[BPI-R2 new image] debian 10 buster image with Kernel 4.19.62

as i’ve wrote above, do NOT bridge the wifi-device with anything else, and if you using access-point you have to use ap0 and not wlanx

use routing instead

and not configuring the gmacs (eth0/1), only put them up

you mean do that:

root@bpi-r2:~# brctl addif br0 ap0

root@bpi-r2:~# brctl addif br0 wan

root@bpi-r2:~# ip link set br0 up

root@bpi-r2:~# brctl show br0

bridge name bridge id STP enabled interfaces

br0 8000.020822fe5afc no ap0

. . . . . . . . . . . . . . . . . . . . . wan

I tried that too, but all my devices fail to obtaining any ip address

I don’ t know what is gmacs, if you are talking about mac address, I don’ t have touched that

that what I don’t know how to do

no…not bridging anything (only lanX)

gmacs are the interfaces eth0 and eth1 (if kernel has wan + lanX), these are the connections between SOC (mt7623) and Switch (mt7530), they are not connected to outside and so they don’t need any IP-config

for routing you only need to give your interfaces an IP-Address (separate subnet) and enable routing

https://wiki.fw-web.de/doku.php?id=en:bpi-r2:network:start#routing

only special thing is if you have another router and you want to access clients from it through r2

existing router -> (wan) r2 (lan) -> client

then your existing router does not know subnet you use on r2’s lan-ports, so you need a static route here

it work! thx a lot, I can’ t say I understand everything I did to make the routing working:

ipt=/sbin/iptables
if_wan=wan
${ipt} -t nat -A POSTROUTING -o ${if_wan} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

then I executed wifi.sh my devices can connect to the AP and have internet access.

not the case thx. you really made a great work with that debian image. There is a way to make a little donation to you ?

Best donation is help me getting things to work :slight_smile: testing different things,make reproducable reportings and try to fix

PLEASE DO NOT FOLLOW WHAT I DID HERE, FOR SOME REASON I RAN TO ISSUE, BUT KEEP READING.

Hi frank-w, I finished to configure the whole ethernet/wifi/access-point for my bpi r-2. Here is my summary:

  • yellow is the cable connected to a modem (not a router)
  • the blue is some cable to other device
  • the black is the access point
    • (for the access-point I use your scripts)

I bridged both eth0 and eth1 together,

  • following the complete /etc/network/interfaces,
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
  pre-up ip link set $IFACE up
  post-down ip link set $IFACE down

auto eth1
iface eth1 inet manual
  pre-up ip link set $IFACE up
  post-down ip link set $IFACE down

auto wan
iface wan inet manual
auto lan0
iface lan0 inet manual
auto lan1
iface lan1 inet manual
auto lan2
iface lan2 inet manual
auto lan3
iface lan3 inet manual

auto br0
iface br0 inet static
    address 192.168.40.1
    netmask 255.255.255.0
    bridge_ports wan lan0 lan1 lan2 lan3
    bridge_fd 5
    bridge_stp no


source-directory /etc/network/interfaces.d
  • following the complete /etc/dnsmasq.d/interfaces.conf,
interface=wlan1
interface=ap0

no-dhcp-interface=eth0
no-dhcp-interface=eth1

dhcp-range=ap0,192.168.10.100,192.168.10.150,255.255.255.0,48h
dhcp-option=ap0,3,192.168.10.1
dhcp-range=wlan1,192.168.11.100,192.168.11.150,255.255.255.0,48h
dhcp-option=wlan1,3,192.168.11.1
  • following the complete start.sh script I run at boot,
#!/bin/bash
ipt=/sbin/iptables
if_wan=wan
${ipt} -t nat -A POSTROUTING -o ${if_wan} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

wifi.sh

dhclient

feel free to add it to your wiki as an example for your debian image. I will redo the whole configuration from scratch to figure if something missing

Why? Btw. Bridging wan and lan together is a very bad idea when directly connected to internet…

And you need a firewall :slight_smile: nat is not for security

hi, it doesn’ t work anymore… I do not undertand… I got the blue plugged to lan0 and yellow to wan and got internet to the PC connected using the blue cable… no I just don’ t understand… I’ m back at the steps where I can connect internet using the the ap only…

because I want to forward internet (wan) to lanX… but anyway, as said it doesn’ t work anymore :frowning_face: if you can tell me how to do it, otherwise I start to lack of idea about how to fix that…

