From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <richb.hanover@gmail.com>
Received: from mail-qg0-x22e.google.com (mail-qg0-x22e.google.com
	[IPv6:2607:f8b0:400d:c04::22e])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(Client CN "smtp.gmail.com",
	Issuer "Google Internet Authority G2" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id BA18E21F31B
	for <cerowrt-devel@lists.bufferbloat.net>;
	Thu, 12 Mar 2015 09:43:40 -0700 (PDT)
Received: by qgdz107 with SMTP id z107so19518755qgd.3
	for <cerowrt-devel@lists.bufferbloat.net>;
	Thu, 12 Mar 2015 09:43:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=content-type:mime-version:subject:from:in-reply-to:date:cc
	:message-id:references:to;
	bh=WktdLMMsG0of/qhHXGxwxKOLqwA7XD/igFBj8iDxsuM=;
	b=IIAm62uYYhCz+/NYNFpJw9xxAaAyAitA5cv7q60PrtdRe3NAayAymL8+5f5CnMFLXZ
	Krb192HaoXlCSrevKxZg7HRrIKkflCktCK5dKBxuBB2VEDt/wFtZF2MiWwucHfXWeUU9
	/IyodWPvl0aF6j+L8D0Nm/HGdeSzyDTtKv2m0pSD4wm3O+Gti2RnE5NZMXARODXHKsGv
	Vmgm+zzQuH3KWPp5jLfjJErcTJT4NxVbut7YjqkdXCLUtlQkBLdjnb0eyCsZJ9FmHzPX
	4UeyQ6GR/JPL2/Pqh1yDXJWcypwrhmWZKoYB6i8taRs/LjL2EBX9ZaWUXx/w4HlTUqpX
	/clg==
X-Received: by 10.229.71.72 with SMTP id g8mr14406038qcj.25.1426178619167;
	Thu, 12 Mar 2015 09:43:39 -0700 (PDT)
Received: from richs-mbp-10249.lan
	(pool-71-173-64-230.ptldme.east.myfairpoint.net. [71.173.64.230])
	by mx.google.com with ESMTPSA id
	w186sm5078919qkw.27.2015.03.12.09.43.37
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Thu, 12 Mar 2015 09:43:38 -0700 (PDT)
Content-Type: multipart/signed;
	boundary="Apple-Mail=_4ED14437-15FD-4358-AD42-2B70A97A6963";
	protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Rich Brown <richb.hanover@gmail.com>
In-Reply-To: <7DFEBF4E-513B-4F41-B559-46BC9857AB40@gmail.com>
Date: Thu, 12 Mar 2015 12:43:35 -0400
Message-Id: <ED6633E1-849E-4CA2-8B8D-EA7C912568E9@gmail.com>
References: <F5F37AF1-DE4A-44A2-86EE-8E9145EDB587@horow.net>
	<CAA93jw58oFYraEigK7d48dHhB9ooH=yVGx1SMw_iUsNLjeJMLA@mail.gmail.com>
	<alpine.DEB.2.02.1502271806250.20700@nftneq.ynat.uz>
	<CAA93jw49Ca7f-HLq8QZRq-Y0WN2aM05gXsxGpK12boBFdaE3uA@mail.gmail.com>
	<alpine.DEB.2.02.1502271950210.18183@nftneq.ynat.uz>
	<7DFEBF4E-513B-4F41-B559-46BC9857AB40@gmail.com>
To: "Richard E. Brown" <richb.hanover@gmail.com>
X-Mailer: Apple Mail (2.1878.6)
Cc: cerowrt-devel <cerowrt-devel@lists.bufferbloat.net>
Subject: Re: [Cerowrt-devel] CeroWrt bits not in OpenWrt (renamed thread)
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Thu, 12 Mar 2015 16:44:09 -0000


--Apple-Mail=_4ED14437-15FD-4358-AD42-2B70A97A6963
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

We're espousing the proposition that OpenWrt BB and later is a worthy =
successor to our beloved - and wicked reliable - CeroWrt 3.10.50-1. =
(See, for example, "CeroWrt Triumphs over Bufferbloat" at =
http://www.bufferbloat.net/news/ )=20

I just tried this out myself, and the initial experience isn't =
good/well-documented/easy enough for ordinary people who want it to =
"just work".

I snagged a TP-Link Archer C7 for $89 on Amazon (so I'd be working with =
a router that has a little more availability), and installed BB 14.07. I =
configured it as a secondary router (DHCP on the WAN port). So far, so =
good - it seems to pass packets, etc.

But a lot of the "special sauce" of CeroWrt seems to be missing. =
Specifically:

- BB seems to have bloat, and I don't understand how to install and =
configure the QoS/SQM scripts. (And is there a Luci GUI?)

- It's slick to have Guest and Secure networks

- I miss mDNS naming

- I haven't tried it, but would want to have smooth instructions for =
native IPv6 and/or IPV6 tunneling

I'm (personally) less concerned about these facilities, but would love =
to document how to make them work out of the box:

- Routing the interfaces instead of bridging them
- Babel mesh routing
- DNSSEC

 I'm willing to write up and publish the details. I'll also create a =
script similar to the ones in /usr/lib/CeroWrtScripts so it's easy to =
make the changes systematically. But I'd like hints for what is required =
to make these configuration changes. Many thanks.

