Knowledgebase/OpenWrt OLSR Setup
Currently there is no easy wizard for setting up OLSR on OpenWrt. This guide shall serve as a base for those that feel komfortable with building their own OpenWrt Systems (or have someone build it for them) and have basic knowledge of SSH and a Linux shell.
This guide is written for a router without Wifi. If you plan on doing routing on a device with Wifi, you'll need some additional packages for Wifi support.
OpenWrt System
To get the Freifunk status page, you'll need to activate the Freifunk package feed. To do this, copy feeds.conf.default
to feeds.conf
and add the following line: src-git freifunk https://github.com/freifunk/openwrt-packages.git
Apart from the default packages for your target, you'll want to install the following packages:
- luci
- alternatively: luci-ssl-openssl (for TLS on Webinterface)
- optional: luci-app-acme (for TLS on Webinterface)
- luci-app-olsr
- luci-app-olsr-services
- luci-app-olsrd2
- optional: luci-app-sqm (if you want to use smart queue management for NAT)
- optional: luci-app-unbound (if you want your own DNS resolver)
- optional: luci-app-openvpn (for use with tunnelserver)
- optional: openvpn-openssl (for use with tunnelserver)
- freifunk-common
- luci-mod-freifunk
- olsrd
- olsrd-mod-arprefresh
- olsrd-mod-jsoninfo
- olsrd-mod-nameservice
- olsrd-mod-txtinfo
- oonf-olsrd2
- oonf-init-scripts
- oonf-olsrd2-lan_import
- oonf-olsrd2-dlep_router
- oonf-olsrd2-lan
- optional: ethtool-full (for ethernet connection debugging)
- optional: iperf3 (for performance debugging)
- optional: tcpdump (for general network debugging)
- optional: vim (or any other text editor. Per default OpenWrt comes with a very minimal vi implementation by BusyBox)
- optional: netdata (will suck quite a lot of RAM and storage space but can be handy for debugging)
All the following files can be added build time by putting them into a new directory in the OpenWrt build tree called files
.
netdata
If you installed Netdata, you can secure it using the following configuration in etc/netdata/netdata.conf
:
[global] update every = 2 memory deduplication (ksm) = no debug log = syslog error log = syslog access log = none run as user = root [web] allow connections from = localhost 10.* 192.168.* 172.16.* 172.17.* 172.18.* 172.19.* 172.20.* 172.21.* 172.22.* 172.23.* 172.24.* 172.25.* 172.26.* 172.27.* 172.28.* 172.29.* 172.30.* 172.31.* allow dashboard from = localhost 10.* 192.168.* 172.16.* 172.17.* 172.18.* 172.19.* 172.20.* 172.21.* 172.22.* 172.23.* 172.24.* 172.25.* 172.26.* 172.27.* 172.28.* 172.29.* 172.30.* 172.31.* [plugins] cgroups = no apps = no charts.d = no fping = no node.d = no python.d = no [health] enabled = no [plugin:proc] ipc = no
disable unnecessary services per default
We don't need dlep_proxy
, dlep_radio
and olsrd6
so disable it per default by creating the file /etc/uci-defaults/99_disable_stuff
:
#!/bin/sh /etc/init.d/dlep_proxy disable /etc/init.d/dlep_radio disable /etc/init.d/olsrd6 disable exit 0
and giving the file execute permissions.
If you have installed the packages on a pre compiled OpenWrt installation, disable the services by simply running the three commands in the file manually.