Do only bridge lan-ports…not wan, not ethX

First test is if you got internet on r2 itself…then on client,if on r2 works and not on client,try to ping r2 from client,then traceroute/tracert.

ok

yes I can ping 8.8.8.8

  • I can ping two machines connected at br0 (lanX only)
  • I can ping two machines connecter at ap0
  • ping failed when try between a machine connected at br0 to another one connecter at ap0
  • I can ping internet from any machine connected to ap0
  • ping internet failed when I try from any machine connected to br0

traceroute results:

  • from ap0,
[user@motorhead ~]$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  _gateway (192.168.10.1)  1.707 ms  1.741 ms  2.182 ms
 2  * * *
 3  10.170.192.53 (10.170.192.53)  39.722 ms  39.647 ms  39.944 ms
 4  135.0.255.17 (135.0.255.17)  39.663 ms 135.0.255.5 (135.0.255.5)  39.879 ms  38.959 ms
 5  te0-0-1-0.nr11.b029490-1.ymq02.atlas.cogentco.com (38.104.154.105)  40.502 ms  39.896 ms  39.871 ms
 6  te0-0-2-2.agr11.ymq02.atlas.cogentco.com (154.24.16.53)  40.697 ms te0-0-2-2.agr12.ymq02.atlas.cogentco.com (154.24.16.57)  32.577 ms te0-0-2-2.agr11.ymq02.atlas.cogentco.com (154.24.16.53)  27.217 ms
 7  be3381.rcr21.ymq02.atlas.cogentco.com (154.54.41.221)  27.115 ms  27.064 ms  27.015 ms
 8  tata.ymq02.atlas.cogentco.com (154.54.10.206)  23.460 ms  31.679 ms  30.983 ms
 9  209.85.149.230 (209.85.149.230)  32.247 ms  32.207 ms  32.143 ms
10  108.170.251.49 (108.170.251.49)  32.066 ms  31.957 ms 108.170.251.1 (108.170.251.1)  31.954 ms
11  108.170.231.61 (108.170.231.61)  32.733 ms 108.170.231.63 (108.170.231.63)  32.693 ms 108.170.231.65 (108.170.231.65)  11.397 ms
12  dns.google (8.8.8.8)  15.495 ms  24.930 ms  24.197 ms

Then I disconnected from ap0 and connect to br0

  • from br0,
user@motorhead ~]$ traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  motorhead.local (192.168.40.132)  3034.332 ms !H  3034.232 ms !H  3034.178 ms !H

note: I did the tests with different laptops, you see motorhead was used here to make easy to copy+paste…

does that talk to you? coz I’ m lost…

r2 pingable from br0-client? Have you a default-route on your clients (dhcp?)? As you ping ip it is no dns-problem

yes I can pin R2 from br0-client. I can also ssh to it

  • form br0-client:
[user@motorhead ~]$ ip route # client ip is 192.168.40.132
default via 192.168.40.10 dev enp0s25 proto dhcp metric 20100
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.40.0/24 dev enp0s25 proto kernel scope link src 192.168.40.132 metric 100
  • from ap0-client:
[user@satyricon ~]$ ip route # client ip is 192.168.10.125
default via 192.168.10.1 dev wlp3s0 proto dhcp metric 600 
192.168.10.0/24 dev wlp3s0 proto kernel scope link src 192.168.10.125 metric 600

from r2 itself:

root@bpi-r2:~# ip route
default via x.0.x.113 dev wan 
x.0.x.112/28 dev wan proto kernel scope link src x.0.x.117 
x.0.x.112/28 dev br0 proto kernel scope link src x.0.x.115 
x.0.x.112/28 dev lan0 proto kernel scope link src x.0.x.115 
192.168.10.0/24 dev ap0 proto kernel scope link src 192.168.10.1 
192.168.40.0/24 via 192.168.40.1 dev br0

note: about R2’s routing table, I don’t have experience of dealing with that, but I have the feeling the problem comes from here, I tried a lot ip route add so if there is anything which look weird it may be because of me…

Are first 3 entries of r2 routing table same subnet (they should not).else i wonder about entry with lan0 i expect this is in the bridge…

How looks “ip a” on r2?

