download site to check if there is new firmware?
• You can check it every time you open the status page in the future

This is not an error, nor is it a flash failure, it is just a setting confirmation.

My choices at the time were:

No, disable checking

The reason is simple:

• The most important thing after just flashing is to confirm that the system is normal.
• This function just “checks if there is a new version”
• Not a required function

2. Configuration / Changes pop-up window

If you clicked Close Check for Updates in the previous pop-up window, OpenWrt will pop up again to confirm the configuration change.

See something like:

uci set attendedsysupgrade.client.login_check_for_upgrades='0'

What it actually means is:

关闭登录后自动检查固件更新

Now click directly:

Save & Apply

That’s it.

Again this is not an error, just saving the configuration.

---

8. Practical problems I encountered during the flashing process

This part is the most valuable in my opinion because most of the time is spent on these pits.

1. SSH login report no matching host key type found

Error reported:

Unable to negotiate with 192.168.31.1 port 22: no matching host key type found. Their offer: ssh-rsa

Reason:

• Router only offers old ssh-rsa
• Windows OpenSSH does not accept it by default

Solution:

ssh -o HostKeyAlgorithms=+ssh-rsa root@192.168.31.1
```You should also write this when uploading files:

```powershell
scp -O -o HostKeyAlgorithms=+ssh-rsa ...

2. Unable to paste commands after SSH login

This is common in old Windows PowerShell consoles.

I’ve tried:

• Ctrl + V
• Right click to paste
• Shift + Insert

There are times when everything is unstable.

The most effective method later was:

不要先进 SSH 黑框里粘贴，而是在本地终端直接执行远程命令。

That is, in this form:

ssh root@192.168.1.2 "uci show wireless"

This way of writing almost ran through my entire configuration process.

3. Second router SSH prompt REMOTE HOST IDENTIFICATION HAS CHANGED

This is because:

• Both the first and second computers used the default address 192.168.31.1 before flashing.
• Windows recorded the first SSH fingerprint to known_hosts
• Now the second one also uses the same IP, but with different fingerprints

The error message may seem scary, but it is usually a normal phenomenon for the second console.

Solution:

ssh-keygen -R 192.168.31.1

Then reconnect.

4. After plugging in the network cable, it prompts Media disconnected

I’ve also encountered this problem.

It is:

Windows 根本没检测到有线链路。

In the end my reason is simple:

• A certain LAN port is not working or has poor contact

The solution is:

• Change to a LAN port

It was fine immediately after changing the mouth.

5. After flashing OpenWrt, I can enter 192.168.1.1, but wired access is blocked.

I encountered a very convoluted problem later:

• Wireless access 192.168.1.1
• Wired but unable to access 192.168.1.1

This usually means:

• The main route itself is alive
• There is a problem with the computer’s wired network card configuration

The most common reasons are:

• Set a static IP for the Windows wired network card when flashing the phone
• Later I forgot to change back to automatic acquisition.

If this happens, focus on checking:

• Is Ethernet IPv4 set to DHCP?
• Is there any residue 192.168.31.x
• Does it conflict with 192.168.1.2 / 192.168.1.3?

6. findstr was mistakenly thrown into the router when executing commands in OpenWrt.

I also encountered a classic “Windows thinking” problem.

For example, if I want to filter the output locally in Windows, the result is written as:

ssh root@192.168.1.3 "uci show wireless | findstr ..."

There is no findstr in OpenWrt, so it will report:

ash: findstr: not found

At this time, you need to change to Linux style command:

grep

That is:

ssh root@192.168.1.3 "uci show wireless | grep -E '...'"

---

9. Several key questions I asked after finishing OpenWrt

The following questions were clarified little by little after I actually started configuring the network.

1. What is AP?

AP is Access Point, which is 无线接入点 in Chinese.

It can be simply understood as:

• The main router is responsible for:

• Dial -DHCP

• NAT

• Firewall

• AP is responsible for:

• Send Wi-Fi

• Bridge wireless devices to existing networks

In other words, the AP is more like “responsible for coverage” rather than “responsible for Internet access control”.

2. What is NAT and what is double NAT?

NAT essentially connects multiple private network devices at home to the Internet through a public network IP.

If the data passes through two layers of routers and performs two address translations, it is 双重 NAT.

