Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found
Select Git revision

Target

Select target project
  • firmware/gluon
  • 0x4A6F/gluon
  • patrick/gluon
3 results
Select Git revision
Show changes
Show whitespace changes
Inline Side-by-side
Showing
with 1465 additions and 128 deletions
docs/releases/v2022.1.4.rst 0 → 100644
View file @ 02fd2d04
Gluon 2022.1.4
==============
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- LibreRouter
- LibreRouter (v1)
- Teltonika
- RUT230 (v1)
ath79-nand
~~~~~~~~~~
- Aerohive
- HiveAP 121
- NETGEAR
- WNDR4300 (v1)
lantiq-xrx200
~~~~~~~~~~~~~
- Arcadyan
- o2 Box 6431
ramips-mt7621
~~~~~~~~~~~~~
- Cudy
- X6 (v1, v2)
- D-Link
- DAP-X1860 (A1)
- GL.iNet
- GL-MT1300
- Mercusys
- MR70X (v1)
- Xiaomi
- Mi Router 3G
ramips-mt76x8
~~~~~~~~~~~~~
- TP-Link
- RE200 (v3)
realtek-rtl838x
~~~~~~~~~~~~~~~
- D-Link
- DGS-1210-10P
ipq40xx-generic
~~~~~~~~~~~~~~~
- AVM
- FRITZ!Box 7520
ipq40xx-mikrotik
~~~~~~~~~~~~~~~~
- Mikrotik
- hAP ac2
Bugfixes
--------
* Enterasys WS-AP3705i now uses the correct image-name for use with the autoupdater
(`#2819 <https://github.com/freifunk-gluon/gluon/issues/2819>`_)
* Reduce memory Usage for ath10k on ZyXEL WRE6606 devices
(`#2842 <https://github.com/freifunk-gluon/gluon/issues/2842>`_)
* Replace the Workaround for failed boots on ath79 with a proper fix.
(`#2784 <https://github.com/freifunk-gluon/gluon/issues/2784#issuecomment-1452126501>`_)
* AVM FRITZ!Box 7360 v2 flashed with the incorrect image for v1 will automatically update to the correct image.
* Revert OOM inducing switch of ath79 Wave2 firmware back to -ct
(`#2879 <https://github.com/freifunk-gluon/gluon/pull/2879>`_)
Known issues
------------
* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the NAND flash which the NAND driver before this release does not handle well.
(`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2022.1.rst 0 → 100644
View file @ 02fd2d04
Gluon 2022.1
============
Important notes
---------------
Upgrades to v2022.1 and later releases are only supported from releases v2020.1 and later. This is due to migrations that have been removed to simplify maintenance.
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- D-Link
- DAP-2660 A1
- Enterasys
- WS-AP3705i
- Siemens
- WS-AP3610
- TP-Link
- Archer A7 v5
- CPE510 v2
- CPE510 v3
- CPE710 v1
- EAP225-Outdoor v1
- WBS210 v2
ath79-mikrotik
~~~~~~~~~~~~~~
- Mikrotik
- RB951Ui-2nD
ipq40xx-generic
~~~~~~~~~~~~~~~
- Aruba Networks
- AP-303H
- AP-365
- InstantOn AP11D
- InstantOn AP17
ipq40xx-mikrotik
~~~~~~~~~~~~~~~~
- Mikrotik
- SXTsq-5-AC
ramips-mt7620
~~~~~~~~~~~~~
- Xiaomi
- Mi Router 3G (v2)
ramips-mt7621
~~~~~~~~~~~~~
- Cudy
- WR2100
- Netgear
- R6260
- WAC104
- WAX202
- TP-Link
- RE500
- RE650 v1
- Ubiquiti
- UniFi 6 Lite
- Xiaomi
- Mi Router 4A (Gigabit Edition)
ramips-mt7622
~~~~~~~~~~~~~
- Linksys
- E8450
- Xiaomi
- AX3200
- Ubiquiti
- UniFi 6 LR
ramips-mt76x8
~~~~~~~~~~~~~
- GL.iNet
- microuter-N300
- Netgear
- R6020
- RAVPower
- RP-WD009
- TP-Link
- Archer C20 v4
- Archer C20 v5
- RE200 v2
- RE305 v1
- Xiaomi
- Mi Router 4C
- Mi Router 4A (100M Edition)
rockchip-armv8
~~~~~~~~~~~~~~
- FriendlyElec
- NanoPi R2S
mpc85xx-p1010
~~~~~~~~~~~~~
- Sophos
- RED 15w rev. 1
mpc85xx-p1020
~~~~~~~~~~~~~
- Extreme Networks
- WS-AP3825i
Removed Devices
---------------
This list contains devices which do not have enough memory or flash to
be operated with this Gluon release.
