Turris OS 4.0 beta1 is released!

release

#41

I think the pictures are the best … :slight_smile:
Turris 1.x - https://doc.turris.cz/doc/cs/howto/vlan_settings_turris
Turris Omnia - https://doc.turris.cz/doc/cs/howto/vlan_settings_omnia
Turris MOX - ??? - why???


#42

I undrestand, but it means, that in standard setup, after Turris 4 Beta install on Omnia, LAN4 stops working.


#43

No that is not what it means. Look in to picture @Nones linked to. Lan4 is connected to switch. Switch in default was configured to connect eth2 to lan4 directly while switching rest of lan ports to eth0. That was just a configuration. Setup in Turris OS 4.x+ is that you are no longer able to configure port6 on switch chip so eth2 is unused.
Also note that for confusion in TOS 4.x+ eth2 is swapped with eth1. It is just marking but it might confuse you.

Mox does not have any special setup. It is just switch chip chain. It will be documented in schematics (once we release them).
Those schemes should no longer be required because all should be configured automatically by DSA. DSA knows this topology and depending on bridge setup it configures switches.


#44

OK, thanks to explanation.
But documentation is missing … :frowning:


#45

Thanks for this explanation. One point I still don‘t fully understand is:

Is DSA really configuring the switch so that switching is handled on switch hardware? Or is a configured bridge from now on only a software bridge where all traffic passes CPU?

e.g. you have a LAN and a GUEST subnet as separated vlans. You create a bridge for LAN with vid1 over LAN Ports LAN1&2 and a second bridge for GUEST with vid2 over LAN Ports LAN3&4. There is a route between them on the Omnia so they communicate with each other (as desired depending how you set up firewall) and both can access WAN over Omnia.

LAN -> WAN, GUEST -> WAN, LAN -> GUEST and GUEST -> LAN all pass CPU (Layer 3 Communication, expected)

But is LAN -> LAN and GUEST -> GUEST Communication (Layer 2) directly handled by Switch Chip configured by DSA? Or does this traffic still pass CPU because of DSA abstractiom layer?


#46

Could you please explain this bullet?

  • Do not use ath10k-ct on Omnia

#47

Edited - Running Turris Omnia - Apologies for not configuring tables correctly - I don’t do this that often and had forgotton the correct limiters - Thanks also for moving to appropriate location

In Updater I have:

Data Collection - Software for participation in data collection and dynamic distributed firewall.

Device detection - Software for detecting new devices on local network (EXPERIMENTAL).

SSH Honeypot - Trap for password-guessing robots on SSH.

LuCI extensions Several addional tabs and controls for the advanced LuCI interface.

Internet connection speed measurement - Actively measures speed of Internet connection using netmetr.cz service.

OpenVPN - An easy setup of OpenVPN server from Foris.

Pakon - Software for in depth monitoring of your traffic.

Tor - Service to increase anonymity on the Internet.

Turned on - I got the following messages in Notifications, obviously the first is an error message and the second, an update message.

** I also turned off CZ and DE, as I only read & speak English *Edit - Clarification of process
This was on a newly updated to 4.0.1 Beta


## Error from 2019/05/08 14:38:18

Updater selhal: Failed operations:

foris-controller-netmetr-module/postinst: + '[' -z ]

+ /etc/init.d/foris-controller restart

+ netmetr

Traceback (most recent call last):

File "/usr/bin/netmetr", line 11, in <module>

load_entry_point('netmetr==1.4.2', 'console_scripts', 'netmetr')()

File "/usr/lib/python3.6/site-packages/netmetr/__main__.py", line 807, in main

netmetr.load_uuid()

File "/usr/lib/python3.6/site-packages/netmetr/__main__.py", line 109, in load_uuid

self.download_uuid()

File "/usr/lib/python3.6/site-packages/netmetr/__main__.py", line 130, in download_uuid

resp_json = self.send_request(req_json, 'settings')

