Sama-core-rt

Aus wiki.freifunk.net
Wechseln zu: Navigation, Suche

sama-core-rt.olsr

Firmware mit dem Meshkit erstellen:

  • Target: Barrier-Breaker-ar71xx_generic
  • Profil: TLWDR4900
  • Package Set: full
  • Theme: luci-theme-bootstrap

Paketauswahl: 6in4 6relayd 6to4 auto-ipv6-gw auto-ipv6-node collectd collectd-mod-exec collectd-mod-interface collectd-mod-iwinfo collectd-mod-network collectd-mod-olsrd collectd-mod-rrdtool community-profiles dnsmasq etherwake freifunk-common freifunk-firewall freifunk-gwcheck freifunk-p2pblock freifunk-watchdog ip ip6tables iptables iwinfo kmod-batman-adv kmod-gre kmod-ipip kmod-ipt-nat kmod-iptunnel4 kmod-ppp kmod-pppoe kmod-sit kmod-tun libiwinfo-lua luci-app-chat luci-app-ffwizard-pberg luci-app-firewall luci-app-freifunk-policyrouting luci-app-ntpc luci-app-olsr luci-app-olsr-services luci-app-owm luci-app-owm-ant luci-app-owm-cmd luci-app-owm-gui luci-app-p2pblock luci-app-qos luci-app-splash luci-app-statistics luci-app-wol luci-i18n-german luci-lib-ipkg luci-mod-admin-full luci-mod-freifunk luci-proto-3g luci-proto-ipv6 luci-proto-ppp luci-proto-relay luci-theme-bootstrap olsrd olsrd-mod-arprefresh olsrd-mod-dyn-gw-plain olsrd-mod-jsoninfo olsrd-mod-nameservice olsrd-mod-watchdog openssh-sftp-server openvpn-polarssl ppp ppp-mod-pppoe px5g qos-scripts relayd resolveip uhttpd uhttpd-mod-tls uhttpd-mod-ubus wpad ws-mirror-server htop kmod-arptables kmod-batman-adv kmod-ebtables kmod-ebtables-ipv4 kmod-ebtables-ipv6 kmod-ip6tables kmod-ipv6 kmod-usb-storage luci-mod-admin-full ssl-cert luci-app-statistics luci-app-freifunk-diagnostics arptables ebtables iftop ip6tables iperf iptables iptraf iw mtr nmap netdiscover olsrd-mod-httpinfo olsrd-mod-txtinfo rsync vnstat bash collectd collectd-mod-conntrack collectd-mod-cpu collectd-mod-exec collectd-mod-interface collectd-mod-iwinfo collectd-mod-load collectd-mod-network collectd-mod-olsrd collectd-mod-rrdtool collectd-mod-uptime iwinfo vim tcpdump-mini

Router über das TP-Link Webinterface mit dem 'factory'-Image oder, falls OpenWrt bereits installiert ist, mit dem 'sysupgrade'-Image flashen:

sysupgrade -n -v openwrt-mpc85xx-generic-tl-wdr4900-v1-squashfs-sysupgrade.bin

Passwort und Shell einrichten:

telnet 192.168.1.1
passwd
sed -i '/^root/s/ash/bash/' /etc/passwd
reboot && exit         # Keine Ahnung warum hier ein reboot nötig ist

Nun den SSH Key auf den Router kopieren und einloggen:

cat ~/.ssh/freifunk.pub | ssh root@192.168.1.1 'cat >> /etc/dropbear/authorized_keys'
ssh root@192.168.1.1

Das Splash-Page Package entfernen da es gegenwärtig einen Bug[1] beinhaltet der verhindert, dass ein DHCP Server über den Wizard konfiguriert werden kann:

opkg remove luci-app-splash

Temporär entfernt wegen seltsamer Probleme:

opkg remove auto-ipv6-node
opkg remove 6relayd

Eine Firewall ist derzeit obsolet, daher abschalten:

/etc/init.d/firewall disable
/etc/init.d/firewall stop

Interfaces für die dedizierten BBB-Nodes anlegen:

uci set network.k9=interface
uci set network.zwingli=interface
uci set network.segen=interface
uci set network.afra=interface

Interface für die OpenWrt Devices anlegen:

uci set network.mesh=interface

Der WAN Port (blau) wird Management Port für den Core-Router auf den ohne VLAN zugegriffen werden kann:

uci rename network.wan=mgm
uci set network.mgm.proto=static
uci set network.mgm.ipaddr='192.168.1.1'
uci set network.mgm.netmask='255.255.255.0'
uci set network.mgm.macaddr='f8:1a:67:5a:a9:20'

Obsolete Interfaces löschen:

uci delete network.wan6
uci delete network.lan

Für den Fall, dass die Firewall doch mal angeschaltet wird, fügen wir lieber sämtliche Interfaces der Freifunk Zone hinzu:

uci set firewall.zone_freifunk.network='meshdhcp k9 afra segen zwingli mesh mgm'

Speichern, rebooten und Kabel auf MGM Port (blau) umstecken:

uci commit
reboot && exit

Weiter gehts nun im Freifunk Assistent:

