From 7c0152141a00ad54255f5a6987946daab3707eed Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sat, 25 Apr 2015 16:51:43 +0200 Subject: [PATCH 1/6] idu: interfaces: Add VLAN 1001/1002/1003 for WiFi --- .../init-ifupdown/sysmocom-idu/interfaces | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/recipes-bsp/init-ifupdown/init-ifupdown/sysmocom-idu/interfaces b/recipes-bsp/init-ifupdown/init-ifupdown/sysmocom-idu/interfaces index 35a78051bd..07e1491ba9 100644 --- a/recipes-bsp/init-ifupdown/init-ifupdown/sysmocom-idu/interfaces +++ b/recipes-bsp/init-ifupdown/init-ifupdown/sysmocom-idu/interfaces @@ -69,8 +69,30 @@ iface br-mgmt:0 inet static address 172.16.1.1 netmask 255.255.255.255 +# GSM management VLAN auto br0.7 iface br0.7 inet static address 172.16.7.1 netmask 255.255.255.0 network 172.16.7.0 + +# admin WiFi +auto br0.1001 +iface br0.1001 inet static + address 172.16.8.1 + netmask 255.255.255.0 + network 172.16.8.0 + +# onboad WiFi +auto br0.1002 +iface br0.1002 inet static + address 172.16.128.1 + netmask 255.255.252.0 + network 172.16.128.0 + +# remote WiFi +auto br0.1003 +iface br0.1003 inet static + address 172.16.132.1 + netmask 255.255.252.0 + network 172.16.132.0 From fd275216a9098acc397450d79bca0267e7b93dea Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sat, 25 Apr 2015 16:54:17 +0200 Subject: [PATCH 2/6] idu: Add dnsmasq configuration for WiFi networks --- recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf index 03ded0b097..5c7100dda2 100755 --- a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf +++ b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf @@ -135,6 +135,10 @@ dhcp-range=admin,172.16.6.2,172.16.6.255,255.255.255.0,24h # DHCP range for all BTS dhcp-range=gsm,172.16.7.10,172.16.7.255,255.255.255.0,168h +# DHCH range for WiFi networks +dhcp-range=wifi-admin,172.16.8.10,172.16.8.254,255.255.255.0,24h +dhcp-range=wifi-onboard,172.16.128.10,172.16.131.254,255.255.252.0,24h +dhcp-range=wifi-remote,172.16.132.10,172.16.135.254,255.255.252.0,24h # This is an example of a DHCP range with a network-id, so that # some DHCP options may be set only for this network. From a9b30a9328184d57ebf740033392ca4671086134 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Sat, 25 Apr 2015 16:54:53 +0200 Subject: [PATCH 3/6] idu: dnsmasq.conf: Last address should be .254, as .255 is broadcast --- recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf index 5c7100dda2..3a493d0377 100755 --- a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf +++ b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf @@ -130,10 +130,10 @@ dhcp-range=mgmt,172.16.2.10,172.16.3.254,255.255.254.0,168h dhcp-range=native,172.16.4.10,172.16.4.254,255.255.254.0,168h # DHCP range for administrative access via eth1 -dhcp-range=admin,172.16.6.2,172.16.6.255,255.255.255.0,24h +dhcp-range=admin,172.16.6.2,172.16.6.254,255.255.255.0,24h # DHCP range for all BTS -dhcp-range=gsm,172.16.7.10,172.16.7.255,255.255.255.0,168h +dhcp-range=gsm,172.16.7.10,172.16.7.254,255.255.255.0,168h # DHCH range for WiFi networks dhcp-range=wifi-admin,172.16.8.10,172.16.8.254,255.255.255.0,24h From 57e1184d074010f84c84edfd70d98e28cb11d210 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Fri, 1 May 2015 16:54:09 +0200 Subject: [PATCH 4/6] [idu] dnsmasq: Advertise NTP server to DHCP clients --- recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf index 3a493d0377..5455260738 100755 --- a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf +++ b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf @@ -221,8 +221,8 @@ dhcp-range=wifi-remote,172.16.132.10,172.16.135.254,255.255.252.0,24h # DNS server - 6 # broadcast address - 28 -# Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 -#dhcp-option=42,192.168.0.4,10.10.0.5 +# Set the NTP time server addresses to 172.16.1.1 +dhcp-option=42,172.16.1.1 # Set the NTP time server address to be the same machine as # is running dnsmasq From 441293a2cdc3f8e3f0d1d19a5bb22071f65b4206 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Fri, 1 May 2015 17:23:35 +0200 Subject: [PATCH 5/6] [idu] dnsmasq: config improvements * we are the authoritative DHCP server for all local networks * filter bogus windows DNS queries * don't respect local resolv.conf (pointing to localhost) * increase cache size to 1000 entries --- recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf index 5455260738..8d4e75434f 100755 --- a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf +++ b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf @@ -4,6 +4,9 @@ # as the long options legal on the command line. See # "/usr/sbin/dnsmasq --help" or "man 8 dnsmasq" for details. +# we are the only (valid) DHCP server on the networks that we serve +dhcp-authoritative + # Change these lines if you want dnsmasq to serve MX records. # Only one of mx-host and mx-target need be set, the other defaults # to the name of the host running dnsmasq. @@ -28,7 +31,7 @@ bogus-priv # which can trigger dial-on-demand links needlessly. # Note that (amongst other things) this blocks all SRV requests, # so don't use it if you use eg Kerberos. -#filterwin2k +filterwin2k # Change this line if you want dns to get its upstream servers from # somewhere other that /etc/resolv.conf @@ -44,7 +47,7 @@ bogus-priv # If you don't want dnsmasq to read /etc/resolv.conf or any other # file, getting its servers for this file instead (see below), then # uncomment this -#no-resolv +no-resolv # If you don't want dnsmasq to poll /etc/resolv.conf or other resolv # files for changes and re-read them then uncomment this. @@ -272,7 +275,7 @@ dhcp-option=42,172.16.1.1 #dhcp-leasefile=/var/lib/misc/dnsmasq.leases # Set the cachesize here. -#cache-size=150 +cache-size=1000 # If you want to disable negative caching, uncomment this. #no-negcache From 8c70168d4001d029a60ab155042785ff831f3f9b Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Fri, 1 May 2015 17:28:30 +0200 Subject: [PATCH 6/6] [idu] dnsmasq: Add neptune as upstream DNS resolver --- recipes-extra/dnsmasq/dnsmasq.inc | 2 +- recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/recipes-extra/dnsmasq/dnsmasq.inc b/recipes-extra/dnsmasq/dnsmasq.inc index d390ca0a80..d988f1c274 100644 --- a/recipes-extra/dnsmasq/dnsmasq.inc +++ b/recipes-extra/dnsmasq/dnsmasq.inc @@ -15,7 +15,7 @@ SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getV inherit pkgconfig update-rc.d systemd -PR = "r2" +PR = "r3" INITSCRIPT_NAME = "dnsmasq" INITSCRIPT_PARAMS = "defaults" diff --git a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf index 8d4e75434f..42a1b59341 100755 --- a/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf +++ b/recipes-extra/dnsmasq/files/sysmocom-idu/dnsmasq.conf @@ -57,6 +57,10 @@ no-resolv # non-public domains. #server=/localnet/192.168.0.1 +# Add neptune as upstream DNS resolver. This will be DNATed by our +# firewall script the corresponding internal address depending on the outgoing interface +server=5.9.81.48 + # Add local-only domains here, queries in these domains are answered # from /etc/hosts or DHCP only. #local=/localnet/