File "/usr/lib/python3.6/site-packages/netmetr/__main__.py", line 93, in send_request

resp = request.urlopen(req, data.encode(), context=ctx)

File "/request.py", line 223, in urlopen

File "/request.py", line 532, in open

File "/request.py", line 642, in http_response

File "/request.py", line 570, in error

File "/request.py", line 504, in _call_chain

File "/request.py", line 650, in http_error_default

urllib.error.HTTPError: HTTP Error 400: Bad Request

e[91mClient type not found, falling to: HW-PROBEe[0m

e[91mUuid not found, requesting new one.e[0m

e[93mChecking uuid on the control server...e[0m [×](http://192.168.1.1/foris/config/main/notifications/#)

## Update from 2019/05/08 14:38:18

• Installed version 0.6.1-3.6-1.8 of package python3-msgpack
• Installed version 6.38-1.0 of package libipset
• Installed version 6.38-1.0 of package ipset
• Installed version 1.0.16-1.1 of package libsodium
• Installed version 0.2.4-3.0 of package uclibcxx
• Installed version 4.1.4-1.1 of package libzmq-curve
• Installed version 18.0.1-3.6-1.9 of package python3-zmq
• Installed version 1.0-3.8 of package sentinel-dynfw-client
• Installed version 1-0.0 of package suricata-conntrack-flows
• Installed version 4-0.4 of package ouidb
• Installed version 5-0.8 of package pakon-lists
• Installed version 3260000-2.1 of package sqlite3-cli
• Installed version 1.2-rc3-4.1 of package libnet-1.2.x
• Installed version 0.5.25-1.0 of package libhtp
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-nfnetlink-log
• Installed version 1.0.1-1.0 of package libnetfilter-log
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-nfnetlink-queue
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-ipt-nfqueue
• Installed version 1.6.2-1.0 of package iptables-mod-nfqueue
• Installed version 5.25-2.1 of package libmagic
• Installed version 2.10-1.1 of package jansson
• Installed version 0.1.6-1.1 of package libyaml
• Installed version 4.0.3-4.6 of package suricata-bin
• Installed version 1-8.8 of package suricata-pakon
• Installed version 1.2.1-1.6 of package pakon
• Installed version 2-0.0 of package pakon-dev-detect
• Installed version 0.53-2.9 of package ahcpd
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-ahcp
• Installed version 1.3.2-2.1 of package libogg
• Installed version 1.3.6-1.9 of package libvorbis
• Installed version 1.3.2-1.1 of package libflac
• Installed version 0.15.1b-4.1 of package libid3tag
• Installed version 1.6.34-1.1 of package libpng
• Installed version 2.9-1.1 of package libfreetype
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-input-core
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-sound-core
• Installed version 1.1.6-1.9 of package alsa-lib
• Installed version 1.2.0-1.1 of package libspeex
• Installed version 4.0.2-0.8 of package libffmpeg
• Installed version 9a-1.1 of package libjpeg
• Installed version 0.6.21-1.1 of package libexif
• Installed version 1.2.1-3.14 of package minidlna
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-minidlna
• Installed version r182-10.9 of package mjpg-streamer
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-mjpg-streamer
• Installed version 5.8.1-1.0 of package collectd-mod-network
• Installed version 5.8.1-1.0 of package collectd-mod-load
• Installed version 5.8.1-1.0 of package collectd-mod-interface
• Installed version 5.8.1-1.0 of package collectd-mod-memory
• Installed version 5.8.1-1.0 of package collectd-mod-cpu
• Installed version 5.8.1-1.0 of package collectd-mod-iwinfo
• Installed version 1.0.50-2.1 of package librrd1
• Installed version 5.8.1-1.0 of package collectd-mod-rrdtool
• Installed version 1.0.50-2.5 of package rrdtool1
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-statistics
• Installed version 1.8.3-2.9 of package tinyproxy
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-tinyproxy
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-app-transmission
• Installed version 20151220-1.0 of package vpnc-scripts
• Installed version 4.14.113-1-98c217cad6ab22101bb289c5936d189e.0 of package kmod-tun
• Installed version 7.08-8.9 of package openconnect
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-proto-openconnect
• Installed version 2016-02-07-ad0b25ad-2.9 of package relayd
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-proto-relay
• Installed version 1.12-1.1 of package libgpg-error
• Installed version 1.6.6-2.1 of package libgcrypt
• Installed version 0.5.3.r550-7.8 of package vpnc
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-proto-vpnc
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-ahcp-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-firewall-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-minidlna-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-statistics-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-tinyproxy-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-transmission-en
• Installed version git-19.122.38425-eb7d4ce-1.0 of package luci-i18n-upnp-en
• Installed version 3.4-3.6-1.9 of package python3-pyserial
• Installed version 1.0-1.0 of package rmbt-client
• Installed version 1.4.2-3.6-2.6 of package netmetr
• Installed version 0.4.2-3.6-1.8 of package foris-controller-netmetr-module
• Installed version 4.6-3.6-1.6 of package foris-netmetr-plugin
• Installed version 2.4.5-4.2.8 of package openvpn-openssl
• Installed version 2.1-0.8 of package dhparam
• Installed version 0.6-3.6-1.8 of package foris-controller-openvpn-module
• Installed version 16.6-3.6-1.0 of package foris-openvpn-plugin
• Installed version 0.2.1-3.6-1.8 of package foris-controller-pakon-module
• Installed version 2.6-3.6-2.8 of package foris-pakon-plugin
• Installed version 0.3.2.10-1.8 of package tor
• Removed package luci-i18n-base-de
• Removed package luci-i18n-base-cs
• Removed package cznic-repo-keys-test
• Removed package user-notify-l10n-cs
• Removed package luci-i18n-commands-de
• Removed package user-notify-l10n-de
• Removed package luci-i18n-commands-cs
• Removed package foris-diagnostics-plugin-l10n-de
• Removed package foris-l10n-de
• Removed package foris-diagnostics-plugin-l10n-cs
• Removed package foris-l10n-cs

