From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <moeller0@gmx.de>
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21])
	(using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(Client CN "mout.gmx.net",
	Issuer "TeleSec ServerPass DE-1" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 28F26202102
	for <cerowrt-devel@lists.bufferbloat.net>;
	Mon, 24 Feb 2014 05:35:50 -0800 (PST)
Received: from u-089-cab204a2.am1.uni-tuebingen.de ([134.2.89.3]) by
	mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id
	0MbOrg-1WaZ2l0pEK-00ImKI for <cerowrt-devel@lists.bufferbloat.net>;
	Mon, 24 Feb 2014 14:35:47 +0100
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Sebastian Moeller <moeller0@gmx.de>
In-Reply-To: <CACCCjEU+OY7qxNy8OqaqiRRDNHdV=q4sb2FW2-YsJGAzsVF2GQ@mail.gmail.com>
Date: Mon, 24 Feb 2014 14:35:48 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <23965348-DC3B-402D-B987-9B6319A07985@gmx.de>
References: <CACCCjEXdFP40pa_4L3gAK8kyCq_Qj2tZF-VEFqNGp9=jS4JpYg@mail.gmail.com>
	<20140223172140.GB24483@lists.bufferbloat.net>
	<530A4791.8080903@ashtonfam.org>
	<CACCCjEXibgeepGo67ZSfx21NwRik8C+5x4Z5J7kroSGY1oPETA@mail.gmail.com>
	<128185AE-918F-4944-BB45-B5D20A1AD1E5@gmx.de>
	<CACCCjEVE+Un+M2vKm=SaHw-7-mPqVCByxZToQX-Xmz43j2YUYg@mail.gmail.com>
	<530B1C8C.90100@imap.cc> <530B2703.3000505@imap.cc>
	<CACCCjEU+OY7qxNy8OqaqiRRDNHdV=q4sb2FW2-YsJGAzsVF2GQ@mail.gmail.com>
To: Vincent Frentzel <zcecc22@c3r.es>
X-Mailer: Apple Mail (2.1510)
X-Provags-ID: V03:K0:aHv3OJrTWBOO/osw3S9QEOSjduxuhYfGjCFRhj3EWEGBBrnRt98
	LwEgWoYsTQr9rpw1dKmw7sH+vX4eLMLwETWhNEbZ8VjjZKVRdq2P0lSp2sXQU9pSxE5Tlhm
	aUl/X1+CztkEh+5KMHXDKN32mZ46xq7bX4nuSBQQz1A4mrPxTDiTLZ9NNvnviXU52xGwgdL
	qCQaoSWaPICHkc/waHWZQ==
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] saner defaults for config/firewall
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 13:35:50 -0000

Hi Vincent,

On Feb 24, 2014, at 12:35 , Vincent Frentzel <zcecc22@c3r.es> wrote:

> I am familiar with that command :) Was wondering if there was =
something I could do when I cannot ssh into the router. As mentioned =
above, when trying to configure the bridge I hit a point where I could =
nt get in the router anymore.
>=20
> I understand the design decisions of the project and far from me the =
idea of challenging them :) I was simply trying to provide an =
alternative config with a standard bridge ethernet + wifi for reference. =
I believe that in the case mentioned by Sebastian (multiple, mobile, =
devices accessing resources across segments) bridging is a simple way =
forward.

	I agree it would be quite valuable to have a nice simple how to =
switch to bridged mode for cerowrt (just as openwrt has one for switch =
to routed mode)

>=20
> In my particular case, correct route propagation is a problem on IPV6 =
(im not running babel) and I have only 2 wifi clients=85

	I have similar issues, as secondary router cerowrt gets a =
working /64 address for itself and ping6 and friend work, and all =
downstream interfaces get valid ip6 addresses from the primary router's =
/56, but none of them gets a working (default-)route (and that only =
after switching ra and dhcp from server to hybrids in /etc/dhcp). Since =
I do not need ip6 for anything yet that is a low priority issue for me =
though (and nothing that would make abandon routing).

best regards
	Sebastian

> Bridging has never shown any perf issues in the past so I 'd like to =
switch back to this simpler setup. I can picture that this might not fit =
the bill for more intensive use cases.
>=20
>=20
> On Mon, Feb 24, 2014 at 12:03 PM, Fred Stratton <fredstratton@imap.cc> =
wrote:
> So much for memory
>=20
> mtd -r erase rootfs_data
>=20
> is the correct invocation.
>=20
>=20
>=20
> On 24/02/14 10:18, Fred Stratton wrote:
>> I suggest you read the cero wiki. This details the original design =
decisions. On the router,
>>=20
>> ssh in, and use
>>=20
>> mtd -r erase fs_data
>>=20
>> to recover to defaults. See=20
>>=20
>> http://wiki.openwrt.org/doc/techref/mtd
>>=20
>> If you ever have used  BB daily builds, you can type this in your =
sleep.
>>=20
>>=20
>>=20
>>=20
>> On 24/02/14 10:05, Vincent Frentzel wrote:
>>>=20
>>>=20
>>>=20
>>>         I could be totally out for lunch here, but shouldn't that be =
se00 (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter =
"ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you =
post both of these (so the result of calling ifconfig on a terminal on =
the router and the content of /etc/config/network ;), I am sure you know =
what I meant, just dying to be verbose for the sake of people stumbling =
over the archive of the mailing list)
>>>=20
>>>=20
>>> Hi Sebastian,
>>>=20
>>> Understood. I will come back to you with the ifconfig.
>>>=20
>>> For info, I did try both se00 and eth0.1. The reason I stuck with =
eth0.1 was that barrier breaker usually uses eth0.1 for br-lan with vlan =
enabled (eth0.1 appears in Luci in cerowrt). So in cero I just reenabled =
the vlan and used a type "bridge" on the network section (I renamed this =
section se99 instead of se00).=20
>>>=20
>>> I then added se99 it to the "lan" zone of the firewall. In the =
wireless config I specified network as "se99" instead of sw10 and sw00. =
I confirmed that the setup was correct in the web interface where eth0.1 =
sw00 and sw10 appeared under the new bridged interface ( there was the =
nice icon with the iface in brackets).
>>>=20
>>> I went on to modify the dhcp config of se00 and changed se00 =
occurences for se99 and commented out entries for sw10/sw00. --> this =
would give me dhcp running on my new bridge.
>>>=20
>>> After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with =
interface se99. (I was expecting to see br-se99 but maybe that file is =
alias aware, could be wrong here).
>>>=20
>>> After a network restart I lost connectivity on cable. Wireless was =
working.
>>>=20
>>> I played a tad more and eventually lost wifi as well and had to =
reflash the router via tftp/factory image (maybe there is a reset trick =
you could give me to avoid this step).
>>>=20
>>> Are you running cerowrt in bridge mode? If yes could you share your =
network/firewall/dhcp config? Is there another file I should have edited =
and missed?
>>>=20
>>> Cheers,
>>> V
>>>=20
>>>=20
>>> _______________________________________________
>>> Cerowrt-devel mailing list
>>>=20
>>> Cerowrt-devel@lists.bufferbloat.net
>>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>=20
>>=20
>>=20
>> _______________________________________________
>> Cerowrt-devel mailing list
>>=20
>> Cerowrt-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>=20
>=20
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>=20
>=20