  • Knoten Name: sama-core-rt
  • Standort: Samariterkirche
  • eMail: freifunk@faust2k.net
  • Interface 'MESH'
    • Mesh IP: 104.131.4.1/32
    • DHCP anbieten: ja
    • 104.131.5.1/24
  • Interface 'K9'
    • Mesh IP: 104.131.4.4/32
  • Interface 'ZWINGLI'
    • Mesh IP: 104.131.4.6/32
  • Interface 'SEGEN'
    • Mesh IP: 104.131.4.8/32
  • Interface 'AFRA'
    • Mesh IP: 104.131.4.10/32
  • Breitengrad: 52.51803
  • Längengrad: 13.46618

Kontakt einrichten:

Zurück auf der Shell können wir jetzt den Switch konfigurieren (VLAN Tagging) und MAC Adressen festlegen:

uci set network.k9.ifname=eth0.50
uci set network.k9.macaddr='5A:04:9F:EF:10:50'
uci add network switch_vlan
uci set network.@switch_vlan[-1].device=switch0
uci set network.@switch_vlan[-1].vlan=50
uci set network.@switch_vlan[-1].ports="0t 2t 3t 4t 5t"

uci set network.segen.ifname=eth0.60
uci set network.segen.macaddr='5A:04:9F:EF:10:60'
uci add network switch_vlan
uci set network.@switch_vlan[-1].device=switch0
uci set network.@switch_vlan[-1].vlan=60
uci set network.@switch_vlan[-1].ports="0t 2t 3t 4t 5t"

uci set network.zwingli.ifname=eth0.70
uci set network.zwingli.macaddr='5A:04:9F:EF:10:70'
uci add network switch_vlan
uci set network.@switch_vlan[-1].device=switch0
uci set network.@switch_vlan[-1].vlan=70
uci set network.@switch_vlan[-1].ports="0t 2t 3t 4t 5t"

uci set network.afra.ifname=eth0.80
uci set network.afra.macaddr='5A:04:9F:EF:10:80'
uci add network switch_vlan
uci set network.@switch_vlan[-1].device=switch0
uci set network.@switch_vlan[-1].vlan=80
uci set network.@switch_vlan[-1].ports="0t 2t 3t 4t 5t"

uci set network.mesh.ifname=eth0.1
uci set network.mesh.macaddr='5A:04:9F:EF:10:10'
uci add network switch_vlan
uci set network.@switch_vlan[-1].device=switch0
uci set network.@switch_vlan[-1].vlan=1
uci set network.@switch_vlan[-1].ports="0t 2t 3t 4t 5t"
uci commit

Noch ein etwas dirty Setup um auf die AirOS Devices zugreifen zu können:

uci add network route
uci set network.@route[-1].interface=k9
uci set network.@route[-1].target=104.131.4.3
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.3'

uci add network route
uci set network.@route[-1].interface=segen
uci set network.@route[-1].target=104.131.4.7
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.7'

uci add network route
uci set network.@route[-1].interface=zwingli
uci set network.@route[-1].target=104.131.4.5
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.5'

uci add network route
uci set network.@route[-1].interface=afra
uci set network.@route[-1].target=104.131.4.9
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.9'

uci add network route
uci set network.@route[-1].interface=mesh
uci set network.@route[-1].target=104.131.4.20
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.20'

uci add network route
uci set network.@route[-1].interface=mesh
uci set network.@route[-1].target=104.131.4.21
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.21'

uci add network route
uci set network.@route[-1].interface=mesh
uci set network.@route[-1].target=104.131.4.22
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.22'

uci add network route
uci set network.@route[-1].interface=mesh
uci set network.@route[-1].target=104.131.4.23
uci set network.@route[-1].netmask=255.255.255.255
uci add olsrd Hna4
uci set olsrd.@Hna4[-1].netmask='255.255.255.255'
uci set olsrd.@Hna4[-1].netaddr='104.131.4.23'
uci commit

Zuletzt noch das Monitoring einrichten:

uci set luci_statistics.collectd_network.enable=1
uci set luci_statistics.collectd_ping.enable=0         # Temporär weil nicht vorhanden
uci set luci_statistics.collectd_ping.Hosts='zwingli-core.olsr k9-bbb-rt1.olsr segen-router.olsr'
uci set luci_statistics.collectd_iptables.enable=0
uci set luci_statistics.collectd_iwinfo.enable=0
uci set luci_statistics.collectd_processes.enable=0
uci set luci_statistics.collectd_tcpconns.enable=0
uci set luci_statistics.collectd_memory.enable=0
uci set luci_statistics.collectd_interface.Interfaces='eth0 eth0.1 eth0.2 eth0.50 eth0.60 eth0.70 eth0.80'
uci add luci_statistics collectd_network_server
uci set luci_statistics.@collectd_network_server[-1].host=monitor.berlin.freifunk.net
uci commit
chmod 644 /etc/config/luci_statistics
/etc/init.d/luci_statistics restart
/etc/init.d/luci_statistics enable

Nun nochmal rebooten und hoffentlich freuen! :-)

reboot && exit
  1. https://github.com/freifunk/packages-pberg/commit/025071f07579c324c8ce727e1faac906c6521588