#48

When setting up the Beta for the first time on my Omnia, I used the wizard to do all my configuration.

In WAN, I had to set it up as PPPOE, Whilst it allowed me to enter name and password, it would never accept that there was a valid WAN connection. It always displayed an error message that ther was no active WAN connection and trying to use the trial section below never worked.

In the end having completed the setup as far as was possible in the wizard, I then went into LUCI, validated the login info, and it then connected and has worked fine ever since.

My Omnia never really liked setting up PPPOE in the wizard at all, and I always had to either cancel the wizard or just move on. It would be nice with the new version if the Wizard worked properly for connecting PPPOE after entering name and password


#49

OpenWrt uses since version 18.06 Candela Tech Wi-Fi drivers for ath10k. In Turris OS 3.x, we are using ath10k, but we wanted to have in Turris OS 4.x/5.x the same Wi-Fi driver as OpenWrt has by default.

If you have time you can read about it on OpenWrt forum here:


There should be some performance boost, but we and somebody else from the community have an experience that there wasn’t the level of stability what we are used to have. That’s why we decided for Turris Omnia to have by default the non-ct variant.


#50

Found this in my system log - running an Omnia, just transitioned to 4 beta from the current 3.n.n I don’t know if it relevant, but I did see promiscuous errors in a previous (closed) error. If it isn’t appropriate, I’m sorry for wasting people time