Rich


On Feb 28, 2015, at 10:25 AM, Rich Brown <richb.hanover@gmail.com> =
wrote:

> Folks,
>=20
> Two thoughts:
>=20
> 1) I'm renaming this thread so that it is easily found in the archives =
(it was "Just FYI: WNDR3700 (v2???) refurbs available on Amazon for =
USD49.99")
>=20
> 2) I've been maintaining the CeroWrtScripts =
(https://github.com/richb-hanover/CeroWrtScripts) that has a shell =
script to set lots of the parameters of CeroWrt into a consistent state. =
To the extent that the capabilities below are simple config changes, we =
can use this script as a base for converting "Stock OpenWrt" into =
something more CeroWrt-like.
>=20
> Best,
>=20
> Rich
>=20
> On Feb 27, 2015, at 11:44 PM, David Lang <david@lang.hm> wrote:
>=20
>> On Fri, 27 Feb 2015, Dave Taht wrote:
>>=20
>>>> you may have posted this and I'm just not remembering, but do you =
have a
>>>> list of what's in CeroWRT that OpenWRT won't take upstream (and any =
info on
>>>> why they won't take the items)?
>>>>=20
>>>> Daivd Lang
>>=20
>> trying to break this down by what's a config policy vs what's code =
(or significant config logic)
>>=20
>>> * Unbridged interfaces - routing only
>>=20
>> simple config
>>=20
>>> * Device Naming by function rather than type
>>=20
>> is this code or just a set of config settings?
>>=20
>>> * More open to ipv6 firewall
>>=20
>> is this just default settings?
>>=20
>>> * Firewall using device pattern matching to avoid O(n) complexities =
in
>>> firewall rules
>>=20
>> This sounds like default settings.
>>=20
>>> * Babels on and preconfigured by default
>>=20
>> any code here? or is just that it's there by default?
>>=20
>>> * Oddball IP address range and /27 subnets
>>=20
>> simple config
>>=20
>>> * Polipo Web proxy
>>=20
>> is this just a different default than upstream?
>>=20
>>> * Samba by default
>>=20
>> simple config
>>=20
>>> * Faster web server
>>=20
>> just a different default?
>>=20
>>> * Weird port for the configuration web server
>>=20
>> simple default
>>=20
>>> * Pre-enabled wifi and wifi mesh interfaces
>>=20
>> different defaults
>>=20
>>> * Huge amount of alternate qdiscs (like pie, ns2_codel, cake, cake2, =
etc)
>>=20
>> any custom code here or is this just different kernel config options =
being turned on?
>>=20
>>> And:
>>>=20
>>> A build that includes all these things by default.
>>=20
>> The vast majority of these seem to be config selections rather then =
code. Which shows a huge amount of progress from the early days.
>>=20
>> There seem to be a couple policy points that are worth trying to =
fight to get upstream
>>=20
>> 1. Device Naming by function
>>=20
>> 2. Firewall rules by device pattern matching.
>>=20
>> 3. pre-enabled wifi and mesh interfaces
>>=20
>> 4. Samba default (see the recent discussion of common authentication)
>>=20
>> 5. possibly the web proxy
>>=20
>> Things that are probably not worth fighting for
>>=20
>> 1. a build that includes all of this by default
>>=20
>> 2. all the alternate qdiscs enabled by default
>>=20
>> 3. weird port for the config web server
>>=20
>> 4. oddball IP ranges, /27 subnets, bables, and routing between =
interfaces by default. (This is an approach that is perfect for the =
"super-duper" builders, although this may just end up being a different =
default config)
>>=20
>> any major disagreements or things I missed?
>>=20
>>=20
>> It hit me as I was finishing this that a couple things may combine =
here.
>>=20
>> By doing device naming by function, firewall rules by device (which =
ends up being by function), it may make it far easier to have alternate =
configs, one for bridging, one for routing, and to have options to =
pre-enable the wifi and mesh interfaces.
>>=20
>> Thoughts from those who have been more involved with pushing things =
upstream?
>>=20
>> David Lang
>> _______________________________________________
>> Cerowrt-devel mailing list
>> Cerowrt-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>=20


--Apple-Mail=_4ED14437-15FD-4358-AD42-2B70A97A6963
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQEcBAEBCgAGBQJVAcI4AAoJEH4agC/0z73//uMIAJWxd2UqiCSYrtBBLEaeSPQL
6aMIArAKveHJ9QF/eC2UFhOZHTmLkHrmF7+OLQG5RukZ2/IE0sASOFGWWmCJvgcP
AfrKdFsWI3EJSdXf8oTHBHLv9+YnuGtuDtM4B7xH6vzwujjepTOz7DsQExRHQRHR
QJ2JvFS5rISd6DlgqwfPd87Qb2m/UWMXAPRsJ53z/S4kHpziaAxDmAmU/O3zuVsf
BMpuViu0J9SHUsw9Rjc2BuDvtiqvSQVslZtpEYkJ+z28ECE5EF9IOyYHI/ZRtdN+
WxYRTwt9aDHdYAZn4Jlf5GdnLdcniftT95AO/BPONErspYZt7PjOT0lNjSN8Yic=
=rTla
-----END PGP SIGNATURE-----

--Apple-Mail=_4ED14437-15FD-4358-AD42-2B70A97A6963--