dettus
Bicycle User
I am writing this in english, I hope you do not mind...
This is going to be a tutorial on how to get rid of the M-Net FritzBox and replacing it with a router running OpenBSD. Since it is the COOLEST operating system in the world.
It is mostly a thought-protocol, and there is no guarantee that it will work for you.
Step 1: THROW AWAY DS-LI(T)E. GET IPv4!!
For the life of me, I was not able to figure out how to get everything up and running with this DS-Lite stuff. And I also realized that it was not what I needed, so I marched into an MNET store and asked for proper Internet. Costs a bit extra, but worth it.
DS-LITE IS AWFUL!!!!
Step 2: GET THE HARDWARE
I replaced the FritzBox with a DSL-Modem. Since I only have 16MBit, any router with Annex B DSL will do.
Then, get a PC with two ethernet ports. One for the DSL modem, the other one for the internal network. I am running everything on a Soekris 4801, with 128Mbyte RAM, 266MHz CPU and 2GByte Compact Flash. But you can basically use any other PC you want. I also needed a UART-cable to connect from my Laptop to the Soekris.
For conveniance reasons, I used a Linux Laptop to set up the Compact Flash Image via QEMU.
Step 3: INSTALL OPENBSD 6.2/i386
Go to http://www.openbsd.org/ or directly to http://ftp.fau.de/openbsd/6.2/i386/ where you can find the installation images. I chose the install62.iso. ON MY LINUX LAPTOP, I used QEMU to create the first, basic operational image. This was much more conveniant.
Via VNC, I was able to watch it boot in all its glory:
After booting was finished, I chose (I)nstall. I used the (W)hole disk, I accepted the (a)utolayout. Network connection was (at first) via DHCP. As for the other questions, answer them yourself. 
One last thing: The Soekris Box I use does not have a graphics card. So I chose to change the default console to com0. And set the baudrate to 57600. And I also did not want to run the X-Server. In fact, I de-selected all packages starting with x.
After the installation was finished, it drops you of at the console, where you type
In the Linux-Terminal, where I started QEMU, I pressed CTRL+C. I copied the image to the CF-Card by connecting it, and typing
XXXX was sdb in my case, dmesg told me that.
IF YOU LIKE, you can boot the system with this command:
Note that the "boot d" has been changed to "boot c". You can connect to it via a second Terminal, where you type in
STEP 4: CONNECTING TO THE INTERNET
This was the hardest part. So, the soekris has three Ethernet devices:
sis0, sis1 and sis2. I used sis0 for the internal network. And sis1 to connect the DSL modem.
BECAUSE MNET USES VLAN NOWADAYS, with the ID 40, I also had to set up a vlan device.
This is where the clean solution for me ended. I did a lot of
checking to debug. But after a while, I was able to connect to the internet via typing
and testing it by
So I simply wrote the upper five lines into the "/etc/rc". IN THEORY, IT SHOULD HAVE BEEN BETTER TO WRITE A PROPER /etc/hostname.pppoe0. However, this failed. I do not know why.
STEP 5: TURNING IT INTO A ROUTER
I turned the system into a router by creating the /etc/sysctl.conf and /etc/pf.conf files:
(This also gave me SSH-access to my Linux-Box via port forwarding)
STEP 6: DHCP-SERVER
Lazy people, and guests, prefer to have a dhcp server running in their home network. This can be done with the following setup:
Running
(And adding this to /etc/rc) will allow for up to 6 guests.
Enjoy! My next step will be to figure out how to enable VoIP telephones.
Wish me luck!!
This is going to be a tutorial on how to get rid of the M-Net FritzBox and replacing it with a router running OpenBSD. Since it is the COOLEST operating system in the world.
It is mostly a thought-protocol, and there is no guarantee that it will work for you.Step 1: THROW AWAY DS-LI(T)E. GET IPv4!!
For the life of me, I was not able to figure out how to get everything up and running with this DS-Lite stuff. And I also realized that it was not what I needed, so I marched into an MNET store and asked for proper Internet. Costs a bit extra, but worth it.
DS-LITE IS AWFUL!!!!
Step 2: GET THE HARDWARE
I replaced the FritzBox with a DSL-Modem. Since I only have 16MBit, any router with Annex B DSL will do.
Then, get a PC with two ethernet ports. One for the DSL modem, the other one for the internal network. I am running everything on a Soekris 4801, with 128Mbyte RAM, 266MHz CPU and 2GByte Compact Flash. But you can basically use any other PC you want. I also needed a UART-cable to connect from my Laptop to the Soekris.