May  8 16:39:37 Hyperion kernel: [   13.377083] xt_time: kernel timezone is -0000
May  8 16:39:37 Hyperion kernel: [   13.404593] PPP generic driver version 2.4.2
May  8 16:39:37 Hyperion kernel: [   13.409601] NET: Registered protocol family 24
May  8 16:39:37 Hyperion kernel: [   13.422577] pci 0000:00:02.0: enabling device (0140 -> 0142)
May  8 16:39:37 Hyperion kernel: [   13.428516] ath10k_pci 0000:02:00.0: pci irq msi oper_irq_mode 2 irq_mode 0 reset_mode 0
May  8 16:39:37 Hyperion kernel: [   13.664769] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/pre-cal-pci-0000:02:00.0.bin failed with error -2
May  8 16:39:37 Hyperion kernel: [   13.675525] ath10k_pci 0000:02:00.0: Falling back to user helper
May  8 16:39:37 Hyperion kernel: [   13.941808] firmware ath10k!pre-cal-pci-0000:02:00.0.bin: firmware_loading_store: map pages failed
May  8 16:39:37 Hyperion kernel: [   13.950901] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/cal-pci-0000:02:00.0.bin failed with error -2
May  8 16:39:37 Hyperion kernel: [   13.961283] ath10k_pci 0000:02:00.0: Falling back to user helper
May  8 16:39:37 Hyperion kernel: [   13.971772] firmware ath10k!cal-pci-0000:02:00.0.bin: firmware_loading_store: map pages failed
May  8 16:39:37 Hyperion kernel: [   13.980589] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/firmware-6.bin failed with error -2
May  8 16:39:37 Hyperion kernel: [   13.991333] ath10k_pci 0000:02:00.0: Falling back to user helper
May  8 16:39:37 Hyperion kernel: [   14.001400] firmware ath10k!QCA988X!hw2.0!firmware-6.bin: firmware_loading_store: map pages failed
May  8 16:39:37 Hyperion kernel: [   14.018484] ath10k_pci 0000:02:00.0: qca988x hw2.0 target 0x4100016c chip_id 0x043202ff sub 0000:0000
May  8 16:39:37 Hyperion kernel: [   14.027753] ath10k_pci 0000:02:00.0: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 1
May  8 16:39:37 Hyperion kernel: [   14.037280] ath10k_pci 0000:02:00.0: firmware ver 10.2.4-1.0-00037 api 5 features no-p2p,raw-mode,mfp,allows-mesh-bcast crc32 a4a52adb
May  8 16:39:37 Hyperion kernel: [   14.082053] ath10k_pci 0000:02:00.0: Direct firmware load for ath10k/QCA988X/hw2.0/board-2.bin failed with error -2
May  8 16:39:37 Hyperion kernel: [   14.092520] ath10k_pci 0000:02:00.0: Falling back to user helper
May  8 16:39:37 Hyperion kernel: [   14.102843] firmware ath10k!QCA988X!hw2.0!board-2.bin: firmware_loading_store: map pages failed
May  8 16:39:37 Hyperion kernel: [   14.111767] ath10k_pci 0000:02:00.0: board_file api 1 bmi_id N/A crc32 bebc7c08
May  8 16:39:37 Hyperion kernel: [   15.247710] ath10k_pci 0000:02:00.0: htt-ver 2.1 wmi-op 5 htt-op 2 cal otp max-sta 128 raw 0 hwcrypto 1
May  8 16:39:37 Hyperion kernel: [   15.361783] ath: EEPROM regdomain: 0x0
May  8 16:39:37 Hyperion kernel: [   15.361786] ath: EEPROM indicates default country code should be used
May  8 16:39:37 Hyperion kernel: [   15.361788] ath: doing EEPROM country->regdmn map search
May  8 16:39:37 Hyperion kernel: [   15.361791] ath: country maps to regdmn code: 0x3a
May  8 16:39:37 Hyperion kernel: [   15.361793] ath: Country alpha2 being used: US
May  8 16:39:37 Hyperion kernel: [   15.361795] ath: Regpair used: 0x3a
May  8 16:39:37 Hyperion kernel: [   15.369819] usbcore: registered new interface driver qcserial
May  8 16:39:37 Hyperion kernel: [   15.375628] usbserial: USB Serial support registered for Qualcomm USB modem
May  8 16:39:37 Hyperion kernel: [   15.386962] pci 0000:00:01.0: enabling device (0140 -> 0142)
May  8 16:39:37 Hyperion kernel: [   15.480345] ath: EEPROM regdomain: 0x0
May  8 16:39:37 Hyperion kernel: [   15.480349] ath: EEPROM indicates default country code should be used
May  8 16:39:37 Hyperion kernel: [   15.480350] ath: doing EEPROM country->regdmn map search
May  8 16:39:37 Hyperion kernel: [   15.480354] ath: country maps to regdmn code: 0x3a
May  8 16:39:37 Hyperion kernel: [   15.480356] ath: Country alpha2 being used: US
May  8 16:39:37 Hyperion kernel: [   15.480358] ath: Regpair used: 0x3a