For example:

光猫（做路由） -> OpenWrt（又做路由） -> 终端设备

This will bring:

• Port mapping is more complex
• Remote access is more troublesome
• Certain games or services are more prone to problems

Therefore, if you only need multi-point coverage for your family, it is usually more recommended:

• Keep only one main route
• All other devices are APs

3. Is it okay to use modem alone as the master router?

Yes, and for most homes, 不是什么问题.

If the request is only:

• Many people at home can access the Internet normally
• Two OpenWrts for AP coverage
• Reduce double NAT

That’s totally fine:

• Optical modem continues dialing, DHCP, NAT
• Both AC2100s serve as APs

What’s really not enough is usually when you start to need:

• More advanced QoS/SQM -VPN
• Ad filtering
• Complex port forwarding
• Stronger routing control

This is when it’s worth considering letting the OpenWrt device do the master routing.

4. Is the current network a wired backhaul Mesh?

Strictly speaking, it is not 802.11s Mesh in the traditional sense.

A more accurate statement is:

有线回程多 AP 漫游网络

That is:

• Routers are interconnected with network cables
• Terminal roams between multiple APs

Effectively, this solution is often more stable than wireless mesh.

5. Does enterprise AP also rely on K/V/R?

Yes, but not just by that.

Roaming for enterprise APs is typically:

• 802.11k
• 802.11v
• 802.11r
• Controller collaboration
• RF tuning
• Load balancing
• Manufacturer’s own algorithm

Therefore, we use OpenWrt to do K/V/R + usteer in our family, which is as close as possible to the idea of enterprise AP, but it cannot be simply understood as “exactly the same”.

6. Is usteer necessary?

Not required, but 很值得加.

If you only have two APs and have done it correctly:

• Cable return
• AP mode
• Same as SSID
• Same password
• same encryption
• K/V/R are all on

Even if usteer is not installed, it will be much better than “just Wi-Fi with the same name”.

But if you want to improve further:

• Client sticks to remote AP
• 2.4G / 5G selection is unreasonable
• Multi-AP collaboration is not smart enough

That usteer is valuable.

More precisely:

• K/V/R is standard capability
• usteer is a roaming auxiliary coordination tool in OpenWrt

So my final conclusion is:

• 不是非装不可
• But if you have already flashed wpad-mbedtls, it is usually more complete to install it.

7. Is only 802.11r enough?

Usually not enough.

This was one of my most important understandings later on.

802.11r is only responsible for:

客户端已经决定切换之后，怎么让认证更快。

It is not responsible for:

• When to cut
• Who to cut to?

The most common problems with home roaming experience are precisely:

• The device sticks to the weak signal AP and refuses to move away
• The device does not know that there is a more suitable AP nearby

So in home scenarios, many times:

• K/V Decide “whether to cut or not”
• R Decide “whether to cut quickly or not”

So my final choice was:

K/V/R + usteer

Instead of just opening R.

8. What is the difference between a home router converted to AP and a dedicated AP?

I later figured this out specifically.

A common situation is that:

• AP is a more professional device
• So it must be cheaper

Not necessarily.

The characteristics of converting home routers into APs are:

• High cost performance
• Sufficient for family use
• Save the most money when you already have the equipment on hand
• OpenWrt is highly playable

Characteristics of dedicated APs are:

• The design goal is more “only responsible for wireless coverage”
• Commonly used in enterprises, shops, ceiling deployment, PoE power supply
• Pay more attention to concurrency, management, and unified deployment

But dedicated APs aren’t necessarily cheaper than routers.

For ordinary families, if they already have two routers that can flash OpenWrt, it is usually a cost-effective solution to use them as APs.

---

10. What do these concepts mean: seamless roaming, wired Mesh, wireless Mesh, AP, K/V/R, NAT

If, like me, you are most easily confused by these words in the early stage, then this section is dedicated to “explaining the words clearly first”.

1. What is seamless roaming?

无缝漫游 is not an individual protocol, it is more like an experience target.

It refers to:

• When mobile phones, tablets, and computers move between multiple APs
• Can automatically switch to a more suitable AP
• Try to stay online as much as possible, or only pause briefly

Special attention needs to be paid to:

无缝漫游不是“绝对 0 卡顿”。

A more realistic goal in a family scenario would be:

• Don’t stick to far away AP for a long time
• No obvious stuck when switching
• Only slight shaking when watching videos or live streaming

2. What is wired Mesh?

Many manufacturers will also call the solution of “multiple nodes interconnected with network cables” 有线 Mesh.