For conveniance reasons, I used a Linux Laptop to set up the Compact Flash Image via QEMU.
Step 3: INSTALL OPENBSD 6.2/i386
Go to http://www.openbsd.org/ or directly to http://ftp.fau.de/openbsd/6.2/i386/ where you can find the installation images. I chose the install62.iso. ON MY LINUX LAPTOP, I used QEMU to create the first, basic operational image. This was much more conveniant.
Code:
% wget -c http://ftp.fau.de/openbsd/6.2/i386/install62.iso
% dd if=/dev/zero of=hda.img bs=1M count=1500
% qemu-system-i386 -m 128 -hda hda.img \
-cdrom install62.iso \
-boot d \
-device e1000,netdev=netw0 -netdev user,id=netw0,hostfwd=tcp::2000-:22 \
-display vnc=:1 \
-serial stdio
Code:
% vncviewer :1One last thing: The Soekris Box I use does not have a graphics card. So I chose to change the default console to com0. And set the baudrate to 57600. And I also did not want to run the X-Server. In fact, I de-selected all packages starting with x.
After the installation was finished, it drops you of at the console, where you type
Code:
# halt -pIn the Linux-Terminal, where I started QEMU, I pressed CTRL+C. I copied the image to the CF-Card by connecting it, and typing
Code:
% dmesg
% dd if=hda.img of=/dev/XXXX bs=1MIF YOU LIKE, you can boot the system with this command:
Code:
% qemu-system-i386 -m 128 -hda hda.img \
-boot c \
-device e1000,netdev=netw0 -netdev user,id=netw0,hostfwd=tcp::2000-:22 \
-display vnc=:1 \
-serial stdioNote that the "boot d" has been changed to "boot c". You can connect to it via a second Terminal, where you type in
Code:
% ssh -p 2000 root@localhostSTEP 4: CONNECTING TO THE INTERNET
This was the hardest part. So, the soekris has three Ethernet devices:
sis0, sis1 and sis2. I used sis0 for the internal network. And sis1 to connect the DSL modem.
BECAUSE MNET USES VLAN NOWADAYS, with the ID 40, I also had to set up a vlan device.
Code:
# echo "inet 192.168.5.1 255.255.255.0 NONE" >/etc/hostname.sis0
# echo "up" >/etc/hostname.sis1
# echo "vlan 40 vlandev sis1 up" >/etc/hostname.vlan40
Code:
# tcpdump -i sis1
Code:
# ifconfig pppoe0 inet 0.0.0.0 0.0.0.1 pppoedev vlan40 authproto chap authname "??????????@mdsl.mnet-online.de" authkey "????????" mtu 1452 up
# sleep 5
# route add default `ifconfig pppoe0 | grep "inet " | awk -F" " '{ print $4; }' - `
# pfctl -d
# pfctl -e -f /etc/pf.confand testing it by
Code:
# ping 8.8.8.8
# echo "nameserver 8.8.8.8" >/etc/resolv.conf
# ping www.heise.deSTEP 5: TURNING IT INTO A ROUTER
I turned the system into a router by creating the /etc/sysctl.conf and /etc/pf.conf files:
Code:
# cat /etc/sysctl.conf
net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1
# cat /etc/pf.conf
set skip on lo
block return # block stateless traffic
pass # establish keep-state
block return in on ! lo0 proto tcp to port 6000:6010
ext_if="pppoe0"
int0_if="sis0"
match on $ext_if scrub (max-mss 1440)
match out on pppoe0 inet from $int0_if:network to any nat-to ($ext_if:0)
match in on $ext_if proto { tcp, udp } from any to any port 666 rdr-to 192.168.5.2 port 22(This also gave me SSH-access to my Linux-Box via port forwarding)
STEP 6: DHCP-SERVER
Lazy people, and guests, prefer to have a dhcp server running in their home network. This can be done with the following setup:
Code:
# cat /etc/dhcpd.sis0
shared-network LOCAL-NET {
option domain-name "my.castle";
option domain-name-servers 8.8.8.8;
default-lease-time 6000;
max-lease-time 7200;
subnet 192.168.5.0 netmask 255.255.255.0 {
range 192.168.5.5 192.168.5.10;
option routers 192.168.5.1;
option domain-name-servers 8.8.8.8;
}
}Running
Code:
# dhcpd -f /etc/dhcpd.sis0 sis0Enjoy! My next step will be to figure out how to enable VoIP telephones.
Wish me luck!!