May  8 16:39:37 Hyperion kernel: [   15.492357] ieee80211 phy1: Selected rate control algorithm 'minstrel_ht'
May  8 16:39:37 Hyperion kernel: [   15.493728] ieee80211 phy1: Atheros AR9287 Rev:2 mem=0xf1090000, irq=90
May  8 16:39:37 Hyperion kernel:   15.500685] kmodloader: done loading kernel modules from /etc/modules.d/*
May  8 16:39:37 Hyperion kernel: [   15.989575] random: crng init done
May  8 16:39:37 Hyperion kernel: [   15.993062] random: 2 urandom warning(s) missed due to ratelimiting
May  8 16:39:37 Hyperion kernel: [   19.357738] watchdog: watchdog0: nowayout prevents watchdog being stopped!
May  8 16:39:37 Hyperion kernel: [   19.364657] watchdog: watchdog0: watchdog did not stop!
May  8 16:39:37 Hyperion kernel: [   19.372072] watchdog: watchdog0: nowayout prevents watchdog being stopped!
May  8 16:39:37 Hyperion kernel: [   19.378969] watchdog: watchdog0: watchdog did not stop!
May  8 16:39:37 Hyperion kernel: [   20.944473] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready
May  8 16:39:37 Hyperion kernel: [   20.954301] mvneta f1030000.ethernet eth1: configuring for fixed/rgmii link mode
May  8 16:39:37 Hyperion kernel: [   20.962254] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
May  8 16:39:37 Hyperion kernel: [   20.968154] mvneta f1030000.ethernet eth1: Link is Up - 1Gbps/Full - flow control off
May  8 16:39:37 Hyperion kernel: [   20.980380] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
May  8 16:39:37 Hyperion kernel: [   20.988859] mv88e6085 f1072004.mdio-mii:10 lan0: configuring for phy/gmii link mode
May  8 16:39:37 Hyperion kernel: [   20.998020] br-lan: port 1(lan0) entered blocking state
May  8 16:39:37 Hyperion kernel: [   21.003295] br-lan: port 1(lan0) entered disabled state
May  8 16:39:37 Hyperion kernel: [   21.012888] device lan0 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.017522] device eth1 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.036232] mv88e6085 f1072004.mdio-mii:10 lan1: configuring for phy/gmii link mode
May  8 16:39:37 Hyperion kernel: [   21.050349] br-lan: port 2(lan1) entered blocking state
May  8 16:39:37 Hyperion kernel: [   21.055622] br-lan: port 2(lan1) entered disabled state
May  8 16:39:37 Hyperion kernel: [   21.071273] device lan1 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.086778] mv88e6085 f1072004.mdio-mii:10 lan2: configuring for phy/gmii link mode
May  8 16:39:37 Hyperion kernel: [   21.095075] br-lan: port 3(lan2) entered blocking state
May  8 16:39:37 Hyperion kernel: [   21.100327] br-lan: port 3(lan2) entered disabled state
May  8 16:39:37 Hyperion kernel: [   21.115822] device lan2 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.137432] mv88e6085 f1072004.mdio-mii:10 lan3: configuring for phy/gmii link mode
May  8 16:39:37 Hyperion kernel: [   21.146152] br-lan: port 4(lan3) entered blocking state
May  8 16:39:37 Hyperion kernel: [   21.151418] br-lan: port 4(lan3) entered disabled state
May  8 16:39:37 Hyperion kernel: [   21.168299] device lan3 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.190186] mv88e6085 f1072004.mdio-mii:10 lan4: configuring for phy/gmii link mode
May  8 16:39:37 Hyperion kernel: [   21.198672] br-lan: port 5(lan4) entered blocking state
May  8 16:39:37 Hyperion kernel: [   21.203952] br-lan: port 5(lan4) entered disabled state
May  8 16:39:37 Hyperion kernel: [   21.222690] device lan4 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   21.352396] mvneta f1034000.ethernet eth2: PHY [f1072004.mdio-mii:01] driver [Marvell 88E1510]
May  8 16:39:37 Hyperion kernel: [   21.361164] mvneta f1034000.ethernet eth2: configuring for phy/sgmii link mode
May  8 16:39:37 Hyperion kernel: [   21.368839] IPv6: ADDRCONF(NETDEV_UP): eth2: link is not ready
May  8 16:39:37 Hyperion kernel: [   21.586555] ath: EEPROM regdomain: 0x833a
May  8 16:39:37 Hyperion kernel: [   21.590582] ath: EEPROM indicates we should expect a country code
May  8 16:39:37 Hyperion kernel: [   21.596705] ath: doing EEPROM country->regdmn map search