From a user experience perspective, this statement is fine. But from an OpenWrt and technical implementation perspective, a more accurate statement is usually:

有线回程多 AP 漫游

That is:

• Routers are interconnected by network cables
• Terminal roams between multiple APs

Its advantages:

• More stable
• Small return bandwidth loss
• Lower latency
• More suitable for long-term use at home

Its disadvantages:

• Need to lay network cables
• When the wiring position is unreasonable, the advantages cannot be exerted

3. What is Wireless Mesh?

Strictly speaking, the 无线 Mesh that everyone often calls is closer to:

• Manufacturer’s own node networking protocol
• or 802.11s in OpenWrt

That is:

• Wireless interconnection between routers
• No need to pull network cables between nodes

Its advantages:

• Simple construction
• More friendly to families who cannot wire

Its disadvantages:

• The backhaul link will be affected by walls, interference, and distance
• Typically less stable than wired backhaul
• Bandwidth and latency are generally not as good as wired backhaul

4. What do I mean now?

A more accurate name for my final set would be:

有线回程多 AP 漫游网络

Rather than strictly speaking:

• 802.11s 无线 Mesh

In effect, this solution is often more suitable for homes than wireless mesh.

5. What is AP

AP is Access Point, which is 无线接入点 in Chinese.

It can be understood as:

• The main router is responsible for Internet access control
• AP is responsible for sending Wi-Fi and expanding coverage

The main route is usually responsible for:

• Dial -DHCP
• NAT
• Firewall

APs are typically responsible for:

• Send wireless network
• Bridge terminal to main network

6. What is NAT?

NAT can be simply understood as:

把家里多台私有 IP 设备，通过一个公网 IP 去上网。

For example:

• The mobile phone is 192.168.1.10
• The computer is 192.168.1.20
• Tablet is 192.168.1.30

They access the Internet by converting the main route into a public network address. This process is NAT.

7. What is double NAT?

双重 NAT means that the address translation is done twice.

For example:

光猫（做路由） -> OpenWrt 路由器（又做路由） -> 手机/电脑

At this time:- Guangmao does NAT once

• OpenWrt does NAT again

Its main disadvantages are:

-Port mapping is more troublesome

• Certain games and remote access are more prone to problems
• Troubleshooting is more complex

Therefore, when a home is covered by multiple APs, it is usually more recommended:

• Keep a main route
• Other devices act as APs

8. What is 802.11s

802.11s is the typical 无线 Mesh standard in OpenWrt.

Its function is to:

• Wireless interconnection between routers

If you really use 802.11s, usually each router will have to open an additional ordinary AP to provide Internet access for mobile phones and computers.

So:

• 802.11s is the wireless backhaul between nodes
• Not the ordinary “Wi-Fi mode connected to mobile phones at home”

9. What are 802.11k / 802.11v / 802.11r?

These three protocols are most easily mixed together.

You can write them down in one sentence:

• 802.11k Give the client a “nearby AP map”
• 802.11v Give the client a “switch suggestion”
• 802.11r Let the client authenticate faster after deciding to switch

The stages they are responsible for are different:

• K is responsible for discovering candidate APs
• V is responsible for assisting decision-making
• R is responsible for accelerating switch certification

10. Say K/V is more important than R

Because the most common problems in families are:

• The device is stuck to a weak signal AP
• The device is unwilling to switch
• The device doesn’t know who to switch to

At this time:

• K and V are more critical
• R is more like the icing on the cake

So if you ask:

只有 R 行不行？

Usually the answer is:

不太够。

11. What is usteer?

usteer is OpenWrt’s multi-AP roaming assistance and band guidance tool.

It can be understood as:

• K/V/R is standard capability
• usteer is the coordinator to better organize these abilities

It will help multiple APs know each other:

• Which clients are connecting to whom?
• Case of another AP -Which AP is more worthy of directing clients to?

12. What is flow offloading?

flow offloading is the forwarding acceleration capability in OpenWrt.

Simple understanding:

• 无 No acceleration
• 软件流量卸载 software acceleration
• 硬件流量卸载 Hardware acceleration

A more stable approach at home is usually:

• Try 软件流量卸载 first
• Don’t open 硬件流量卸载 directly as soon as you come up.

13. What is Breed?

Breed is a third party bootloader.

