Installing ampr-ripd on a Ubiquiti EdgeRouter or EdgeRouter X

From ARDC
Revision as of 09:46, 14 April 2019 by Yo2loj (talk | contribs) (Complete gateway on an EdgeRouter)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

These are the steps for setting up a fully functional AMPR gateway on Ubiquiti's EdgeRouter Light and EdgeRouter-X.

We start assuming you have a complete working and configured router, that already has internet access (a configured WAN port and a local LAN).


1 First add tunnel interface. You need to reserve an AMPR address from your AMPR subnet for the tunnel interface. If you have a /32 assignement, you need to use that one, else pick an unused address. Use the name 'tun44' for the tunnel, don't be creative since the script depends on this name.

- Config Tree -> add tun44 -> Update List

- tun44:

address: <your AMPR IP assigned to the router, see above>/32 (this MUST be /32, no matter what your allocation is)

description: AMPR GW

encapsulation: ipip

local-ip: <your WAN IP - ISP assigned or router's DMZ IP>

remote-ip: 0.0.0.0 (this MUST be 0.0.0.0, no matter what)

- tun44 -> disabe-link-detect press + right of it to enable

- Press Preview ans Apply

If you prefer to do it by CLI:

ubnt@YO2LOJ-ER3:~$ configure ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 local-ip <put the external ip> ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 remote-ip 0.0.0.0 ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 encapsulation ipip ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 address <44net router ip>/32 ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 description "AMPR GW" ubnt@YO2LOJ-ER3:~$ set interfaces tunnel tun44 disable-link-detect ubnt@YO2LOJ-ER3:~$ commit; save


2. Download your packages from here (read this section to the end...):

Find the EdgeRouter setup package here: http://www.yo2loj.ro/hamprojects/Ampr_EdgeRouter.tgz (mips64) For the EdgeRouterX setup use this one: http://www.yo2loj.ro/hamprojects/Ampr_EdgeRouterX.tgz (mipsel)

In short, get it, unpack on the router and run the install.sh script. Then edit your startup script if needed, and run it:


a. First, log in and become root:

Welcome to EdgeOS ubnt@YO2LOJ-ER3:~$ sudo su root@YO2LOJ-ER3:/home/ubnt# cd root@YO2LOJ-ER3:


b. Now download the correct package as described in the links above and unpack it:

root@YO2LOJ-ER3:~# curl http://yo2loj.ro/hamprojects/Ampr_EdgeRouter.tgz -o er.tgz % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 15532 100 15532 0 0 117k 0 -:-:- -:-:- -:-:- 174k

root@YO2LOJ-ER3:~# ls er.tgz

root@YO2LOJ-ER3:~# tar -xf er.tgz


c. install the package:

root@YO2LOJ-ER3:~# ./install.sh


d. edit the startup script to fit your needs. This is only needed if your router is behind NAT or you need to reject specific subnets. Edit only the -a options like below, don't touch the rest:

root@YO2LOJ-ER3:~# cd /etc root@YO2LOJ-ER3:/etc# vi ampr.sh

<press insert to start editing>

[...]

ampr-ripd -s -t 44 -i tun44 -m 90 -a 44.182.20.0/24,44.182.21.0/24,44.182.61.0/24,yo2loj.go.ro (adapt this list to your needs - commna separated, no spaces) ~ ~ ~ <press esc>:wq (to save and exit - yes, vi is strange)


e. Now run the startup script:


root@YO2LOJ-ER3:/etc# ./ampr.sh (On router restart, this will happen automatically)


That should do it :-)


NOTE: THE SETUP SCRIPT DOES NOT SECURE YOUR ROUTER. YOU NEED TO SET UP FIREWALL ROUTES YOURSELF.


3. Optionally you can install a status page in the wizzard section.

Download here: http://www.yo2loj.ro/hamprojects/Ampr_Status_Wizard.tar


Marius, YO2LOJ