May  8 16:39:37 Hyperion kernel: [   21.602042] ath: country maps to regdmn code: 0x37
May  8 16:39:37 Hyperion kernel: [   21.606844] ath: Country alpha2 being used: GB
May  8 16:39:37 Hyperion kernel: [   21.611299] ath: Regpair used: 0x37
May  8 16:39:37 Hyperion kernel: [   21.614794] ath: regdomain 0x833a dynamically updated by user
May  8 16:39:37 Hyperion kernel: [   21.620598] ath: EEPROM regdomain: 0x833a
May  8 16:39:37 Hyperion kernel: [   21.624618] ath: EEPROM indicates we should expect a country code
May  8 16:39:37 Hyperion kernel: [   21.630724] ath: doing EEPROM country->regdmn map search
May  8 16:39:37 Hyperion kernel: [   21.636049] ath: country maps to regdmn code: 0x37
May  8 16:39:37 Hyperion kernel: [   21.640848] ath: Country alpha2 being used: GB
May  8 16:39:37 Hyperion kernel: [   21.645302] ath: Regpair used: 0x37
May  8 16:39:37 Hyperion kernel: [   21.648796] ath: regdomain 0x833a dynamically updated by user
May  8 16:39:37 Hyperion kernel: [   22.847240] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready
May  8 16:39:37 Hyperion kernel: [   22.922594] br-lan: port 6(wlan1) entered blocking state
May  8 16:39:37 Hyperion kernel: [   22.927926] br-lan: port 6(wlan1) entered disabled state
May  8 16:39:37 Hyperion kernel: [   22.933438] device wlan1 entered promiscuous mode
May  8 16:39:37 Hyperion kernel: [   22.938211] br-lan: port 6(wlan1) entered blocking state
May  8 16:39:37 Hyperion kernel: [   22.943552] br-lan: port 6(wlan1) entered forwarding state
May  8 16:39:37 Hyperion kernel: [   22.949187] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
May  8 16:39:37 Hyperion kernel: [   23.001665] br-lan: port 6(wlan1) entered disabled state
May  8 16:39:37 Hyperion kernel: [   23.229058] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
May  8 16:39:37 Hyperion kernel: [   23.235532] br-lan: port 6(wlan1) entered blocking state
May  8 16:39:37 Hyperion kernel: [   23.240877] br-lan: port 6(wlan1) entered forwarding state
May  8 16:39:37 Hyperion kernel: [   24.210258] mv88e6085 f1072004.mdio-mii:10 lan1: Link is Up - 1Gbps/Full - flow control rx/tx
May  8 16:39:37 Hyperion kernel: [   24.234161] br-lan: port 2(lan1) entered blocking state
May  8 16:39:37 Hyperion kernel: [   24.239422] br-lan: port 2(lan1) entered forwarding state
May  8 16:39:37 Hyperion kernel: [   24.554533] mv88e6085 f1072004.mdio-mii:10 lan3: Link is Up - 1Gbps/Full - flow control off
May  8 16:39:37 Hyperion kernel: [   24.580358] br-lan: port 4(lan3) entered blocking state
May  8 16:39:37 Hyperion kernel: [   24.585625] br-lan: port 4(lan3) entered forwarding state
May  8 16:39:37 Hyperion kernel: [   24.632403] mvneta f1034000.ethernet eth2: Link is Up - 1Gbps/Full - flow control rx/tx
May  8 16:39:37 Hyperion kernel: [   24.652026] IPv6: ADDRCONF(NETDEV_CHANGE): eth2: link becomes ready
May  8 16:39:37 Hyperion kernel: [   25.116907] pppoe-wan: renamed from ppp0
May  8 16:39:30 Hyperion dnsmasq[2851]: started, version 2.80 DNS disabled
May  8 16:39:37 Hyperion dnsmasq[2851]: overflow: 6 log entries lost
May  8 16:39:37 Hyperion dnsmasq[4586]: started, version 2.80 DNS disabled
May  8 16:39:37 Hyperion dnsmasq[4586]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC no-ID loop-detect inotify dumpfile
May  8 16:39:37 Hyperion dnsmasq[4586]: DNSSEC validation enabled
May  8 16:39:37 Hyperion dnsmasq[4586]: DNSSEC signature timestamps not checked until receipt of SIGINT
May  8 16:39:37 Hyperion dnsmasq[4586]: configured with trust anchor for <root> keytag 20326
May  8 16:39:37 Hyperion dnsmasq[4586]: configured with trust anchor for <root> keytag 19036
May  8 16:39:37 Hyperion dnsmasq-dhcp[4586]: DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h
May  8 16:39:37 Hyperion dnsmasq-dhcp[4586]: read /etc/ethers - 0 addresses
May  8 16:39:37 Hyperion dnsmasq-dhcp[4586]: read /etc/ethers - 0 addresses
May  8 15:39:40 Hyperion netifd: Interface 'wan_6' is now up
May  8 16:39:40 Hyperion kernel: [   30.626999] device br-lan entered promiscuous mode

