Openbsd on edgerouter

From lippmann wiki
Jump to navigation Jump to search

copied from https://flak.tedunangst.com/post/OpenBSD-on-ERL for internal use.

OpenBSD on EdgeRouter Lite Having burned out both the original flash drive and its replacement, I can’t recommend using an ERL in a serious setting.

The Ubiquiti EdgeRouter Lite machine is an interesting alternative for a light router/gateway. It’s cheap, small, low power, and includes three network interfaces. Almost like it’s purpose built to be a router. The OpenBSD octeon port supports the ERL. Note that the EdgeRouter X is a quite different machine and not supported.

The web page and INSTALL.octeon file have more extensive notes, but sometimes it can be too much info. Here’s the short version. install

On the network side, you need a DHCP and tftpd server, with the octeon bsd.rd in /tftproot.

You’ll need a serial cable like this one. The port is set to 115200, so to connect you run something like cu -l /dev/cuaU0 -s 115200. Plug it in, watch it boot, smash enter a few times to halt the boot process. First command: dhcp to get an IP. Then tftpboot 0 bsd.rd to load the kernel over the network. And finally bootoctlinux to actually run the kernel. This will take you to the installer.

The ERL, like other u-boot systems, doesn’t have an OpenBSD bootloader. Instead, the kernel is loaded from an MSDOS FAT partition. Keep this in mind during disk setup. The installer should set this up for you, or you can use fdisk to change the existing MBR and change the main partition type to A6 (OpenBSD). Space is a little tight, so I skipped the normal disklabel scheme and just made a single large root partition.

Installing the sets and working through the rest of the installer is pretty regular.

After rebooting, u-boot needs some touching up to boot OpenBSD by default. setenv old_bootcmd ${bootcmd} saves the old boot command, not that you’re likely to need it after wiping the disk. Now for the real magic.

setenv bootcmd 'fatload usb 0 $loadaddr bsd; bootoctlinux rootdev=/dev/sd0'

Note that we’re loading from usb, and also setting the root device to sd0. Now you can set a boot timeout with setenv bootdelay 5 if desired, and save everything with saveenv. Reboot and OpenBSD should start normally. notes

The ERL is an octeon machine, not a high octane machine. It does a pretty good job pushing packets around, certainly doesn’t struggle at this task for my network speeds, but it’s not the kind of thing you’d want to use as an IPsec gateway or more sophisticated proxy. Compiling software is almost unbelievably slow, even compared to an Atom machine.

The onboard USB stick is or was somewhat low quality. When it gets hot, as tends to happen inside the fanless case, it starts reporting errors and generally misbehaving. Many users, running the stock Ubiquiti software, have reported this on various forums. Some newer revisions of the hardware may or may not have fixed this. It’s hard to tell. The fix is to replace it with something small. I used a $7 16GB SanDisk Cruzer. On the bright side, if you’re installing onto a new system, it’s easy to dd miniroot.fs onto the USB stick, replace and reboot. No fussing with a netboot environment and easy to swap back if you want the stock software. Something to consider.

The power draw is consistently about 8 watts, measured over a period of one week.

The dwctwo USB driver is still a little raw. If it gets overwhelmed, you’ll get mutex locking panics. Fixable, but not fixed yet. (The driver was ported to OpenBSD, and some of the finer points of interrupts and recursion are apparently different.) In normal usage, this has not been a problem, but trying to build some ports and doing a cvs checkout at the same time didn’t fare so well.

After deciding I didn’t need my new home router to also be a build server, it’s been quite stable. It’s now the primary DHCP and DNS (unbound) server for my network, and pf NAT gateway to the world.

There’s no onboard clock, so you’ll need ntpd to keep the time straght. dmesg

Copyright (c) 1982, 1986, 1989, 1991, 1993

       The Regents of the University of California.  All rights reserved.

Copyright (c) 1995-2016 OpenBSD. All rights reserved. http://www.OpenBSD.org

OpenBSD 6.0-beta (GENERIC) #5: Wed Jul 6 03:40:21 UTC 2016

   visa@octeon:/usr/src/sys/arch/octeon/compile/GENERIC

real mem = 536870912 (512MB) avail mem = 524288000 (500MB) warning: no entropy supplied by boot loader mainbus0 at root cpu0 at mainbus0: Cavium OCTEON CPU rev 0.1 500 MHz, Software FP emulation cpu0: cache L1-I 32KB 4 way D 8KB 64 way, L2 128KB 8 way clock0 at mainbus0: int 5 iobus0 at mainbus0 dwctwo0 at iobus0 base 0x1180068000000 irq 56 usb0 at dwctwo0: USB revision 2.0 uhub0 at usb0 "Octeon DWC2 root hub" rev 2.00/1.00 addr 1 octrng0 at iobus0 base 0x1400000000000 irq 0 cn30xxgmx0 at iobus0 base 0x1180008000000 cnmac0 at cn30xxgmx0: RGMII, address dc:9f:db:28:cc:68 atphy0 at cnmac0 phy 7: F1 10/100/1000 PHY, rev. 2 cnmac1 at cn30xxgmx0: RGMII, address dc:9f:db:28:cc:69 atphy1 at cnmac1 phy 6: F1 10/100/1000 PHY, rev. 2 cnmac2 at cn30xxgmx0: RGMII, address dc:9f:db:28:cc:6a atphy2 at cnmac2 phy 5: F1 10/100/1000 PHY, rev. 2 uartbus0 at mainbus0 com0 at uartbus0 base 0x1180000000800 irq 34: ns16550a, 64 byte fifo com0: console com1 at uartbus0 base 0x1180000000c00 irq 35: ns16550a, 64 byte fifo /dev/ksyms: Symbol table not valid. umass0 at uhub0 port 1 configuration 1 interface 0 "SanDisk Cruzer Fit" rev 2.00/1.27 addr 2 umass0: using SCSI over Bulk-Only scsibus0 at umass0: 2 targets, initiator 0 sd0 at scsibus0 targ 1 lun 0: <SanDisk, Cruzer Fit, 1.27> SCSI4 0/direct removable serial.07815571010521122475 sd0: 14907MB, 512 bytes/sector, 30529536 sectors vscsi0 at root scsibus1 at vscsi0: 256 targets softraid0 at root scsibus2 at softraid0: 256 targets boot device: sd0 root on sd0a (be749846b5a60751.a) swap on sd0b dump on sd0b