Get best of the week

Router Banana Pi R64 - Debian, Wireguard, ILV

Banana Pi 64 is a single-board computer of the Raspberry Pi type, but with several Ethernet ports, which makes it possible to turn it into a router based on the general Linux distribution.



Yes, it already has Openwrt, but it has their troubles GUI CLI; Mikrotik, GUI/CLI, Wireguard … , , .


BPI, R64, — Banana Pi R64.


. eMMC


, SBC , R64 , , R64 (HDMI, ). — Wifi, Ethernet, Bluetooth, USB UART, , , , .


R64 USB-UART:


  • USB-UART (PL2303, Serial-to-USB)
  • USB- , , UART,- R64, ,
  • sudo minicom

= .
.


USB UART


, SD-: :


unzip -p 2019-08-23-ubuntu-16.04-lite-preview-bpi-r64-sd-emmc.img.zip | pv | sudo dd of=/dev/mmcblk0 bs=10M status=noxfer

SD- R64, , uboot, .


— R64 8Gb, eMMC.
/dev/mmcblk0 BPI, , SD-, BPI … . - Boot select .


, BPI , :


root@bpi-r64:~# ./mmc extcsd read /dev/mmcblk1 | grep 'PARTITION_CONFIG'
Boot configuration bytes [PARTITION_CONFIG: 0x00]
root@bpi-r64:~# ./mmc bootpart enable 1 1 /dev/mmcblk1
root@bpi-r64:~# ./mmc extcsd read /dev/mmcblk1 | grep 'PARTITION_CONFIG'
Boot configuration bytes [PARTITION_CONFIG: 0x48]

, boot- preloader


root@bpi-r64:~# echo 0 > /sys/block/mmcblk0boot0/force_ro 
root@bpi-r64:~# dd if=preloader_evb7622_64_foremmc.bin of=/dev/mmcblk0boot0

R64 () . ( ), .


- eMMC. , (SD/eMMC) (preloader SD-, ATF, u-boot), . , , .


eMMC, , , SD , , , .


. Armbian


— VPN, Wireguard. , , . , x86, DKMS. arm64 . , .. , , , , - x86, R64, .


— . Debian, arm64 packages.debian.org .


, Armbian BPI R64.
: userspace- — Armbian, Frank-. .


R64 . , Openwrt, Frank- Debian-. , Frank .


:


, / SBC ( BPI) , Ethernet- /. , , , Wifi.


USB-Wifi "", BPI . TP-LINK TL-WN725N USB 2.0, , : , , , ( RTL8XXXU, ). Ethernet- .


Tenda MW3 (Wifi mesh-): Ethernet- BPI LAN- . .


Wireguard, , Bird


, Banana PI — , , , Telegram Slack-. : , , .


Ansible: .


, VPS Ubuntu 18.04. : Amazon Digital Ocean.


, Armbian R64, ssh hm-bananapi-1 . ansible, R64:


#   Debian-based 
$ sudo apt install --no-install-recommends python3-pip python3-setuptools python3-wheel git
$ which pip3
/usr/bin/pip3

# ansible  pybook,   Python
$ pip3 install https://github.com/muravjov/ansible/archive/ansible-2.10.0.dev0-pybook2019.tar.gz

$ export PATH=~/.local/bin:$PATH
$ which ansible-playbook
/home/sa/.local/bin/ansible-playbook

$ git clone https://github.com/muravjov/ansible-bpi-r64.git
$ cd ansible-bpi-r64

$ git submodule update --init

#    hm-bananapi-1
$ ssh hm-bananapi-1 which python3
/usr/bin/python3

#  
$ ansible-playbook ./router.py -l hm-bananapi-1

VPS VPN:


ansible-playbook ./router.py -l current-vpn

current-vpn, VPS ( paris-vpn-aws-t2-micro-1):


$ grep current_vpn group_vars/all 
current_vpn: paris-vpn-aws-t2-micro-1
#current_vpn: frankfurt-vpn-d0-starter-1

, ( Wireguard) ./secrets, .


Ansible Python


, YAML Ansible Python. , bird:


- name: start bird
  systemd:
    name: bird
    state: started
    enabled: yes

Python:


with mapping:
    append("name", "start bird")
    with mapping("systemd"):
        append("name",  "bird")
        append("state", "started")
        append("enabled", "yes")

Ansible Python , . , bird R64 VPS:


install_bird("router/bird.conf.j2")
install_bird("vpn/bird.conf.j2")

install_bird().


pybook . pybook , .


upstream .


. Prometheus


: , linkedin pornhub , user experience — . , .


: , 5.4 => 5.6, , Wireguard , … -: 5.4 5.6, , VPS , bird "BGP Error"… " " () 5.4; 5.6 TODO.


VPS ( x86 Ubuntu 18.04), :


  • prometheus, alertmanager, blackbox_exporter —
  • - metalmatze/alertmanager-bot —
  • tor , , , ,
  • : NodeVPNTroubles ( ping- VPS), BirdVPNTroubles ( Bird), AntifilterDownloadTroubles ( IP-), SiteTroubles ( )
  • , , HostGrowingDiskReadLatency ( SD- )

:


ansible-playbook ./monitoring.py -l monitoring-preprod

Auto Discovery /etc/prometheus/auto_http, ( ):


bash << 'EOF'
HOSTNAME=hm-bananapi-1
IP_ADDRESS=`ssh -G $HOSTNAME | awk '/^hostname / { print $2 }'`

ssh monitoring-preprod sudo sponge /etc/prometheus/auto_http/$HOSTNAME.json << EOF2
[
  {
    "targets": ["$IP_ADDRESS:9100"],
    "labels": {
      "env": "prod",
      "hostname": "$HOSTNAME"
    }
  }
]
EOF2
EOF

TODO: 2 , 2 BPI, anycast failover


, , , .., .


user experience multi-wan Mwan3 Openwrt. , multi-wan . : IP-, , => " ".


, multihoming , failover. , , linux :


ip route add default \
    nexthop via 192.168.1.1 weight 10 \
    nexthop via 192.168.2.1 weight 5

, , 2 BPI, , c bird/OSPF.


, IP- , (, DNS). , bird. .


, ( c ; -, Layta, , ; , ).


R64


SinoVoip.
:


  • +
  • : /; CPU , switch-
  • wifi,

— - . Judy Huang , , ePacket \$5, , EMS >33\$. , . , ( ), ~5\$. ?.. , ~30\$, .


Judy , (hint: , ); , . .


Issues


.



Ansible=Python, , 20-30 ; , x86. , ~3 , . - CPU (throttling). Go :


#      node_exporter  Go
$ time curl -s http://172.30.1.1:9100/metrics > /dev/null

real    0m6,118s
user    0m0,005s
sys     0m0,009s

#   51 ,    
sa@bananapir64:~$ cat /sys/devices/virtual/thermal/thermal_zone0/temp
51700

Wifi


Wifi , Armbian - , :


sa@bananapir64:~$ dmesg | grep -E 'mt7622_wmac.*timeout'
[470303.802539] mt7622_wmac 18000000.wmac: Message 38 (seq 3) timeout
[470314.042508] mt7622_wmac 18000000.wmac: Message 50 (seq 4) timeout
...

. .


Ethernet


Ethernet , ~ (DHCP) R64 .
:


ifdown br0; sleep 30; ifup br0

, , Landen Chao .

More articles:


All Articles