#51

I’m not sure if this is correct - its different to v3, so I’ll raise it.

Looking at interfaces, I have the following:

GUEST_TURRIS (br-guest_turris) but not bound to any device

LAN (br-lan) - as expected

WAN (pppoe-wan) - as expected

WAN6 (alias of “wan”) - Protocol - Alias Interface (DHCPv6 client)

WAN_6 (pppoe-wan) - Protocol - Virtual dynamic interface (DHCPv6 client)
ipV6-pd: V6 address

I’m not clear what is happening with the v6 interfaces - why both an alias and a virtual device? Should I have both or is this an artifact of the PPPOE problems I described earlier?


#52

This is the expected behaviour with netifd if ipv6 is set to auto. It does not happen in TOS3.x because netifd is outdated and buggy in that trunk.

This how it spawns with my ISP on this setting
config interface 'wan'
	option proto 'pppoe'
	option ifname 'eth2'
	option username 'username'
	option password 'password'
	option ipv6 'auto'
	option peerdns '0'
	option keepalive '2 5'


#53

unbound not listening on ipv6 address.
Lodged as gitlab issue #377.


Foris ipv4 connectivity test fails.
Lodged as gitlab issue #74.


#54

With the router installation (base package) there comes apparently the umdns package (OpenWrt’s Multicast DNS Daemon) that is listening on ipv4/6 udp ports 5353.