Its advantages are:

• Subsequent flashing and recovery are more convenient

Its disadvantages are:

• Flashing it itself has a higher risk than flashing regular firmware

So for those who are using Redmi AC2100 for the first time, I would recommend:

• First follow the official and safe route to flash into OpenWrt
• I really need to study Breed later.

Select method

If you only want to see family scenes, you can quickly select like this:

• 想最稳 Select: 有线回程多 AP 漫游
• 不能布线 Select: 无线 Mesh / 802.11s / 厂商 Mesh
• 只想先把 OpenWrt 装上 Select: 先别折腾 Breed
• 只想减少网络层复杂度 Select: 一个主路由 + 其他全做 AP

One sentence summary:

• 无线 Mesh solves “Cannot pull the cable”
• 有线回程多 AP 漫游 solves the problem of “both stability and experience”
• K/V/R + usteer solves “How multiple APs can collaborate more intelligently”

---

11. Terminology comparison table: Understand these words at a glance

In order to facilitate quick reference, I have made a brief list of the most confusing words in this article.

Noun	Simple explanation	What problem is closer to being solved
AP	Access point responsible for sending Wi-Fi	Expand wireless coverage
Main routing	Responsible for dial-up, DHCP, NAT, firewall	Responsible for Internet access control
NAT	Address translation for private network devices to access the Internet through public network IP	Multiple devices share the public network
Double NAT	Address translation is done twice	Complex structure, troublesome remote access
Seamless roaming	A smoother experience when the terminal automatically switches between multiple APs	Try to stay connected to the Internet while moving around
Wired backhaul multi-AP roaming	APs are interconnected by network cables, and terminals perform roaming	The most stable multi-point coverage for families
Wireless Mesh	Wireless interconnection between routers	Extended coverage when wiring is not possible
802.11s	Typical wireless Mesh standard in OpenWrt	Wireless backhaul between nodes
802.11k	Give the client a “nearby AP map”	Help the client discover candidate APs
802.11v	Give “switching suggestions” to clients	Help clients make roaming decisions
802.11r	Speed up authentication during handover	Reduce instant lag during handover
usteer	OpenWrt’s multi-AP coordination tool	Let K/V/R play better
flow offloading	OpenWrt forwarding acceleration	Improve NAT/forwarding performance
Breed	Third-party bootloader	Subsequent flashing/recovery is more convenient

---

12. Comparison of advantages and disadvantages of options: Which one to choose?

This section takes a look at the most confusing home network solutions.

Option 1: Single Router + One Wi-Fi

The simplest family structure:

• a main router
• a wireless network

Advantages:

• Easiest
• The most worry-free
• Least mistakes

Disadvantages:

• Limited coverage
• The experience is likely to deteriorate in a large apartment or in a partitioned environment
• Cannot really solve the problem of “poor signal in certain areas of the house”

Suitable for:

• Small apartment
• Not much equipment
• No obvious requirements for roaming

Option 2: Multiple routers with just the same Wi-Fi name

This is the common scenario where the first approach comes to mind:

• Both routers send similar Wi-Fi names
• But did not do AP planning and roaming optimization seriously

Advantages:

• Low entry barrier
• Looks like “whole house coverage”

Disadvantages:

• Terminals tend to stick to distant APs
• The experience is often unnatural
• It’s easy to think that “same name Wi-Fi = seamless roaming”

Suitable for:

• Makeshift
• Try the coverage effect first

Not suitable for:

• There are obvious requirements for walking experience
• Frequently watch videos, live broadcasts, and video calls

Option 3: Wired backhaul multi-AP roaming

This is what I actually ended up using:

• a main router
• All other nodes are APs -Nodes are interconnected with network cables
• Configure K/V/R and optional usteer

Advantages:

• stable
• Small return bandwidth loss
• low latency
• The experience is usually better than wireless mesh
• Best for long-term home use

Disadvantages:

• Requires wiring
• Need to understand a little bit about network structure
• It is not “automatic optimization when plugged in”, it still requires basic debugging

Suitable for:

• Families with access to network cables
• I hope the coverage and experience will be more stable
• Want to minimize the uncertainty caused by wireless backhaul

Solution 4: Wireless Mesh

Including the “Mesh” promoted by the manufacturer and the wireless node networking in OpenWrt.

