|
|
@@ -1,3 +1,155 @@
|
|
|
# Installation
|
|
|
- <https://www.tumfatig.net/20200530/openbsd-6-7-on-pc-engines-apu4d4/>
|
|
|
-- <https://hofmeyr.de/OpenBSD%20on%20APU4/>
|
|
|
+- <https://hofmeyr.de/OpenBSD%20on%20APU4/>
|
|
|
+
|
|
|
+# Allgemein
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+# Interfaces
|
|
|
+/etc/hostname.em0
|
|
|
+
|
|
|
+ rdomain 1
|
|
|
+ inet 192.168.2.50 255.255.255.0 # Die statische IP-Adresse im eigenen lokalen Netz
|
|
|
+ inet6 autoconf
|
|
|
+
|
|
|
+/etc/hostname.lo2
|
|
|
+
|
|
|
+ inet 193.43.220.131 255.255.255.255 # Die Public-IP der APU
|
|
|
+
|
|
|
+/etc/hostname.tap1
|
|
|
+
|
|
|
+ inet 192.168.38.1 255.255.255.0 # Die statische IP-Adresse im tap1-Netz (lan)
|
|
|
+
|
|
|
+/etc/hostname.tap2
|
|
|
+
|
|
|
+ inet 193.43.220.163 255.255.255.224 # Die statische IP-Adresse im tap2-Netz (wan)
|
|
|
+
|
|
|
+# Tinc
|
|
|
+
|
|
|
+ etc/tinc/
|
|
|
+ |-- lan
|
|
|
+ | |-- hosts
|
|
|
+ | | |-- apu
|
|
|
+ | | `-- laptop
|
|
|
+ | |-- rsa_key.priv
|
|
|
+ | `-- tinc.conf
|
|
|
+ `-- wan
|
|
|
+ |-- hosts
|
|
|
+ | |-- city
|
|
|
+ | |-- hoerde
|
|
|
+ | `-- nordstadt
|
|
|
+ |-- rsa_key.priv
|
|
|
+ `-- tinc.conf
|
|
|
+
|
|
|
+/etc/tinc/wan/tinc.conf
|
|
|
+
|
|
|
+ Name = city
|
|
|
+ Device = /dev/tap2
|
|
|
+ Mode = switch
|
|
|
+ AddressFamily = ipv4
|
|
|
+ BindToAddress = 192.168.2.50
|
|
|
+ Port = 656
|
|
|
+ ConnectTo = nordstadt
|
|
|
+ ConnectTo = hoerde
|
|
|
+
|
|
|
+Damit beide tinc Instanzen parallel laufen können musste das dazugehörige rc-Skript angepasst werden.
|
|
|
+
|
|
|
+z.B.: /etc/rc.d/tincd_wan
|
|
|
+
|
|
|
+ #!/bin/ksh
|
|
|
+
|
|
|
+ daemon="/usr/local/sbin/tincd"
|
|
|
+ daemon_flags="-U _tinc --chroot --net=wan"
|
|
|
+ daemon_rtable="1"
|
|
|
+
|
|
|
+ . /etc/rc.d/rc.subr
|
|
|
+
|
|
|
+ rc_stop() {
|
|
|
+ /usr/local/sbin/tincd -k --net=wan
|
|
|
+ }
|
|
|
+
|
|
|
+ rc_cmd $1
|
|
|
+
|
|
|
+Analog dazu auch /etc/rc.d/tincd_lan anlegen und beide enablen.
|
|
|
+
|
|
|
+ rcctl enable tincd_wan
|
|
|
+ rcctl enable tincd_lan
|
|
|
+
|
|
|
+# Bird
|
|
|
+
|
|
|
+/etc/bird.conf
|
|
|
+
|
|
|
+ router id 193.43.220.131;
|
|
|
+
|
|
|
+ define AS35675_all = [
|
|
|
+ 193.43.220.0/23
|
|
|
+ ];
|
|
|
+
|
|
|
+ define AS35675_any = [
|
|
|
+ 193.43.220.0/23+
|
|
|
+ ];
|
|
|
+
|
|
|
+ protocol device device0 {
|
|
|
+ scan time 10;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /* wg. BSD: */
|
|
|
+ protocol direct direct0 {
|
|
|
+ ipv4;
|
|
|
+ }
|
|
|
+
|
|
|
+ protocol kernel kernel0 {
|
|
|
+ learn on;
|
|
|
+ scan time 120;
|
|
|
+ ipv4 {
|
|
|
+ import all;
|
|
|
+ export where source != RTS_DEVICE;
|
|
|
+ };
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ ipv4 table fib1table;
|
|
|
+
|
|
|
+ protocol kernel kernel1 {
|
|
|
+ kernel table 1;
|
|
|
+ learn on;
|
|
|
+ scan time 120;
|
|
|
+ ipv4 {
|
|
|
+ table fib1table;
|
|
|
+ import all;
|
|
|
+ export where source != RTS_DEVICE;
|
|
|
+ };
|
|
|
+ }
|
|
|
+
|
|
|
+ protocol static static1 {
|
|
|
+ ipv4 {
|
|
|
+ table fib1table;
|
|
|
+ };
|
|
|
+ route 0.0.0.0/0 via 192.168.2.2;
|
|
|
+ }
|
|
|
+
|
|
|
+ protocol ospf ospfwan {
|
|
|
+ ipv4 {
|
|
|
+ import all;
|
|
|
+ export where net ~ AS35675_any;
|
|
|
+ };
|
|
|
+ area 0.0.0.0 {
|
|
|
+ stubnet 193.43.220.131/32 { cost 1; };
|
|
|
+ interface "tap2" {
|
|
|
+ type broadcast;
|
|
|
+ cost 100;
|
|
|
+ };
|
|
|
+ };
|
|
|
+ }
|
|
|
+
|
|
|
+Den bird enablen.
|
|
|
+
|
|
|
+ rcctl enable bird
|
|
|
+
|
|
|
+# Sonstiges
|
|
|
+
|
|
|
+/etc/sysctl.conf
|
|
|
+
|
|
|
+ net.inet.ip.forwarding=1
|
julian