16 APU mit OpenBSD.page 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. # Installation
  2. - <https://www.tumfatig.net/20200530/openbsd-6-7-on-pc-engines-apu4d4/>
  3. - <https://hofmeyr.de/OpenBSD%20on%20APU4/>
  4. # Allgemein
  5. # Interfaces
  6. /etc/hostname.em0
  7. rdomain 1
  8. inet 192.168.2.50 255.255.255.0 # Die statische IP-Adresse im eigenen lokalen Netz
  9. inet6 autoconf
  10. /etc/hostname.lo2
  11. inet 193.43.220.131 255.255.255.255 # Die Public-IP der APU
  12. /etc/hostname.tap1
  13. inet 192.168.38.1 255.255.255.0 # Die statische IP-Adresse im tap1-Netz (lan)
  14. /etc/hostname.tap2
  15. inet 193.43.220.163 255.255.255.224 # Die statische IP-Adresse im tap2-Netz (wan)
  16. # Tinc
  17. etc/tinc/
  18. |-- lan
  19. | |-- hosts
  20. | | |-- apu
  21. | | `-- laptop
  22. | |-- rsa_key.priv
  23. | `-- tinc.conf
  24. `-- wan
  25. |-- hosts
  26. | |-- city
  27. | |-- hoerde
  28. | `-- nordstadt
  29. |-- rsa_key.priv
  30. `-- tinc.conf
  31. /etc/tinc/wan/tinc.conf
  32. Name = city
  33. Device = /dev/tap2
  34. Mode = switch
  35. AddressFamily = ipv4
  36. BindToAddress = 192.168.2.50
  37. Port = 656
  38. ConnectTo = nordstadt
  39. ConnectTo = hoerde
  40. Damit beide tinc Instanzen parallel laufen können musste das dazugehörige rc-Skript angepasst werden.
  41. z.B.: /etc/rc.d/tincd_wan
  42. #!/bin/ksh
  43. daemon="/usr/local/sbin/tincd"
  44. daemon_flags="-U _tinc --chroot --net=wan"
  45. daemon_rtable="1"
  46. . /etc/rc.d/rc.subr
  47. rc_stop() {
  48. /usr/local/sbin/tincd -k --net=wan
  49. }
  50. rc_cmd $1
  51. Analog dazu auch /etc/rc.d/tincd_lan anlegen und beide enablen.
  52. rcctl enable tincd_wan
  53. rcctl enable tincd_lan
  54. # Bird
  55. /etc/bird.conf
  56. router id 193.43.220.131;
  57. define AS35675_all = [
  58. 193.43.220.0/23
  59. ];
  60. define AS35675_any = [
  61. 193.43.220.0/23+
  62. ];
  63. protocol device device0 {
  64. scan time 10;
  65. }
  66. /* wg. BSD: */
  67. protocol direct direct0 {
  68. ipv4;
  69. }
  70. protocol kernel kernel0 {
  71. learn on;
  72. scan time 120;
  73. ipv4 {
  74. import all;
  75. export where source != RTS_DEVICE;
  76. };
  77. }
  78. ipv4 table fib1table;
  79. protocol kernel kernel1 {
  80. kernel table 1;
  81. learn on;
  82. scan time 120;
  83. ipv4 {
  84. table fib1table;
  85. import all;
  86. export where source != RTS_DEVICE;
  87. };
  88. }
  89. protocol static static1 {
  90. ipv4 {
  91. table fib1table;
  92. };
  93. route 0.0.0.0/0 via 192.168.2.2;
  94. }
  95. protocol ospf ospfwan {
  96. ipv4 {
  97. import all;
  98. export where net ~ AS35675_any;
  99. };
  100. area 0.0.0.0 {
  101. stubnet 193.43.220.131/32 { cost 1; };
  102. interface "tap2" {
  103. type broadcast;
  104. cost 100;
  105. };
  106. };
  107. }
  108. Den bird enablen.
  109. rcctl enable bird
  110. # Sonstiges
  111. /etc/sysctl.conf
  112. net.inet.ip.forwarding=1