possibly I mangled the route table…

I rebooted,

  • here the result for the ip route show command:
root@bpi-r2:~# ip route show
default via XYZ.ABC.DEF.209 dev wan 
XYZ.ABC.DEF.208/28 dev wan proto kernel scope link src XYZ.ABC.DEF.218 
192.168.10.0/24 dev ap0 proto kernel scope link src 192.168.10.1 
192.168.40.0/24 dev br0 proto kernel scope link src 192.168.40.1 
  • here the result for ip a command:
root@bpi-r2:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::2:2ff:fe02:202/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fe:cc:99:08:3f:ca brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fccc:99ff:fe08:3fca/64 scope link 
       valid_lft forever preferred_lft forever
4: wan@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether fe:cc:99:08:3f:ca brd ff:ff:ff:ff:ff:ff
    inet XYZ.ABC.DEF.218/28 brd 255.255.255.255 scope global dynamic wan
       valid_lft 2696sec preferred_lft 2696sec
    inet6 fe80::fccc:99ff:fe08:3fca/64 scope link 
       valid_lft forever preferred_lft forever
5: lan0@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
6: lan1@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
7: lan2@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
8: lan3@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br0 state LOWERLAYERDOWN group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
9: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 02:02:02:02:02:02 brd ff:ff:ff:ff:ff:ff
    inet 192.168.40.1/24 brd 192.168.40.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::2:2ff:fe02:202/64 scope link 
       valid_lft forever preferred_lft forever
10: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:08:22:f2:11:fc brd ff:ff:ff:ff:ff:ff
11: ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 02:08:22:f2:11:fc brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.1/24 scope global ap0
       valid_lft forever preferred_lft forever
    inet6 fe80::8:22ff:fef2:11fc/64 scope link 
       valid_lft forever preferred_lft forever
  • my current /etc/dnsmasq.d/interfaces:
interface=wlan1 # not sure that is needed because I have nothing for eth0
interface=ap0
interface=br0

# DHCP-Server not active for Interface

#dhcp-authoritative
dhcp-range=br0,192.168.40.100,192.168.40.150,255.255.255.0,48h
dhcp-option=br0,3,192.168.40.10
dhcp-range=ap0,192.168.10.100,192.168.10.150,255.255.255.0,48h
dhcp-option=ap0,3,192.168.10.1
dhcp-range=wlan1,192.168.11.100,192.168.11.150,255.255.255.0,48h
dhcp-option=wlan1,3,192.168.11.1
# note: above I have wlan1 but nothing about eth0
  • my current /etc/network/interfaces:
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
  pre-up ip link set $IFACE up
  post-down ip link set $IFACE down

auto eth1
iface eth1 inet manual
  pre-up ip link set $IFACE up
  post-down ip link set $IFACE down

auto wan

auto lan0
iface lan0 inet manual
auto lan1
iface lan1 inet manual
auto lan2
iface lan2 inet manual
auto lan3
iface lan3 inet manual

auto br0
iface br0 inet static
    address 192.168.40.1
    netmask 255.255.255.0
    bridge_ports lan0 lan1 lan2 lan3
    bridge_fd 5
    bridge_stp no

source-directory /etc/network/interfaces.d

should be this:

default route have to be r2’s address inside same subnet as client…br0-adress

1 Like

IT WORK!

:pray: Ein großes Dankeschön frank-w!

you are the man!

I will give you some news about what I’m going to do with the r2 (and share the docs)

Hello,

BPI-R2 not booting on sd card with the bpi-r2-buster.img image. I flash the card with the command : dd bs=4M if=bpi-r2-buster.img of=/dev/sdb conv=fsync I tried several images but Ubuntu is the only one that worked for me. (2018-03-29-ubuntu-16.04-mate-desktop-bpi-r2-sd-emmc.img)

Is there anything else to do to make it work?

Thank you

Make sure boot-switch above microsd slot is set to sd…else it will try to boot emmc and only if it founds no prelpader there it tries sd-card

Or it can be hardware incompatibilty if you use different card vendors

If this is not the issue i need more info’s like boot log

You see partitions BPI-BOOT/ROOT on the sdcard?

I retry to flash the sd card and now BPI-R2 boot normally Thank you

If anyone is stumbling over this error on bootup:

FAILED to start Load kernel modules

Try moving this file to right directory

mv /etc/modules-load.d/cryptodev.conf /etc/modprobe.d/

It was wrong in my build.sh…have fixed it in 5.4-merged