Project

General

Profile

Managing OpenWRT » History » Revision 12

Revision 11 (Nico Schottelius, 09/08/2020 01:34 PM) → Revision 12/25 (Nico Schottelius, 11/17/2020 06:07 PM)

{{toc}} 

 h1. Managing OpenWRT 

 h2. Installing and configuring Jool 

 * You can use one of the known NAT64 prefixes from our networks (LINK!) 
 ** In the example below this is 2a0a:e5c0:2:10::/96 
 * You need to have a /96 (or better: /64) routed to the openwrt 
 ** In the example below this is 2a0a:e5c0:17:1::/96 


 <pre> 
 opkg install kmod-jool 
 opkg install jool-tools 

 # Load the kernel module 
 modprobe jool_siit 

 # The range which will be the target for the 2nd NAT (if needed to reach a v4 ip) 
 jool_siit -6 2a0a:e5c0:2:10::/96 

 # Pick a v6 range to translate TO and a v4 range to translate from 
 jool_siit -e -a 2a0a:e5c0:17:1::/96 192.168.61.0/24 

 # Accept Router Advertisements to keep the default address 
 sysctl -w net.ipv6.conf.all.accept_ra=2 
 sysctl -w net.ipv6.conf.default.accept_ra=2 
 sysctl -w net.ipv6.conf.eth0.accept_ra=2 
 sysctl -w net.ipv6.conf.br-lan.accept_ra=2 

 </pre> 

 h2. Enabling routing with router advertisements 

 * By default ipv6 forwarding is on (good!) 
 * By default accept_ra is 0 
 ** This does not set the route properly into the kernel -> routing is broken 
 * Need to modify accept_ra to 2 

 h2. Enabling SSH access on wan  

 Enable it in the web interface 
 <pre> $URL/cgi-bin/luci/admin/system/admin/dropbear </pre> 

 OR 

 Dropbear uci var (not tested): 

 <pre> 	 option GatewayPorts 'on' </pre> 

 h2. Resetting to factory default 

 * See https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset 

 <pre> 
 firstboot -y && reboot now 
 </pre> 

 h2. Installing and configuring an APU as a PIB with OpenWRT 

 * Get the x86 64 SQUASHFS image 
 ** https://downloads.openwrt.org/releases/19.07.3/targets/x86/64/ 
 ** combined-squashfs.img.gz 
 * Gunzip it 
 * dd it it an usb stick 
 * Boot the usb stick on the APU 
 * When booted, wget it on the APU and write it over /dev/sda 

 <pre> 
 wget ... -O - | gunzip > /dev/sda 
 </pre> 

 * Configure it using pib-setup.sh from ungleich-tools 
 * Create a network on the VPN server 


 h3. Installing openwrt (squashfs) on APU details 

 <pre> 
 opkg update 
 </pre>  

 * Install SSL certifaicates 

 <pre> 
 opkg install libustream-openssl ca-bundle ca-certificates 
 </pre>  

 * check the time and date if it is not correct, modify the time and date as follows  
 <pre> 
 date -s YEARMONTHDATETIME  
 </pre> 

 * Flashing the squashfs openwrt image into the APUs SSD (adjust to the correct version) 

 <pre> 
 wget -O - http://downloads.openwrt.org/releases/19.07.3/targets/ 
 x86/64/openwrt-19.07.3-x86-64-combined-squashfs.img.gz | gunzip > /dev/sda  
 </pre> 

 h3. Defaults after Openwrt installation  

 * eth0 = WAN 
 * eth1&2 = LAN 

 h2. Setting up the GL-INET GL-MT300N-V2 

 * Go to advanced and flash the standard image 
 * Link: https://openwrt.org/toh/gl.inet/gl.inet_gl-mt300n_v2