Project

General

Profile

Managing OpenWRT » History » Version 27

Nico Schottelius, 09/05/2022 05:56 PM

1 4 Nico Schottelius
{{toc}}
2
3 1 Nico Schottelius
h1. Managing OpenWRT
4
5
h2. Installing and configuring Jool
6
7 5 Nico Schottelius
* You can use one of the known NAT64 prefixes from our networks (LINK!)
8
** In the example below this is 2a0a:e5c0:2:10::/96
9
* You need to have a /96 (or better: /64) routed to the openwrt
10
** In the example below this is 2a0a:e5c0:17:1::/96
11
12
13 1 Nico Schottelius
<pre>
14
opkg install kmod-jool
15
opkg install jool-tools
16 2 ll nu
17
# Load the kernel module
18
modprobe jool_siit
19
20
# The range which will be the target for the 2nd NAT (if needed to reach a v4 ip)
21
jool_siit -6 2a0a:e5c0:2:10::/96
22
23
# Pick a v6 range to translate TO and a v4 range to translate from
24
jool_siit -e -a 2a0a:e5c0:17:1::/96 192.168.61.0/24
25
26
# Accept Router Advertisements to keep the default address
27
sysctl -w net.ipv6.conf.all.accept_ra=2
28
sysctl -w net.ipv6.conf.default.accept_ra=2
29
sysctl -w net.ipv6.conf.eth0.accept_ra=2
30 6 Nico Schottelius
sysctl -w net.ipv6.conf.br-lan.accept_ra=2
31 1 Nico Schottelius
32 3 Nico Schottelius
</pre>
33
34
h2. Enabling routing with router advertisements
35
36
* By default ipv6 forwarding is on (good!)
37
* By default accept_ra is 0
38
** This does not set the route properly into the kernel -> routing is broken
39
* Need to modify accept_ra to 2
40 7 ll nu
41
h2. Enabling SSH access on wan 
42
43
Enable it in the web interface
44 8 ll nu
<pre> $URL/cgi-bin/luci/admin/system/admin/dropbear </pre>
45 7 ll nu
46
OR
47
48
Dropbear uci var (not tested):
49
50
<pre>	option GatewayPorts 'on' </pre>
51 9 Nico Schottelius
52
h2. Resetting to factory default
53
54
* See https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset
55
56
<pre>
57
firstboot -y && reboot now
58
</pre>
59 10 Nico Schottelius
60
h2. Installing and configuring an APU as a PIB with OpenWRT
61
62
* Get the x86 64 SQUASHFS image
63
** https://downloads.openwrt.org/releases/19.07.3/targets/x86/64/
64
** combined-squashfs.img.gz
65
* Gunzip it
66
* dd it it an usb stick
67
* Boot the usb stick on the APU
68
* When booted, wget it on the APU and write it over /dev/sda
69
70
<pre>
71
wget ... -O - | gunzip > /dev/sda
72
</pre>
73
74
* Configure it using pib-setup.sh from ungleich-tools
75 1 Nico Schottelius
* Create a network on the VPN server
76 11 Nico Schottelius
77
78
h3. Installing openwrt (squashfs) on APU details
79
80
<pre>
81
opkg update
82
</pre> 
83
84
* Install SSL certifaicates
85
86
<pre>
87
opkg install libustream-openssl ca-bundle ca-certificates
88
</pre> 
89
90
* check the time and date if it is not correct, modify the time and date as follows 
91
<pre>
92
date -s YEARMONTHDATETIME 
93
</pre>
94
95
* Flashing the squashfs openwrt image into the APUs SSD (adjust to the correct version)
96
97
<pre>
98
wget -O - http://downloads.openwrt.org/releases/19.07.3/targets/
99
x86/64/openwrt-19.07.3-x86-64-combined-squashfs.img.gz | gunzip > /dev/sda 
100
</pre>
101
102
h3. Defaults after Openwrt installation 
103
104
* eth0 = WAN
105
* eth1&2 = LAN
106 12 Nico Schottelius
107
h2. Setting up the GL-INET GL-MT300N-V2
108
109
* Go to advanced and flash the standard image
110
* Link: https://openwrt.org/toh/gl.inet/gl.inet_gl-mt300n_v2
111 13 Nico Schottelius
112
h2. Managing QMI based LTE devices
113
114
Debug commands:
115
116
<pre>
117