Freifunk Status Page
To configure the data on the Freifunk status page that unauthenticated users will see, create the file /etc/config/freifunk
with the following content (edit at least the nickname to contain a valid Funkfeuer nick):
package 'freifunk' config 'public' 'contact' option 'nickname' '' option 'name' '' option 'mail' '0xff@example.org' option 'phone' '' option 'note' '' config 'public' 'community' option 'name' 'FunkFeuer-Wien' option 'homepage' 'https://funkfeuer.at'
Also create the file /etc/config/profile_FunkFeuer-Wien
with the following content:
config 'community' 'profile' option 'name' 'FunkFeuer-Wien' option 'homepage' 'http://wien.funkfeuer.at'
OLSRD
For OLSRD (IPv4) create the file /etc/config/olsrd
:
config olsrd option IpVersion '4' option FIBMetric 'flat' option LinkQualityLevel '2' option OlsrPort '698' option Willingness '3' option LinkQualityAlgorithm 'etx_ff' option NatThreshold '1.0' # set to your nodes primary funkfeuer IP option MainIp '111.222.333.444' config InterfaceDefaults option Mode 'mesh' option Ip4Broadcast '255.255.255.255' option HelloValidityTime '125.0' option TcValidityTime '500.0' option MidInterval '25.0' option MidValidityTime '500.0' option HnaInterval '25.0' option HnaValidityTime '500.0' config LoadPlugin option library 'olsrd_jsoninfo' option ignore '0' option accept '127.0.0.1' config LoadPlugin option library 'olsrd_nameservice' option ignore '0' config LoadPlugin option library 'olsrd_txtinfo' option ignore '0' option accept '127.0.0.1' config Interface option ignore '0' option interface '0xff_eth0' option Mode 'mesh'
duplicate the interface section for every OLSR interface you have and edit the IP address in MainIp to match the main IPv4 address of the node.
All the interfaces should be in the same firewall zone (usually WAN or a separate Funkfeuer zone). This firewall zone needs to have a rule set, that allows forward to itself (so in Firewall -> Traffic Rules create a new rule with accept forward from WAN to WAN with any protocol if you are using the WAN zone for Funkfeuer).
Having the same IPv4 address on all Funkfeuer interfaces should work, the current OpenWrt stable with the current OLSRD version seems to have this non-working right now though so having ine IPv4 address per interface is currently required (tested with OpenWrt 22.03.0 and OLSRD version 1e771b4d31e36f9ffd0a04c3f8f83abb803ec309)
OLSRD2
For OLSRD2 you'll have to add your node's IPv6 address to the lo
interface. To do this add the following line to the config interface 'loopback'
section in /etc/config/network
: option ip6addr '2a02:61:0:ff:dead:beef:dead:beef/128'
(obviously you'll have to replace the address with your node address that you can get from the redeemer).
Also add option ip6prefix '2a02:61:d2c:1::/64'
to it (with your node userblock address range), to have an IPv6 prefix available on the device.
Then write the follwing content to /etc/config/olsrd2
:
config global option 'failfast' 'no' option 'pidfile' '/var/run/olsrd2.pid' option 'lockfile' '/var/lock/olsrd2' config log option 'syslog' 'true' option 'stderr' 'true' # option 'file' '/var/log/olsrd2.log' # option 'info' 'all' # option 'debug' 'all' config telnet option 'port' '2009' config olsrv2 list 'originator' '-fe80::/112' list 'originator' '-2a02:61:0:ee:1::0/80' list 'originator' '-2a02:60::0/32' list 'originator' '-0.0.0.0/0' list 'originator' '-::1/128' list 'originator' 'default_accept' # the first /64 subnet of your nodeid/userblock range for the node, if you want to have an IPv6 prefix available for users in the LAN network # list 'lan' '2a02:61:d2c:1::/64' config interface option 'ifname' 'loopback' list 'bindto' '-0.0.0.0/0' list 'bindto' '-::1/128' list 'bindto' 'default_accept' config interface option 'ifname' '0xff_eth0' list 'bindto' '-0.0.0.0/0' list 'bindto' '-::1/128' list 'bindto' 'default_accept'
Duplicate the last interface block for every Funkfeuer interface you have.
System Settings
Please set the hostname to the FQDN of your node (for example erx.konst8.wien.funkfeuer.at
).
Also set a strong (!) password for the root account of the device.