Project

General

Profile

Actions

Managing OpenWRT » History » Revision 14

« Previous | Revision 14/34 (diff) | Next »
Nico Schottelius, 11/30/2020 12:50 PM


Managing OpenWRT

Installing and configuring Jool

  • You can use one of the known NAT64 prefixes from our networks (LINK!)
    • In the example below this is 2a0a:e5c0:2:10::/96
  • You need to have a /96 (or better: /64) routed to the openwrt
    • In the example below this is 2a0a:e5c0:17:1::/96
opkg install kmod-jool
opkg install jool-tools

# Load the kernel module
modprobe jool_siit

# The range which will be the target for the 2nd NAT (if needed to reach a v4 ip)
jool_siit -6 2a0a:e5c0:2:10::/96

# Pick a v6 range to translate TO and a v4 range to translate from
jool_siit -e -a 2a0a:e5c0:17:1::/96 192.168.61.0/24

# Accept Router Advertisements to keep the default address
sysctl -w net.ipv6.conf.all.accept_ra=2
sysctl -w net.ipv6.conf.default.accept_ra=2
sysctl -w net.ipv6.conf.eth0.accept_ra=2
sysctl -w net.ipv6.conf.br-lan.accept_ra=2

Enabling routing with router advertisements

  • By default ipv6 forwarding is on (good!)
  • By default accept_ra is 0
    • This does not set the route properly into the kernel -> routing is broken
  • Need to modify accept_ra to 2

Enabling SSH access on wan

Enable it in the web interface

 $URL/cgi-bin/luci/admin/system/admin/dropbear 

OR

Dropbear uci var (not tested):

    option GatewayPorts 'on' 

Resetting to factory default

firstboot -y && reboot now

Installing and configuring an APU as a PIB with OpenWRT

wget ... -O - | gunzip > /dev/sda
  • Configure it using pib-setup.sh from ungleich-tools
  • Create a network on the VPN server

Installing openwrt (squashfs) on APU details

opkg update
  • Install SSL certifaicates
opkg install libustream-openssl ca-bundle ca-certificates
  • check the time and date if it is not correct, modify the time and date as follows
    date -s YEARMONTHDATETIME 
    
  • Flashing the squashfs openwrt image into the APUs SSD (adjust to the correct version)
wget -O - http://downloads.openwrt.org/releases/19.07.3/targets/
x86/64/openwrt-19.07.3-x86-64-combined-squashfs.img.gz | gunzip > /dev/sda 

Defaults after Openwrt installation

  • eth0 = WAN
  • eth1&2 = LAN

Setting up the GL-INET GL-MT300N-V2

Managing QMI based LTE devices

Debug commands:

uqmi -d /dev/cdc-wdm0 --get-signal-info
uqmi -d /dev/cdc-wdm0 --get-data-status
uqmi -d /dev/cdc-wdm0 --get-current-settings
uqmi -d /dev/cdc-wdm0 --get-capabilities

uqmi -d /dev/cdc-wdm0 --get-imei

Managing static IPv6 addresses

If using a statically routed IPv6 network, the default RA mechanism does not set an outgoing route by default. This is a bit different from "regular" Linux:

  • openwrt uses user space odhcp6c
  • for openwrt we need to setup a "static default route"
    • do not forget to select the interface in the list
  • Default Linux on the other hand needs to use accept_ra=2 if ipv6 forwarding is on
    • This also works on openwrt, but it is conflicting/not the correct way to do
  • TL;DR If using openwrt with static IPv6 addresses, add a static IPv6 default route

Updated by Nico Schottelius almost 4 years ago · 14 revisions