as i’ve wrote above, do NOT bridge the wifi-device with anything else, and if you using access-point you have to use ap0 and not wlanx
use routing instead
and not configuring the gmacs (eth0/1), only put them up
as i’ve wrote above, do NOT bridge the wifi-device with anything else, and if you using access-point you have to use ap0 and not wlanx
use routing instead
and not configuring the gmacs (eth0/1), only put them up
you mean do that:
root@bpi-r2:~# brctl addif br0 ap0
root@bpi-r2:~# brctl addif br0 wan
root@bpi-r2:~# ip link set br0 up
root@bpi-r2:~# brctl show br0
bridge name bridge id STP enabled interfaces
br0 8000.020822fe5afc no ap0
. . . . . . . . . . . . . . . . . . . . . wan
I tried that too, but all my devices fail to obtaining any ip address
I don’ t know what is gmacs, if you are talking about mac address, I don’ t have touched that
that what I don’t know how to do
no…not bridging anything (only lanX)
gmacs are the interfaces eth0 and eth1 (if kernel has wan + lanX), these are the connections between SOC (mt7623) and Switch (mt7530), they are not connected to outside and so they don’t need any IP-config
for routing you only need to give your interfaces an IP-Address (separate subnet) and enable routing
https://wiki.fw-web.de/doku.php?id=en:bpi-r2:network:start#routing
only special thing is if you have another router and you want to access clients from it through r2
existing router -> (wan) r2 (lan) -> client
then your existing router does not know subnet you use on r2’s lan-ports, so you need a static route here
it work! thx a lot, I can’ t say I understand everything I did to make the routing working:
ipt=/sbin/iptables
if_wan=wan
${ipt} -t nat -A POSTROUTING -o ${if_wan} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
then I executed wifi.sh
my devices can connect to the AP and have internet access.
not the case thx. you really made a great work with that debian image. There is a way to make a little donation to you ?
Best donation is help me getting things to work testing different things,make reproducable reportings and try to fix
PLEASE DO NOT FOLLOW WHAT I DID HERE, FOR SOME REASON I RAN TO ISSUE, BUT KEEP READING.
Hi frank-w, I finished to configure the whole ethernet/wifi/access-point for my bpi r-2. Here is my summary:
I bridged both eth0 and eth1 together,
/etc/network/interfaces
,# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
pre-up ip link set $IFACE up
post-down ip link set $IFACE down
auto eth1
iface eth1 inet manual
pre-up ip link set $IFACE up
post-down ip link set $IFACE down
auto wan
iface wan inet manual
auto lan0
iface lan0 inet manual
auto lan1
iface lan1 inet manual
auto lan2
iface lan2 inet manual
auto lan3
iface lan3 inet manual
auto br0
iface br0 inet static
address 192.168.40.1
netmask 255.255.255.0
bridge_ports wan lan0 lan1 lan2 lan3
bridge_fd 5
bridge_stp no
source-directory /etc/network/interfaces.d
/etc/dnsmasq.d/interfaces.conf
,interface=wlan1
interface=ap0
no-dhcp-interface=eth0
no-dhcp-interface=eth1
dhcp-range=ap0,192.168.10.100,192.168.10.150,255.255.255.0,48h
dhcp-option=ap0,3,192.168.10.1
dhcp-range=wlan1,192.168.11.100,192.168.11.150,255.255.255.0,48h
dhcp-option=wlan1,3,192.168.11.1
start.sh
script I run at boot,#!/bin/bash
ipt=/sbin/iptables
if_wan=wan
${ipt} -t nat -A POSTROUTING -o ${if_wan} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
wifi.sh
dhclient
feel free to add it to your wiki as an example for your debian image. I will redo the whole configuration from scratch to figure if something missing
Why? Btw. Bridging wan and lan together is a very bad idea when directly connected to internet…
And you need a firewall nat is not for security
hi, it doesn’ t work anymore… I do not undertand… I got the blue plugged to lan0 and yellow to wan and got internet to the PC connected using the blue cable… no I just don’ t understand… I’ m back at the steps where I can connect internet using the the ap only…
because I want to forward internet (wan) to lanX… but anyway, as said it doesn’ t work anymore if you can tell me how to do it, otherwise I start to lack of idea about how to fix that…
Do only bridge lan-ports…not wan, not ethX
First test is if you got internet on r2 itself…then on client,if on r2 works and not on client,try to ping r2 from client,then traceroute/tracert.
