From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-vc0-x231.google.com (mail-vc0-x231.google.com [IPv6:2607:f8b0:400c:c03::231]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id B1D4421F1DB for ; Mon, 24 Feb 2014 03:35:24 -0800 (PST) Received: by mail-vc0-f177.google.com with SMTP id if11so5616848vcb.36 for ; Mon, 24 Feb 2014 03:35:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=TLm1wyOQQT9c9xXFqpaXjxkI/lKWxXNMC7FVOERVBPk=; b=ybjNvua4y/js8HnUWpCz0q/M7FqJgPXX+OwU8jylIbKNcyg0d2GRaPI2dP3sOikEwh IX+MGO5ESVOyVBjsBksWqL84J+APQKnr+u+GWgv8WPK77YmqvsYey8NU3aGhf4liN9wz X5UK1v9JoEYLhGLALib+mQBbjMj1MvUKu3uQKCR7IN1NAUy8J5ncMC6KAJH802W73fvO FIdHIgB0aAr7kY3DfC0NG+vVMu/kcYafo1KIiuJPpyh/fdvB5tZS09mVGO/aq/skLz16 GSWfJDZvX0SqqWK29B6WHA+gYbXtC6XiIFJqpzqR+4YC6yWqMXpGGUAdYmVMCPLoBuvG TgqA== MIME-Version: 1.0 X-Received: by 10.52.110.166 with SMTP id ib6mr9731670vdb.47.1393241723432; Mon, 24 Feb 2014 03:35:23 -0800 (PST) Sender: c3reszcecc22@gmail.com Received: by 10.220.196.210 with HTTP; Mon, 24 Feb 2014 03:35:23 -0800 (PST) In-Reply-To: <530B2703.3000505@imap.cc> References: <20140223172140.GB24483@lists.bufferbloat.net> <530A4791.8080903@ashtonfam.org> <128185AE-918F-4944-BB45-B5D20A1AD1E5@gmx.de> <530B1C8C.90100@imap.cc> <530B2703.3000505@imap.cc> Date: Mon, 24 Feb 2014 12:35:23 +0100 X-Google-Sender-Auth: 7TVqZQCm1rGK8yZoY81OktFVXKM Message-ID: From: Vincent Frentzel To: Fred Stratton Content-Type: multipart/alternative; boundary=bcaec54861a402f20c04f3255eb1 Cc: cerowrt-devel@lists.bufferbloat.net Subject: Re: [Cerowrt-devel] saner defaults for config/firewall X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Feb 2014 11:35:25 -0000 --bcaec54861a402f20c04f3255eb1 Content-Type: text/plain; charset=UTF-8 I am familiar with that command :) Was wondering if there was something I could do when I cannot ssh into the router. As mentioned above, when trying to configure the bridge I hit a point where I could nt get in the router anymore. I understand the design decisions of the project and far from me the idea of challenging them :) I was simply trying to provide an alternative config with a standard bridge ethernet + wifi for reference. I believe that in the case mentioned by Sebastian (multiple, mobile, devices accessing resources across segments) bridging is a simple way forward. In my particular case, correct route propagation is a problem on IPV6 (im not running babel) and I have only 2 wifi clients... Bridging has never shown any perf issues in the past so I 'd like to switch back to this simpler setup. I can picture that this might not fit the bill for more intensive use cases. On Mon, Feb 24, 2014 at 12:03 PM, Fred Stratton wrote: > So much for memory > > mtd -r erase rootfs_data > > is the correct invocation. > > > > On 24/02/14 10:18, Fred Stratton wrote: > > I suggest you read the cero wiki. This details the original design > decisions. On the router, > > ssh in, and use > > mtd -r erase fs_data > > to recover to defaults. See > > http://wiki.openwrt.org/doc/techref/mtd > > If you ever have used BB daily builds, you can type this in your sleep. > > > > > On 24/02/14 10:05, Vincent Frentzel wrote: > > > > >> I could be totally out for lunch here, but shouldn't that be se00 >> (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter >> "ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you post >> both of these (so the result of calling ifconfig on a terminal on the >> router and the content of /etc/config/network ;), I am sure you know what I >> meant, just dying to be verbose for the sake of people stumbling over the >> archive of the mailing list) >> > > > Hi Sebastian, > > Understood. I will come back to you with the ifconfig. > > For info, I did try both se00 and eth0.1. The reason I stuck with eth0.1 > was that barrier breaker usually uses eth0.1 for br-lan with vlan enabled > (eth0.1 appears in Luci in cerowrt). So in cero I just reenabled the vlan > and used a type "bridge" on the network section (I renamed this section > se99 instead of se00). > > I then added se99 it to the "lan" zone of the firewall. In the wireless > config I specified network as "se99" instead of sw10 and sw00. I confirmed > that the setup was correct in the web interface where eth0.1 sw00 and sw10 > appeared under the new bridged interface ( there was the nice icon with the > iface in brackets). > > I went on to modify the dhcp config of se00 and changed se00 occurences > for se99 and commented out entries for sw10/sw00. --> this would give me > dhcp running on my new bridge. > > After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with > interface se99. (I was expecting to see br-se99 but maybe that file is > alias aware, could be wrong here). > > After a network restart I lost connectivity on cable. Wireless was > working. > > I played a tad more and eventually lost wifi as well and had to reflash > the router via tftp/factory image (maybe there is a reset trick you could > give me to avoid this step). > > Are you running cerowrt in bridge mode? If yes could you share your > network/firewall/dhcp config? Is there another file I should have edited > and missed? > > Cheers, > V > > > _______________________________________________ > Cerowrt-devel mailing listCerowrt-devel@lists.bufferbloat.nethttps://lists.bufferbloat.net/listinfo/cerowrt-devel > > > > > _______________________________________________ > Cerowrt-devel mailing listCerowrt-devel@lists.bufferbloat.nethttps://lists.bufferbloat.net/listinfo/cerowrt-devel > > > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > --bcaec54861a402f20c04f3255eb1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I am familiar with that command :) Was wondering= if there was something I could do when I cannot ssh into the router. As me= ntioned above, when trying to configure the bridge I hit a point where I co= uld nt get in the router anymore.