I fail see the purpose/benefit of that package, considering that it does not integrate with resolver package or any of the resolvers. From that perspective it bloats the code and consumes resources unnecessarily?


#55

Thanks Pepe. That link was exactly the sort of background I sought.


#56

Does Turris OS 4.0 have module functionality that with USB bluetooth device/USB audio device allows it to become a bluetooth sink such that you can stream music from mobile devices to it and link it to a home sound system? Modules relating to bluetooth sink functionality seem lacking under the previous release even though I believe supported by OpenWRT.


#57

Is this below issue fixed in Turris OS 4.0?

In current production Turris OS if you install modules fwknopd - 2.6.9-3, luci-app-fwknopd, luci-i18n-fwknopd-en and then go into Luci and choose Services/Firewall Knock Daemon, you consistently get a partial page and then an error as below in the web page:

500 Internal Server Error
Sorry, the server encountered an unexpected error.

/usr/lib/lua/luci/dispatcher.lua:460: Failed to execute cbi dispatcher target for entry ‘/admin/services/fwknopd’.
The called action terminated with an exception:
/usr/lib/lua/luci/template.lua:97: Failed to execute template ‘cbi/map’.
A runtime error occured: /usr/lib/lua/luci/template.lua:97: Failed to execute template ‘cbi/tsection’.
A runtime error occured: /usr/lib/lua/luci/template.lua:97: Failed to execute template ‘cbi/ucisection’.
A runtime error occured: [string “/usr/lib/lua/luci/view/cbi/ucisection.htm”]:15: attempt to call field ‘json_encode’ (a nil value)
stack traceback:
[C]: in function ‘assert’
/usr/lib/lua/luci/dispatcher.lua:460: in function ‘dispatch’
/usr/lib/lua/luci/dispatcher.lua:141: in function


#58

Thanks - just wanted clarification, if its working as intended, I’m fine :smile:


#59

It is really configuring switch to do all switching in hardware. In reality it depends on configuration, link state and switch capabilities if traffic goes trough CPU or not but in general when it is possible it configures it to not pass traffic trough CPU.
You can read more about it here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/networking/dsa/dsa.rst

Thank you for reporting it. I created issue for it: https://gitlab.labs.nic.cz/turris/turris-os-packages/issues/380 but I suspect that it is network failure. It either could be because during update network was still not yet up. Other possibility is that you just don’t have access to appropriate server for some reason. We will se once someone tries to reproduce it.

It is all right. This is because there are few WiFi cards with same identifier on PCI and different firmware. System tries to load different firmwares until it successes. It is not clean but there is probably no other way. If it ends with successful firmware load then everything is all right.

It does not have to integrate. The idea of mDNS is that on local network everyone is discovered. Well everyone running mDNS daemon. The idea is that if system wants to connect to local system with hostname foo.local then it sends mDNS request to local network and system with knowledge of such host can responds. This includes foo.local which makes it known to all mDNS daemons on local network.
By the way it seems to me that OpenWRT does not integrate it to dnsmasq either. :wink:

Not sure. Probably should. We were not aware of any such issue. But this version is based on latest stable OpenWRT upstream so if there is an issue then it should be reported to upstream developers.

Depends on bluetooth dongle and audio card you are planning to use. You have to test it and see if it works. Optionally you can test it in our PC with Linux and see what drivers it requires and ask for them to be packaged.
Pulseaudio is packaged so it depends really only on your hardware and skill.


#60

Thanks for clearing up those points up for me - I completely agree in regard to the driver, in the first instance you can only cycle through until you find a driver that works - possibly at that point, you could then save that for future use. Continuing with the saved driver until it either doesn’t work or the drivers are updated or some such activity. I suppose the ability to save what is in use depends on what system devices/drives etc are available at that time, if there isn’t anything, your only recourse is to parse all of the drivers until one works!

Anyhow thanks again