ok
yes I can ping 8.8.8.8
traceroute results:
[user@motorhead ~]$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 _gateway (192.168.10.1) 1.707 ms 1.741 ms 2.182 ms
2 * * *
3 10.170.192.53 (10.170.192.53) 39.722 ms 39.647 ms 39.944 ms
4 135.0.255.17 (135.0.255.17) 39.663 ms 135.0.255.5 (135.0.255.5) 39.879 ms 38.959 ms
5 te0-0-1-0.nr11.b029490-1.ymq02.atlas.cogentco.com (38.104.154.105) 40.502 ms 39.896 ms 39.871 ms
6 te0-0-2-2.agr11.ymq02.atlas.cogentco.com (154.24.16.53) 40.697 ms te0-0-2-2.agr12.ymq02.atlas.cogentco.com (154.24.16.57) 32.577 ms te0-0-2-2.agr11.ymq02.atlas.cogentco.com (154.24.16.53) 27.217 ms
7 be3381.rcr21.ymq02.atlas.cogentco.com (154.54.41.221) 27.115 ms 27.064 ms 27.015 ms
8 tata.ymq02.atlas.cogentco.com (154.54.10.206) 23.460 ms 31.679 ms 30.983 ms
9 209.85.149.230 (209.85.149.230) 32.247 ms 32.207 ms 32.143 ms
10 108.170.251.49 (108.170.251.49) 32.066 ms 31.957 ms 108.170.251.1 (108.170.251.1) 31.954 ms
11 108.170.231.61 (108.170.231.61) 32.733 ms 108.170.231.63 (108.170.231.63) 32.693 ms 108.170.231.65 (108.170.231.65) 11.397 ms
12 dns.google (8.8.8.8) 15.495 ms 24.930 ms 24.197 ms
Then I disconnected from ap0 and connect to br0
user@motorhead ~]$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 motorhead.local (192.168.40.132) 3034.332 ms !H 3034.232 ms !H 3034.178 ms !H
note: I did the tests with different laptops, you see motorhead was used here to make easy to copy+paste…
does that talk to you? coz I’ m lost…
r2 pingable from br0-client? Have you a default-route on your clients (dhcp?)? As you ping ip it is no dns-problem
yes I can pin R2 from br0-client. I can also ssh to it
[user@motorhead ~]$ ip route # client ip is 192.168.40.132
default via 192.168.40.10 dev enp0s25 proto dhcp metric 20100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.40.0/24 dev enp0s25 proto kernel scope link src 192.168.40.132 metric 100
[user@satyricon ~]$ ip route # client ip is 192.168.10.125
default via 192.168.10.1 dev wlp3s0 proto dhcp metric 600
192.168.10.0/24 dev wlp3s0 proto kernel scope link src 192.168.10.125 metric 600
from r2 itself:
root@bpi-r2:~# ip route
default via x.0.x.113 dev wan
x.0.x.112/28 dev wan proto kernel scope link src x.0.x.117
x.0.x.112/28 dev br0 proto kernel scope link src x.0.x.115
x.0.x.112/28 dev lan0 proto kernel scope link src x.0.x.115
192.168.10.0/24 dev ap0 proto kernel scope link src 192.168.10.1
192.168.40.0/24 via 192.168.40.1 dev br0
note: about R2’s routing table, I don’t have experience of dealing with that, but I have the feeling the problem comes from here, I tried a lot ip route add
so if there is anything which look weird it may be because of me…
Are first 3 entries of r2 routing table same subnet (they should not).else i wonder about entry with lan0 i expect this is in the bridge…
How looks “ip a” on r2?
