RADIUSdesk

logo
Trace: 20_install_ubuntu_freeradius_3 openwrt-wan-network

This is an old revision of the document!

Table of Contents

wan_network file

Background

  • When central management for the device is enabled, the device will try to reach the controller using various means.
  • OpenWrt uses config files located under the /etc/config directory to configure the device accordingly.
  • The network file is used to define the network configuration of the device.
  • Since we can run the MESHdesk package on basically any device that can run OpenWrt we need to adopt the means to reach the controller so it will work on the specific device.
  • Some devices for instance might only have one ethernet port.
  • Others might have more Ethernet ports where a certain amount is grouped together and used as the LAN side and typically a single one assigned to the WAN port.
  • For this we create the /etc/MESHdesk/configs/wan_network file.
  • This file needs to be unique to the specific device the MESHdesk package is included on.
  • This file will be used during startup to replace the /etc/config/network file in order to enable the device to reach the controller.
  • The file will also be changed after the device receives its final configuration from the controller (or fallback to last known good configuration if the controller can't be reached)
  • The unique part of the configuration of wan_network involves the Ethernet port configuration and devices with can be grouped into three types.
    1. Devices with standard eth0 and or eth1 ports. (This is typically Atheros based hardware)
    2. Devices with a single eth0 port combined with swconfig to create VLANs to split the physical ports on the device up. (This is typically older Mediatek based hardware)
    3. New DSA style config using names like wan, lan1, lan2 lan3 etc. (This it typically newer Mediatek devices)

Next we will unpack samples of each of these types.

When looking at these sample files keep in mind that our aim is to use the device called br-lan as a bridge but instead of having the lan ports as part of br-lan we configure it so the wan port is part of it instead.

Devices with standard eth0 and or eth1 ports

  • These include most Atheros as well as IPQ based devices.
  • Lets look at the GL iNet AR300M's wan_network file.
wan_network
config interface 'loopback'
    option device 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'
 
config device
    option name 'br-lan'
    option type 'bridge'
    list ports 'eth1'
 
config interface 'lan'
    option device 'br-lan'
    option proto 'dhcp'
 
config interface 'client_0'
    option proto 'dhcp'
 
config interface 'client_1'
    option proto 'dhcp'
 
  • We swapped eth0 and eth1 as ports of br-lan. Plain and simple.
  • Devices with a single port will not need any swapping since there are only one port available.

Devices which uses swconfig

  • This is typically older Mediatek based devices (MT7620 / 7628 etc)
  • Lets look and the files from a Xiaomi 4A 110M
  • Refer to the default /etc/config/network file.
network
config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'
 
config globals 'globals'
	option ula_prefix 'auto'
 
config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0.1'
 
config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
 
config device
	option name 'eth0.2'
	option macaddr '9c:9d:7e:f6:22:1c'
 
config interface 'wan'
	option device 'eth0.2'
	option proto 'dhcp'
 
config interface 'wan6'
	option device 'eth0.2'
	option proto 'dhcpv6'
 
config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'
 
config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '4 2 6t'
 
config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0 6t'
  • Next look at the /etc/MESHdesk/configs/wan_network file that is derived from it.
wan_network
config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'
 
config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0.1'
 
config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'
 
config interface 'client_0'
    option proto 'dhcp'
 
config interface 'client_1'
    option proto 'dhcp'
 
config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'
 
config switch_vlan
    option device 'switch0'
    option vlan '1'
    option ports '0 6t'
 
config switch_vlan
    option device 'switch0'
    option vlan '2'
    option ports '4 2 6t'
  • We took the switch config sections from /etc/config/network and simply swapped vlan nr 1 and vlan nr 2 around.
  • This means that eth0.1 is now on the WAN port.
  • client_0 and client_1 interface sections can always be kept as is.
  • lan interface section is in actuality the WAN port. (This is so that we can support hardware with a single Ethernet port and to do complex bridge configurations should we need to)

DSA enabled devices

  • These include newer Mediatek based devices like those using the MT7621 chipset.
  • This time the Xiaomi 4A Gigabit Edition. This board does not have any switch sections and is much simpler.
wan_network
config interface 'loopback'
    option device 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'
 
config device
    option name 'br-lan'
    option type 'bridge'
    list ports 'wan'
 
config interface 'lan'
    option device 'br-lan'
    option proto 'dhcp'
 
config interface 'client_0'
    option proto 'dhcp'
 
config interface 'client_1'
    option proto 'dhcp'
 
  • Here you can see there is no switch sections and we added the wan port to br-lan. Plain and simple.
Last modified: 2022/09/17 21:57