Get best of the week

Router Banana Pi R64 - Debian, Wireguard, ILV

Banana Pi 64 adalah komputer papan tunggal dari jenis Raspberry Pi, tetapi dengan beberapa port Ethernet, yang memungkinkan untuk mengubahnya menjadi router yang didasarkan pada distribusi Linux umum.



Ya, sudah ada Openwrt, tetapi sudah masalah mereka GUI CLI; Mikrotik, GUI/CLI, Wireguard … , , .


BPI, R64, — Banana Pi R64.


. eMMC


, SBC , R64 , , R64 (HDMI, ). — Wifi, Ethernet, Bluetooth, USB UART, , , , .


R64 USB-UART:


  • USB-UART (PL2303, Serial-to-USB)
  • USB- , , UART,- R64, ,
  • sudo minicom

= .
.


USB UART


, SD-: :


unzip -p 2019-08-23-ubuntu-16.04-lite-preview-bpi-r64-sd-emmc.img.zip | pv | sudo dd of=/dev/mmcblk0 bs=10M status=noxfer

SD- R64, , uboot, .


— R64 8Gb, eMMC.
/dev/mmcblk0 BPI, , SD-, BPI … . - Boot select .


, BPI , :


root@bpi-r64:~# ./mmc extcsd read /dev/mmcblk1 | grep 'PARTITION_CONFIG'
Boot configuration bytes [PARTITION_CONFIG: 0x00]
root@bpi-r64:~# ./mmc bootpart enable 1 1 /dev/mmcblk1
root@bpi-r64:~# ./mmc extcsd read /dev/mmcblk1 | grep 'PARTITION_CONFIG'
Boot configuration bytes [PARTITION_CONFIG: 0x48]

, boot- preloader


root@bpi-r64:~# echo 0 > /sys/block/mmcblk0boot0/force_ro 
root@bpi-r64:~# dd if=preloader_evb7622_64_foremmc.bin of=/dev/mmcblk0boot0

R64 () . ( ), .


- eMMC. , (SD/eMMC) (preloader SD-, ATF, u-boot), . , , .


eMMC, , , SD , , , .


. Armbian


— VPN, Wireguard. , , . , x86, DKMS. arm64 . , .. , , , , - x86, R64, .


— . Debian, arm64 packages.debian.org .


, Armbian BPI R64.
: userspace- — Armbian, Frank-. .


R64 . , Openwrt, Frank- Debian-. , Frank .


:


, / SBC ( BPI) , Ethernet- /. , , , Wifi.


USB-Wifi "", BPI . TP-LINK TL-WN725N USB 2.0, , : , , , ( RTL8XXXU, ). Ethernet- .


Tenda MW3 (Wifi mesh-): Ethernet- BPI LAN- . .


Wireguard, , Bird


, Banana PI — , , , Telegram Slack-. : , , .


Ansible: .


, VPS Ubuntu 18.04. : Amazon Digital Ocean.


, Armbian R64, ssh hm-bananapi-1 . ansible, R64:


#   Debian-based 
$ sudo apt install --no-install-recommends python3-pip python3-setuptools python3-wheel git
$ which pip3
/usr/bin/pip3

# ansible  pybook,   Python
$ pip3 install https://github.com/muravjov/ansible/archive/ansible-2.10.0.dev0-pybook2019.tar.gz

$ export PATH=~/.local/bin:$PATH
$ which ansible-playbook
/home/sa/.local/bin/ansible-playbook

$ git clone https://github.com/muravjov/ansible-bpi-r64.git
$ cd ansible-bpi-r64

$ git submodule update --init

#    hm-bananapi-1
$ ssh hm-bananapi-1 which python3
/usr/bin/python3

#  
$ ansible-playbook ./router.py -l hm-bananapi-1

VPS VPN:


ansible-playbook ./router.py -l current-vpn

current-vpn, VPS ( paris-vpn-aws-t2-micro-1):


$ grep current_vpn group_vars/all 
current_vpn: paris-vpn-aws-t2-micro-1
#current_vpn: frankfurt-vpn-d0-starter-1

, ( Wireguard) ./secrets, .


Ansible Python


, YAML Ansible Python. , bird:


- name: start bird
  systemd:
    name: bird
    state: started
    enabled: yes

Python:


with mapping:
    append("name", "start bird")
    with mapping("systemd"):
        append("name",  "bird")
        append("state", "started")
        append("enabled", "yes")

Ansible Python , . , bird R64 VPS:


install_bird("router/bird.conf.j2")
install_bird("vpn/bird.conf.j2")

install_bird().


pybook . pybook , .


upstream .


. Prometheus


: , linkedin pornhub , user experience — . , .


: , 5.4 => 5.6, , Wireguard , … -: 5.4 5.6, , VPS , bird "BGP Error"… " " () 5.4; 5.6 TODO.


VPS ( x86 Ubuntu 18.04), :


  • prometheus, alertmanager, blackbox_exporter —
  • - metalmatze/alertmanager-bot —
  • tor , , , ,
  • : NodeVPNTroubles ( ping- VPS), BirdVPNTroubles ( Bird), AntifilterDownloadTroubles ( IP-), SiteTroubles ( )
  • , , HostGrowingDiskReadLatency ( SD- )

:


ansible-playbook ./monitoring.py -l monitoring-preprod

Auto Discovery /etc/prometheus/auto_http, ( ):


bash << 'EOF'
HOSTNAME=hm-bananapi-1
IP_ADDRESS=`ssh -G $HOSTNAME | awk '/^hostname / { print $2 }'`

ssh monitoring-preprod sudo sponge /etc/prometheus/auto_http/$HOSTNAME.json << EOF2
[
  {
    "targets": ["$IP_ADDRESS:9100"],
    "labels": {
      "env": "prod",
      "hostname": "$HOSTNAME"
    }
  }
]
EOF2
EOF

TODO: 2 , 2 BPI, anycast failover


, , , .., .


user experience multi-wan Mwan3 Openwrt. , multi-wan . : IP-, , => " ".


, multihoming , failover. , , linux :


ip route add default \
    nexthop via 192.168.1.1 weight 10 \
    nexthop via 192.168.2.1 weight 5

, , 2 BPI, , c bird/OSPF.


, IP- , (, DNS). , bird. .


, ( c ; -, Layta, , ; , ).


R64


SinoVoip.
:


  • +
  • : /; CPU , switch-
  • wifi,

— - . Judy Huang , , ePacket \$5, , EMS >33\$. , . , ( ), ~5\$. ?.. , ~30\$, .


Judy , (hint: , ); , . .


Issues


.



Ansible=Python, , 20-30 ; , x86. , ~3 , . - CPU (throttling). Go :


#      node_exporter  Go
$ time curl -s http://172.30.1.1:9100/metrics > /dev/null

real    0m6,118s
user    0m0,005s
sys     0m0,009s

#   51 ,    
sa@bananapir64:~$ cat /sys/devices/virtual/thermal/thermal_zone0/temp
51700

Wifi


Wifi , Armbian - , :


sa@bananapir64:~$ dmesg | grep -E 'mt7622_wmac.*timeout'
[470303.802539] mt7622_wmac 18000000.wmac: Message 38 (seq 3) timeout
[470314.042508] mt7622_wmac 18000000.wmac: Message 50 (seq 4) timeout
...

. .


Ethernet


Ethernet , ~ (DHCP) R64 .
:


ifdown br0; sleep 30; ifup br0

, , Landen Chao .

More articles:


All Articles