Difference between revisions of "Setting up a gateway on OpenWRT"

From ARDC
Jump to navigation Jump to search
Line 1: Line 1:
 
[[ampr-ripd]] has been compiled for Atheros 71xx
 
[[ampr-ripd]] has been compiled for Atheros 71xx
 +
 +
'''NOTE: To operate a [[Gateway]] on [[AMPRNet]], you must have a method of obtaining up-to-date route information. On AMPRNet, a variant of [https://en.wikipedia.org/wiki/Routing_Information_Protocol RIP version 2] protocol, named [[RIP]]44 is used. [https://en.wikipedia.org/wiki/Routing_Information_Protocol RIP version 2] is not the same as [[RIP]]44.''' [[rip44d]] is written in the Perl programming language by Heikki Hannikainen, OH7LZB. [[ampr-ripd]] is written in C by YO2LOJ. The routing table is relatively small, so the performance or memory consumption of this daemon isn't very critical. [[ampr-ripd]] is used in this instance, so no other prerequisite software is required to run the [[RIP]]44 daemon. You must have access to a binary [https://en.wikipedia.org/wiki/Executable executable] of [[ampr-ripd]] that is compatible with the [https://en.wikipedia.org/wiki/Central_processing_unit CPU] in your OpenWRT device (e.g. i386, i586, x64, MIPS, PPC, etc.). If you do not, you must [https://en.wikipedia.org/wiki/Compiler compile] ampr-ripd yourself, or install the packages necessary to run [[rip44d]].
 +
 +
== '''See''' ==
 +
 +
[http://wiki.openwrt.org/doc/devel/crosscompile Cross Compile - OpenWRT]
  
 
== Summary ==
 
== Summary ==

Revision as of 16:34, 15 August 2015

ampr-ripd has been compiled for Atheros 71xx

NOTE: To operate a Gateway on AMPRNet, you must have a method of obtaining up-to-date route information. On AMPRNet, a variant of RIP version 2 protocol, named RIP44 is used. RIP version 2 is not the same as RIP44. rip44d is written in the Perl programming language by Heikki Hannikainen, OH7LZB. ampr-ripd is written in C by YO2LOJ. The routing table is relatively small, so the performance or memory consumption of this daemon isn't very critical. ampr-ripd is used in this instance, so no other prerequisite software is required to run the RIP44 daemon. You must have access to a binary executable of ampr-ripd that is compatible with the CPU in your OpenWRT device (e.g. i386, i586, x64, MIPS, PPC, etc.). If you do not, you must compile ampr-ripd yourself, or install the packages necessary to run rip44d.

See

Cross Compile - OpenWRT

Summary

Install:

  • kmod-ipip
  • ip-full
  • ampr-ripd to /etc/config/ (always run RIP44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below)
  • the following to Firewall > Custom Rules:
# (eth0.2 in this case is the Public-facing WAN (to allow IPENCAP traffic), read your OpenWRT hardware Wiki for your specific model 
ifconfig tunl0 mtu 1480 up
iptables -t filter -I INPUT -p 4 -i eth0.2 -j ACCEPT
# ./etc/config/ampr-ripd -p <PASSWORD> -t 44 -a <44.xxx.xxx.xxx/xx>
ip route add default dev tunl0 via <AMPRGW> onlink table 44
ip rule add to <44.xxx.xxx.xxx/xx> table main priority 44
#OPTIONAL LAN ### ip rule add from <44.xxx.xxx.xxx/xx> to <192.168.xxx.xxx/16> table main priority 45
ip rule add from 44.0.0.0/8 table 44 priority 46
### CREATE A BLACKHOLE ON TABLE 7777 ###
ip route add default dev lo src 127.0.0.1 table 7777
### BLACKHOLE ALL REMAINING AMPR TRAFFIC ON TUNNEL ###
ip rule add to 44.0.0.0/8 dev tunl0 table 7777 priority 7777

  • reboot
  • a bridge interface to tunl0 and a new VLAN, adding it to its own firewall zone (assign an IP from your allocation to this interface)
  • the VLAN to any switch/trunk ports (as desired)
  • create any forwarding/input firewall Traffic Rules
  • test ampr-ripd in console
  • add password to Custom Rule and uncomment ampr-ripd line
  • reboot