Setting up a gateway on OpenWRT

From 44Net Wiki
Revision as of 16:43, 15 August 2015 by Kb3vwg (talk | contribs)
Jump to navigation Jump to search

ampr-ripd has been compiled for Atheros 71xx

NOTE: To operate a Gateway on AMPRNet, you must have a method of obtaining up-to-date route information. On AMPRNet, a variant of RIP version 2 protocol, named RIP44 is used. RIP version 2 is not the same as RIP44. rip44d is written in the Perl programming language by Heikki Hannikainen, OH7LZB. ampr-ripd is written in C by YO2LOJ. The routing table is relatively small, so the performance or memory consumption of this daemon isn't very critical. ampr-ripd is used in this instance, so no other prerequisite software is required to run the RIP44 daemon.

  • You must have access to a binary executable of ampr-ripd that is compatible with the CPU in your OpenWRT device (e.g. i386, i586, x86_64, MIPS, PPC, etc.). If you do not, you must compile ampr-ripd yourself, or install the packages necessary to run rip44d.




  • kmod-ipip
  • ip-full
  • ampr-ripd to /etc/config/ (always run RIP44 software in console mode FIRST after installation to verify execution and obtain the password, the execution of the file is commented-out below)
  • the following to Firewall > Custom Rules:
# (eth0.2 in this case is the Public-facing WAN (to allow IPENCAP traffic), read your OpenWRT hardware Wiki for your specific model 
ifconfig tunl0 mtu 1480 up
iptables -t filter -I INPUT -p 4 -i eth0.2 -j ACCEPT
# ./etc/config/ampr-ripd -p <PASSWORD> -t 44 -a <>
ip route add default dev tunl0 via <AMPRGW> onlink table 44
ip rule add to <> table main priority 44
#OPTIONAL LAN ### ip rule add from <> to <> table main priority 45
ip rule add from table 44 priority 46
ip route add default dev lo src table 7777
ip rule add to dev tunl0 table 7777 priority 7777

  • reboot
  • a bridge interface to tunl0 and a new VLAN, adding it to its own firewall zone (assign an IP from your allocation to this interface)
  • the VLAN to any switch/trunk ports (as desired)
  • create any forwarding/input firewall Traffic Rules
  • test ampr-ripd in console
  • add password to Custom Rule and uncomment ampr-ripd line
  • reboot