possibly I mangled the route table…
I rebooted,
ip route show
command:root@bpi-r2:~# ip route show
default via XYZ.ABC.DEF.209 dev wan
XYZ.ABC.DEF.208/28 dev wan proto kernel scope link src XYZ.ABC.DEF.218
192.168.10.0/24 dev ap0 proto kernel scope link src 192.168.10.1
192.168.40.0/24 dev br0 proto kernel scope link src 192.168.40.1
ip a
command:root@bpi-r2:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
inet6 fe80::2:2ff:fe02:202/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fe:cc:99:08:3f:ca brd ff:ff:ff:ff:ff:ff
inet6 fe80::fccc:99ff:fe08:3fca/64 scope link
valid_lft forever preferred_lft forever
4: wan@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether fe:cc:99:08:3f:ca brd ff:ff:ff:ff:ff:ff
inet XYZ.ABC.DEF.218/28 brd 255.255.255.255 scope global dynamic wan
valid_lft 2696sec preferred_lft 2696sec
inet6 fe80::fccc:99ff:fe08:3fca/64 scope link
valid_lft forever preferred_lft forever
5: lan0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
6: lan1@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
7: lan2@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
8: lan3@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
9: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.40.1/24 brd 192.168.40.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::2:2ff:fe02:202/64 scope link
valid_lft forever preferred_lft forever
10: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:08:22:f2:11:fc brd ff:ff:ff:ff:ff:ff
11: ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 02:08:22:f2:11:fc brd ff:ff:ff:ff:ff:ff
inet 192.168.10.1/24 scope global ap0
valid_lft forever preferred_lft forever
inet6 fe80::8:22ff:fef2:11fc/64 scope link
valid_lft forever preferred_lft forever
/etc/dnsmasq.d/interfaces
:interface=wlan1 # not sure that is needed because I have nothing for eth0
interface=ap0
interface=br0
# DHCP-Server not active for Interface
#dhcp-authoritative
dhcp-range=br0,192.168.40.100,192.168.40.150,255.255.255.0,48h
dhcp-option=br0,3,192.168.40.10
dhcp-range=ap0,192.168.10.100,192.168.10.150,255.255.255.0,48h
dhcp-option=ap0,3,192.168.10.1
dhcp-range=wlan1,192.168.11.100,192.168.11.150,255.255.255.0,48h
dhcp-option=wlan1,3,192.168.11.1
# note: above I have wlan1 but nothing about eth0
/etc/network/interfaces
:# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
pre-up ip link set $IFACE up
post-down ip link set $IFACE down
auto eth1
iface eth1 inet manual
pre-up ip link set $IFACE up
post-down ip link set $IFACE down
auto wan
auto lan0
iface lan0 inet manual
auto lan1
iface lan1 inet manual
auto lan2
iface lan2 inet manual
auto lan3
iface lan3 inet manual
auto br0
iface br0 inet static
address 192.168.40.1
netmask 255.255.255.0
bridge_ports lan0 lan1 lan2 lan3
bridge_fd 5
bridge_stp no
source-directory /etc/network/interfaces.d
should be this:
default route have to be r2’s address inside same subnet as client…br0-adress
IT WORK!
Ein großes Dankeschön frank-w!
you are the man!
I will give you some news about what I’m going to do with the r2 (and share the docs)
Hello,
BPI-R2 not booting on sd card with the bpi-r2-buster.img image. I flash the card with the command : dd bs=4M if=bpi-r2-buster.img of=/dev/sdb conv=fsync I tried several images but Ubuntu is the only one that worked for me. (2018-03-29-ubuntu-16.04-mate-desktop-bpi-r2-sd-emmc.img)
Is there anything else to do to make it work?
Thank you
Make sure boot-switch above microsd slot is set to sd…else it will try to boot emmc and only if it founds no prelpader there it tries sd-card
Or it can be hardware incompatibilty if you use different card vendors
If this is not the issue i need more info’s like boot log
You see partitions BPI-BOOT/ROOT on the sdcard?
I retry to flash the sd card and now BPI-R2 boot normally Thank you
If anyone is stumbling over this error on bootup:
FAILED to start Load kernel modules
Try moving this file to right directory
mv /etc/modules-load.d/cryptodev.conf /etc/modprobe.d/
It was wrong in my build.sh…have fixed it in 5.4-merged