uqmi -d /dev/cdc-wdm0 --get-signal-info
118
uqmi -d /dev/cdc-wdm0 --get-data-status
119
uqmi -d /dev/cdc-wdm0 --get-current-settings
120
uqmi -d /dev/cdc-wdm0 --get-capabilities
121
122
uqmi -d /dev/cdc-wdm0 --get-imei
123
124 17 Nico Schottelius
# get network cell / status
125
uqmi -d /dev/cdc-wdm0 --get-serving-system       
126
127
# get networks in range
128
uqmi -d /dev/cdc-wdm0 --network-scan
129
130
</pre>
131
132
Reset (might help to clear the NETWORK_REGISTRATION_FAILED error?)
133
<pre>
134
/sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode offline
135
/sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode reset
136
/bin/sleep 20
137
/sbin/uqmi -d /dev/cdc-wdm0 --set-device-operating-mode online
138
/sbin/uqmi -d /dev/cdc-wdm0 --set-autoconnect enabled
139
/sbin/uqmi -d /dev/cdc-wdm0 --network-register
140 13 Nico Schottelius
</pre>
141
142 18 Nico Schottelius
Setting the network mode:
143
144
<pre>
145
...
146
  --set-network-modes <modes>:      Set usable network modes (Syntax: <mode1>[,<mode2>,...])
147
                                    Available modes: all, lte, umts, gsm, cdma, td-scdma
148
...
149
150
root@vigir2:~# uqmi -d /dev/cdc-wdm0  --get-signal-info
151
{
152
	"type": "wcdma",
153
	"rssi": -104,
154
	"ecio": 17
155
}
156
root@vigir2:~# uqmi -d /dev/cdc-wdm0 --set-network-modes lte
157
158
(wait some time)
159
root@vigir2:~# uqmi -d /dev/cdc-wdm0  --get-signal-info
160
{
161
	"type": "lte",
162
	"rssi": -71,
163
	"rsrq": -11,
164
	"rsrp": -99,
165
	"snr": 72
166
}
167
168
169
</pre>
170
171 19 Nico Schottelius
Roaming
172
173
<pre>
174
uqmi -d /dev/cdc-wdm0 --set-network-roaming off
175
176 20 Nico Schottelius
</pre>
177
178 13 Nico Schottelius
* See also: https://openwrt.org/docs/guide-user/network/wan/wwan/ltedongle
179 14 Nico Schottelius
180
h2. Managing static IPv6 addresses
181
182
If using a statically routed IPv6 network, the default RA mechanism does not set an outgoing route by default. This is a bit different from "regular" Linux:
183
184
* openwrt uses user space odhcp6c
185
* for openwrt we need to setup a "static default route"
186
** do not forget to select the interface in the list
187
* Default Linux on the other hand needs to use accept_ra=2 if ipv6 forwarding is on
188
** This also works on openwrt, but it is conflicting/not the correct way to do
189
* **TL;DR If using openwrt with static IPv6 addresses, add a static IPv6 default route**
190 15 Nico Schottelius
191
Alternative (currently untested) approach:
192
193
<pre>
194
instead of hardcoding the subnet in lan, add it as "option ip6prefix" to your wan6/dhcpv6 interface
195
in lan merely add "option ip6assign 64" or however much bits you want to redelegate
196
that should make odhcp6c/netifd aware of the additional prefix and factor that into the default route coverage
197
it should work as if the prefix were received via dhcpv6-pd
198
</pre>
199
200
(Thanks to jow in #openwrt)
201 16 Nico Schottelius
202
h2. Temperature sensor support
203
204
We are using "temper" based usb temperature sensors. They are read using "temper-py":https://pypi.org/project/temper-py/. 
205
The default setup is to write to /www/temperature.txt which allows the temperature to be read from the standard webserver.
206
207
So if you own a VIIRB/VIWIB/other OpenWRT device using the "openwrt-add-temper":https://code.ungleich.ch/ungleich-public/ungleich-tools/-/blob/master/openwrt-add-temper.sh you can see the temperature on http://ip-of-the-device/temperature.txt.
