Setting up a gateway on OpenWRT
ampr-ripd has been compiled for Atheros 71xx
NOTE: To operate a Gateway on AMPRNet, you must have a method of obtaining up-to-date route information. On AMPRNet, a variant of RIP version 2 protocol, named RIP44 is used. RIP version 2 is not the same as RIP44. rip44d is written in the Perl programming language by Heikki Hannikainen, OH7LZB. ampr-ripd is written in C by YO2LOJ. The routing table is relatively small, so the performance or memory consumption of this daemon isn't very critical. ampr-ripd is used in this instance, so no other prerequisite software is required to run the RIP44 daemon.
- You must have access to a binary executable of ampr-ripd that is compatible with the CPU in your OpenWRT device (e.g. i386, i586, x86_64, MIPS, PPC, etc.). If you do not, you must compile ampr-ripd yourself, or install the packages necessary to run rip44d.
- ampr-ripd to /etc/config/ (always run RIP44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below)
- the following to Firewall > Custom Rules:
# (eth0.2 in this case is the Public-facing WAN (to allow IPENCAP traffic), read your OpenWRT hardware Wiki for your specific model ifconfig tunl0 mtu 1480 up iptables -t filter -I INPUT -p 4 -i eth0.2 -j ACCEPT # ./etc/config/ampr-ripd -p <PASSWORD> -t 44 -a <44.xxx.xxx.xxx/xx> ip route add default dev tunl0 via <AMPRGW> onlink table 44 ip rule add to <44.xxx.xxx.xxx/xx> table main priority 44 #OPTIONAL LAN ### ip rule add from <44.xxx.xxx.xxx/xx> to <192.168.xxx.xxx/16> table main priority 45 ip rule add from 184.108.40.206/8 table 44 priority 46 ### CREATE A BLACKHOLE ON TABLE 7777 ### ip route add default dev lo src 127.0.0.1 table 7777 ### BLACKHOLE ALL REMAINING AMPR TRAFFIC ON TUNNEL ### ip rule add to 220.127.116.11/8 dev tunl0 table 7777 priority 7777
- a bridge interface to tunl0 and a new VLAN, adding it to its own firewall zone (assign an IP from your allocation to this interface)
- the VLAN to any switch/trunk ports (as desired)
- create any forwarding/input firewall Traffic Rules
- test ampr-ripd in console
- add password to Custom Rule and uncomment ampr-ripd line