Advantages:

• No need to pull the wire
• Easy to deploy
• Friendly to old buildings or temporary environments

Disadvantages:

• The backhaul link is greatly affected by the environment
• Stability and throughput are generally not as good as wired backhaul
• The effect fluctuates more obviously when there are many walls and long distances

Suitable for:

• There’s really no way to wire it
• Pay more attention to the convenience of construction

Scenario 5: Multiple routing under double NAT

For example:

• Guangmao is doing routing
• The latter OpenWrt also does routing
• The two devices are not on the same network segment

Advantages:

• On the surface, everyone can access the Internet

Disadvantages:

• Roaming experience is difficult to get right
• Complex network structure
• Port mapping, remote access, and games are more troublesome -Troubleshooting is significantly more difficult

Suitable for:

• Only use it when you are very special and know exactly why you are so matched.

Most families:

• Not recommended

---

13. Suggestion table for family scene selection

If you just want to quickly determine which solution you should use, you can just look at this.

Scenario 1: Small apartment, main route is enough

Suggestions:

• Don’t bother with too many APs yet.
• One main route runs stably first

Scenario 2: Large apartment or many partition walls, but network cables can be laid

Suggestions:

• Select 有线回程多 AP 漫游 directly
• This is the most recommended solution for families

Scenario 3: Large apartment, but no wiring at all

Suggestions:

• Select 无线 Mesh
• Accept that its stability and bandwidth will be affected by the environment

Scenario 4: There are already two routers that can flash OpenWrt

Suggestions:

• Prioritize using it as AP
• No need to buy additional dedicated AP

Scenario 5: The main goal is to reduce lag when walking

Suggestions:

• Don’t just stop at “the same Wi-Fi”
• Do at least:
• AP mode
• Cable return
• Channel staggering
• K/V/R
• Add usteer if needed

Scenario 6: The main goals are plug-ins, QoS, VPN, port control

Suggestions:

• Consider letting the OpenWrt device do the main routing again
• If the optical modem is still in routing mode, pay attention to double NAT

---

14. If I could only remember 5 sentences, I hope it would be these 5 sentences

1. 同名 Wi-Fi is not equal to 无缝漫游.
2. If wiring is available in the home, 有线回程多 AP is usually preferred over 无线 Mesh.
3. 802.11k / 802.11v often determines “whether it will cut or not” more than 802.11r.
4. 802.11r is not useless, but it is more about making the process faster “after you have decided to switch”.
5. What really determines the experience is whether the overall structure is correct.

---

15. What exactly is 802.11k / 802.11v / 802.11r?

This is the part that confuses me the most and is most easily confused by various tutorials.

1. 802.11k

It can be understood as giving the client a “nearby AP map”.

It tells the phone:

• What other APs are around?
• Approximately on which channels

In this way, the client does not have to scan the whole world by himself.

2. 802.11v

It can be understood as giving the client a “switching suggestion”.

The most typical ones are:

• BSS Transition

The AP will say to the client:- You can consider switching to another more suitable AP.

But this is a suggestion, not a requirement.

3. 802.11r

This is “Quick Switch Certification”.

It is not responsible for deciding whether to cut or not. It is responsible for:

既然要切了，那认证过程能不能更快。

4. Many tutorials say that K/V is more important than R

Because in a family environment, many times the problem is:

• The client is not willing to switch at all
• The client does not know who to switch to

At this time:

• K helps it discover candidate APs
• V helps it make switching decisions

R only comes into play after the client has decided to switch.

So:

• 只有 R, usually not enough
• K/V/R Together, the experience will be more complete

---

16. I also tried wpad-mbedtls and usteer

1. Can’t see 802.11k / 802.11v at first

Because OpenWrt is often installed by default:

wpad-basic-mbedtls

This is the lite version.

It usually does not come with full 802.11k / 802.11v capabilities.

2. How to switch to the full version

What I ended up executing was:

apk update
apk del wpad-basic-mbedtls
apk add wpad-mbedtls usteer luci-app-usteer
reboot

3. What is usteer

It can be understood as:

OpenWrt 多 AP 漫游辅助和频段引导工具

It lets multiple APs know each other:

• Which clients are connected to whom
• How is the signal condition?
• Which AP is more suitable for the current client

It is to better organize the effects of K/V.