I understand the design decisions of the project and far from me = the idea of challenging them :) I was simply trying to provide an alternati= ve config with a standard bridge ethernet + wifi for reference. I believe t= hat in the case mentioned by Sebastian (multiple, mobile, devices accessing= resources across segments) bridging is a simple way forward.

In my particular case, correct route propagation is a problem on = IPV6 (im not running babel) and I have only 2 wifi clients... Bridging has = never shown any perf issues in the past so I 'd like to switch back to = this simpler setup. I can picture that this might not fit the bill for more= intensive use cases.


On Mon,= Feb 24, 2014 at 12:03 PM, Fred Stratton <fredstratton@imap.cc><= /span> wrote:
=20 =20 =20
So much for memory

mtd -r erase rootfs_data

is the correct invocation.



On 24/02/14 10:18, Fred Stratton wrote:
=20 I suggest you read the cero wiki. This details the original design decisions. On the router,

ssh in, and use

mtd -r erase fs_data

to recover to defaults. See

http://wiki.openwrt.org/doc/techref/mtd

If you ever have used=C2=A0 BB daily builds, you can type this in you= r sleep.




On 24/02/14 10:05, Vincent Frentzel wrote:



=C2=A0 =C2=A0 =C2=A0 =C2=A0 I could be totally out for lunc= h here, but shouldn't that be se00 (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter "ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you post both of these (so the result of calling ifconfig on a terminal on the router and the content of /etc/config/network ;), I am sure you know what I meant, just dying to be verbose for the sake of people stumbling over the archive of the mailing list)


Hi Sebastian,

Understood. I will come back to you with the ifconfig.

For info, I did try both se00 and eth0.1. The reason I stuck with eth0.1 was that barrier breaker usually uses eth0.1 for br-lan with vlan enabled (eth0.1 appears in Luci in cerowrt). So in cero I just reenabled the vlan and used a type "bridge" on the network sect= ion (I renamed this section se99 instead of se00).

I then added se99 it to the "lan" zone of the fir= ewall. In the wireless config I specified network as "se99&qu= ot; instead of sw10 and sw00. I confirmed that the setup was correct in the web interface where eth0.1 sw00 and sw10 appeared under the new bridged interface ( there was the nice icon with the iface in brackets).

I went on to modify the dhcp config of se00 and changed se00 occurences for se99 and commented out entries for sw10/sw00. --> this would give me dhcp running on my new bridge.

After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with interface se99. (I was expecting to see br-se99 but maybe that file is alias aware, could be wrong here).

After a network restart I lost connectivity on cable. Wireless was working.

I played a tad more and eventually lost wifi as well and had to reflash the router via tftp/factory image (maybe there is a reset trick you could give me to avoid this step).

Are you running cerowrt in bridge mode? If yes could you share your network/firewall/dhcp config? Is there another file I should have edited and missed?

Cheers,
V


_______________________________________________
Cerowrt-devel mailing list
Ce=
rowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel




_______________________________________________
Cerowrt-devel mailing list
Ce=
rowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel


_______________________________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel


--bcaec54861a402f20c04f3255eb1--