208
209
It is refreshed every 5 minutes.
210 21 Nico Schottelius
211
h2. Device specific instructions
212
213
How to get a device into a standard openwrt environment.
214
215
h3. VIIRB
216
217
* Comes with standard openwrt and has IPv6 enabled
218
* Flash via ipv6 link local address (no ipv4 required)
219
* Flash using https://code.ungleich.ch/ungleich-public/ungleich-tools/-/blob/master/openwrt/viirb-1-firmware-upgrade.sh
220
221 25 Nico Schottelius
h4. Testing
222
223
* Plugin the VIIRB into an IPv4 only network with Internet uplink
224
* Plugin another test device into the IPv4 network
225
* Power on the VIIRB
226
* Verify that
227
** The test device gets an IPv6 address from the VIIRB
228
** Verify using @curl -6 ifconfig.io@
229
** Verify that the network ID corresponds to the hexadecimal ID of the VIIRB
230
231 26 Nico Schottelius
h3. VIWIB1 (yellow)
232 21 Nico Schottelius
233 22 Nico Schottelius
h4. Step 1: flashing
234
235 21 Nico Schottelius
* Factory default no ipv6 link local address
236
* Need to flash 192.168.8.1 as the first step:
237
** Connect via LAN port
238 22 Nico Schottelius
** Use https://code.ungleich.ch/ungleich-public/ungleich-tools/-/blob/master/openwrt/viwib-1-firmware-upgrade.sh
239
240 21 Nico Schottelius
h4. Step 2: configuring
241
242
* Connect LAN and WAN to two different networks 
243
** It is important that they are different layer 2 networks as the viwib has the same mac on all interfaces
244
** You need WAN for upstream connectivity for installing wireguard
245
** The configuring (=your computer) needs to be connected to the LAN segment
246
247 25 Nico Schottelius
h4. Step 3: Testing
248
249
* Connect the WAN port into an IPv4 or IPv6 network (both should work)
250
* Connect a test device to the LAN port of the VIWIB
251
* Verify that
252
** The test device gets an IPv6 address from the VIWIB
253
** Verify using @curl -6 ifconfig.io@
254
** Verify that the network ID corresponds to the hexadecimal ID of the VIWIB
255 1 Nico Schottelius
** Verify that DNS64/NAT64 works correctly, visit an IPv4 only website via IPv6
256
257 26 Nico Schottelius
h3. VIWIB2 (black)
258
259
* "Openwrt page":https://openwrt.org/toh/gl.inet/gl-ar300m
260
* Vendor default IP: 192.168.8.1 
261
** No response to IPv6 ff02::1!
262 27 Nico Schottelius
** ssh open
263
264
Bootstrap:
265
266
* Connect to singl ethernet host
267
* Upgrade via 192.168.8.1
268
* Then default to regular
269 25 Nico Schottelius
270 1 Nico Schottelius
h3. VIGIR
271
272 25 Nico Schottelius
h4. Initial setup
273
274
* Connect to the LAN port
275
* Start device
276
* Flash 192.168.1.1 directly
277
278
h4. Testing
279
280
* Same as VIWIB
281
282 23 Nico Schottelius
283
h3. MIVIR
284
285 24 Nico Schottelius
* Standard QMI device
286
* Only snapshots available / no version
287 23 Nico Schottelius
* See https://openwrt.org/toh/hwdata/gl.inet/gl.inet_gl-e750
288
* See https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=68ac3f2cddab8422d7de0ce1a78d23edf29012e7
289
* See https://github.com/gl-inet/GL-E750-MCU-instruction
290
291
- SoC: Qualcomm Atheros AR9531 (650MHz)
292
- RAM: 128 MB DDR2
293
- Flash: 16 MB SPI NOR (W25Q128FVSG) + 128 MB SPI NAND (GD5F1GQ4UFYIG)
294
- Ethernet: 10/100: 1xLAN
295
- Wireless: QCA9531 2.4GHz (bgn) + QCA9887 5GHz (ac)
296 1 Nico Schottelius
- USB: 1x USB 2.0 port
297
- Switch: 1x switch
298
- Button: 1x reset button
299
- OLED Screen: 128*64 px