4. The 3 most noteworthy parameters of usteer

There are not many core parameters that I really retained in the end. The most noteworthy ones are these 3:

• roam_scan_snr='-65'
• signal_diff_threshold='8'
• assoc_steering='1'

They roughly represent:

• When the signal drops near -65, start considering roaming more actively
• Guide the switch more aggressively only when the target AP is significantly better
• Provide guidance during the association stage to reduce equipment sticking to suboptimal APs

Regarding the family environment, my final experience is:

• Don’t try to adjust the parameters too radically yet.
• The default conservative value plus these key items is usually enough

---

17. How two AC2100s finally form a wired backhaul roaming network

What I ended up using was the following structure.

1. Wiring method

光猫 LAN -> AC2100-1 的 LAN
光猫 LAN -> AC2100-2 的 LAN

Note:

• The WAN ports of the two AC2100s are not used.
• If the modem port is not enough, you can add a switch in the middle

2. Address planning

Assume that the optical cat address is:

192.168.1.1

I set the two OpenWrt APs to:

• AC2100-1: 192.168.1.2
• AC2100-2: 192.168.1.3

3. Key settings of AP mode

Each unit requires:

• Turn off DHCP
• Disable dnsmasq
• Disable odhcpd
• Disable firewall

4. Wireless configuration

My final thoughts are:

• 2.4G SSID: yaoyao
• 5G SSID: yaoyao_5G

Two units remain:

• The same frequency band with the same name
• Same password
• same encryption

Channel staggering:

• The 1st 2.4G: 1
• No. 2 2.4G: 11
• 5G is also staggered

5. K/V/R configuration

Each wireless interface must be turned on:

• 802.11k
• 802.11v
• 802.11r

Among them, 802.11r also needs to pay attention to:

• Mobility Domain consistent, such as 1234
• NAS ID Unique per interface
• FT over DS Close first

6. usteer configuration

The core settings I ended up using were:

uci set usteer.@usteer[0].network='lan'
uci -q delete usteer.@usteer[0].ssid_list
uci add_list usteer.@usteer[0].ssid_list='yaoyao'
uci add_list usteer.@usteer[0].ssid_list='yaoyao_5G'
uci set usteer.@usteer[0].roam_scan_snr='-65'
uci set usteer.@usteer[0].signal_diff_threshold='8'
uci set usteer.@usteer[0].assoc_steering='1'
uci commit usteer
/etc/init.d/usteer enable
/etc/init.d/usteer restart

7. How to judge if usteer is working?

Execution:

ubus call usteer remote_info

If each station can see the other station:

• 2.4G
• 5G -SSID
• BSSID

This means that multi-AP collaboration has been established.

---

18. What to do if you feel the wireless becomes slow after flashing?

I’ve also encountered this problem.

After converting to OpenWrt, if you feel:

• Wi-Fi is not as fast as the original factory
• It’s easier to get stuck during Douyin live streaming
• I’m obviously connected to 5G, but I still feel uncomfortable.

Don’t rush to wonder “whether the brush is broken”. In many cases, the default configuration is just more conservative.

1. First distinguish whether it is “wired slow” or “wireless slow”

The first thing to do is to distinguish clearly:

• Use a network cable to measure the speed of your computer, whether it is faster or not
• Test the Wi-Fi speed of your mobile phone, whether it is faster or not

if:

• Cable is also slow

That’s more likely a routing/NAT forwarding issue.

if:

• Wired is normal -Only wireless is slow

That’s more likely a Wi-Fi parameter issue.

2. How to measure the speed of a mobile phone

The simplest way is:

• Open Speedtest with your mobile phone
• Or visit the speed test website

When measuring speed, it is recommended to measure separately:

• Only with 2.4G
• Only with 5G

This makes it easier to see which layer the problem is.

3. The basic wireless parameters must be reasonable

I will summarize later that the most stable ones for home use are:

• 2.4G
• Channel 1 / 6 / 11 Select one
• Bandwidth 20MHz
• 5G
• Prefer non-DFS channels
• Bandwidth 80MHz

Don’t take it lightly:

• 2.4G open 40MHz
• The transmitting power is directly maxed out

This often backfires.

4. What is flow offloading and where to buy it?

If found:

• Wired speed tests are not ideal
• Once more than one person is online, the live broadcast delay will be significantly higher.

Then it’s worth taking a look at the flow offloading.

The OpenWrt page is usually at:

• 网络 -> 防火墙

It may appear as:

• 路由/NAT 卸载
• 软件流量卸载
• 硬件流量卸载

My final suggestion is:

• Open 软件流量卸载 first
• Don’t open 硬件流量卸载 directly as soon as you get started.

Because:

• Software uninstallation is more stable
• Although hardware offloading may be faster, compatibility and stability depend on the specific device and function combination.

5. This matter has a lot to do with Douyin live broadcast

Because apps like Douyin Live not only consume bandwidth, but also consume:

• Delay
• Jitter
• Stability when switching

In other words, sometimes it seems that the “speed test is quite fast”, but the actual live streaming is still laggy. The problem may lie in:

• Roaming switch
• Wi-Fi band selection
• NAT/forwarding delays

And not just pure download speed.

---

19. What is my final configuration status?

After I checked all configurations, I can confirm:

• 802.11k has been opened
• 802.11v is open
• 802.11r is open
• Mobility Domain consistent
• NAS ID only
• FT over DS Closed
• usteer Two-way discovery is normal

In other words, from a configuration perspective:

K/V/R + usteer This set is already built.

---

20. What should be the real expectations of this plan?

I would like to say one final word of truth here.

When I first started dealing with this type of problem I heard:

-Mesh

• 802.11k/v/r
• Enterprise AP

You will think that in the end you will be able to achieve “absolutely seamless, zero lag”.

But in a family environment, the real situation is usually:

• The client still decides whether to switch or not
• Different mobile phone brands have very different roaming strategies.
• 5G coverage, placement, and transmit power will all affect the results

So a more reasonable goal is:

• No longer stick to far away AP for a long time
• No more than a slight pause when switching
• The experience of watching videos and walking around in daily life is obviously better than “just Wi-Fi with the same name”

If it reaches this level, it is actually worth it.

---

21. My biggest experience summary this time

1. Let’s first look at “flashing” and “networking” separately.

Flashing OpenWrt is only the first step. What really determines the experience is the network structure behind it.

2. Give priority to “wired backhaul AP roaming” in your home

If you can pull the network cable:

• Don’t prioritize wireless mesh
• Wired backhaul is usually more stable

3. Just opening Wi-Fi with the same name does not mean you will have good roaming

What really determines the roaming experience is often:

-AP positioning

• Channel planning -K/V/R -usteer
• Strategies for the client itself

4. Executing a command remotely under Windows is really more comfortable than typing with SSH.

Like this form:

ssh root@192.168.1.2 "uci show wireless"

For Windows users, this is often a lot less hassle than SSHing into first and then pasting.

5. Don’t attribute all problems to “OpenWrt configuration is wrong”

Many things that look like configuration issues turn out to be:

• Network cable problem
• LAN port problem
• Windows Static IP Residual
• Address conflict
• Mistakenly throwing Windows commands to OpenWrt for execution

---

22. Advice for those who are planning to buy Redmi AC2100

If you are planning to flash this machine, I will give the following suggestions.

Suggestion 1: Don’t brush Breed for the first time

First follow the safe route and flash into OpenWrt, and then consider Breed when you really need it later.

Suggestion 2: For the first time flashing from the original factory, only use kernel1.bin + rootfs0.bin

Don’t just use sysupgrade.bin to flash the original factory.

Suggestion 3: Be sure to use wired

Don’t skip this step.

Suggestion 4: Windows users try to use the “local remote command” method

Don’t rely too much on pasting long commands into an SSH black box.

Suggestion 5: If you do dual-route roaming in the future, give priority to the AP architecture.

If the main goal is:

• coverage
• Roaming
• Simplify network structure

Then let:

• Optical modem as the main router
• Both OpenWrts are used as APs

This is often better for families than double NAT.

---

Twenty-three, Conclusion

The biggest feeling of this torment is:

刷 OpenWrt 其实不难，真正难的是搞清楚自己想要的网络结构。

If the goal is just to make your home Wi-Fi more stable, smoother, and better for roaming, then what ultimately determines your experience is often:

• Is the wiring correct?
• Is the main router/AP division of labor correct?
• Are the channel and positioning correct?
• Are K/V/R and usteer configured completely?Redmi AC2100 is not a high-end device, but if used and matched correctly, it can still create a very practical and cost-effective home network.

If you are about to start reading, it is recommended to read this article from beginning to end before starting. There are many pitfalls that you don’t have to step through yourself again.