- D-Link
- DIR-615 (C1, D1, D2, D3, D4, H1)
- Linksys
- WRT160NL
- TP-Link
- TL-MR13U (v1)
- TL-MR3020 (v1)
- TL-MR3040 (v1, v2)
- TL-MR3220 (v1, v2)
- TL-MR3420 (v1, v2)
- TL-WA701N/ND (v1, v2)
- TL-WA730RE (v1)
- TL-WA750RE (v1)
- TL-WA801N/ND (v1, v2, v3)
- TL-WA830RE (v1, v2)
- TL-WA850RE (v1)
- TL-WA860RE (v1)
- TL-WA901N/ND (v1, v2, v3, v4, v5)
- TL-WA7210N (v2)
- TL-WA7510N (v1)
- TL-WR703N (v1)
- TL-WR710N (v1, v2)
- TL-WR740N (v1, v3, v4, v5)
- TL-WR741N/ND (v1, v2, v4, v5)
- TL-WR743N/ND (v1, v2)
- TL-WR840N (v2)
- TL-WR841N/ND (v3, v5, v7, v8, v9, v10, v11, v12)
- TL-WR841N/ND (v1, v2)
- TL-WR843N/ND (v1)
- TL-WR940N (v1, v2, v3, v4, v5, v6)
- TL-WR941ND (v2, v3, v4, v5, v6)
- TL-WR1043N/ND (v1)
- WDR4900
- Ubiquiti
- AirGateway
- AirGateway Pro
- AirRouter
- Bullet
- LS-SR71
- Nanostation XM
- Nanostation Loco XM
- Picostation
- Unknown
- A5-V11
- VoCore
- VoCore (8M, 16M)
Atheros target migration
------------------------
All Atheros MIPS devices built with the ``ar71xx-generic``,
``ar71xx-nand`` as well as ``ar71xx-tiny`` were deprecated upstream and
are therefore not available with Gluon anymore.
Many devices previously built with ``ar71xx-generic`` and
``ar71xx-nand`` are now available with the ``ath79-generic`` as well as
``ath79-nand`` target respectively.
Missing devices
~~~~~~~~~~~~~~~
The following devices have not yet been integrated into Gluons ath79
targets.
- 8Devices
- Carambola 2
- Aerohive
- HiveAP 121
- Allnet
- ALL0315
- Buffalo
- WZR-HP-G300NH2
- WZR-HP-G450H
- GL.iNet
- 6408A v1
- NETGEAR
- WNDR4300
- WNDRMAC
- WNDRMAC v2
- TP-Link
- WR2543
- Ubiquiti
- Rocket
- WD
- MyNet N600
- MyNet N750
- ZyXEL
- NB6616
- NB6716
Features
--------
WireGuard
~~~~~~~~~
Gluon got WireGuard support. This allows offloading **encrypted**
connections into kernel space, increasing performance by forwarding
packets without the need for context switches between user and kernel
space.
In order to reuse existing (already verified) fastd-keypairs for
WireGuard, a key derivation procedure is `currently being
developed <https://github.com/freifunk-gluon/gluon/pull/2601>`__. This
should ease migration from fastd to WireGuard in case whitelisting VPN
keys is desired.
fastd L2TP
~~~~~~~~~~
fastd can now act as a connection broker for unencrypted L2TP-based
tunneling within Gluons mesh-vpn framework. This new ``null@l2tp``
connection method allows for increased performance within existing
fastd setups.
In addition to a sufficiently
:ref:`configured fastd-based VPN server<vpn-gateway-configuration>`,
this requires further modifications to a sites :ref:`VPN fastd methods<VPN fastd methods>`.
Major changes
-------------
OpenWrt
~~~~~~~
This release is based on the newest OpenWrt 22.03 release branch.
It ships with Linux kernel 5.10 as well as wireless-backports 5.15.
Network changes (DSA / Upgrade-Behavior)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The ``ramips-mt7621`` and ``lantiq-xrx200`` targets now use the upstream DSA
subsystem instead of OpenWrt swconfig for managing ethernet switches.
Gluon detects the existing user-intent and automatically applies it over
to DSA syntax. See the section about network reconfiguration for more
details.
System reconfiguration
~~~~~~~~~~~~~~~~~~~~~~
The network and system-LED configurations are now re-generated after
each update / invocation of ``gluon-reconfigure``.
The user-intent is preserved within Gluon’s implemented functionality
(Wired-Mesh / Client access / WAN).
As an additional feature, Gluon now supports assigning roles to
interfaces. This behavior is explained
:ref:`here<wired-mesh-commandline>`.
Site changes
------------
VPN provider MTU
~~~~~~~~~~~~~~~~
To account for multiple VPN methods available for a site, the MTU used
for the VPN tunnel connection is now moved to the specific VPN provider
configuration. For fastd this means that ``mesh_vpn.mtu`` needs to be
moved to ``mesh_vpn.fastd.mtu``. (`#2352 <https://github.com/freifunk-gluon/gluon/pull/2352>`__)
Preconfigured Interfaces Roles
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Instead of ``mesh_on_wan`` and ``mesh_on_lan`` there is now an
``interfaces`` block to configure the default behavior of network
interfaces. Details can be found in the
:ref:`documentation<user-site-interfaces>`.
Minor changes
-------------
- The ``brcm2708-bcm2708`` ``brcm2708-bcm2709`` ``brcm2708-bcm2710``
targets were renamed to ``bcm27xx-bcm2708`` ``bcm27xx-bcm2709`` and
``bcm27xx-bcm2710``
- The GL.iNet GL-AR750S was moved to the ``ath79-nand`` subtarget
- Gluon now ships the ath10k-ct firmware derivation for
QCA9886 / QCA9888 / QCA9896 / QCA9898 / QCA9984 /
QCA9994 / IPQ4018 / IPQ4028 / IPQ4019 / IPQ4029
radios (`#2541 <https://github.com/freifunk-gluon/gluon/pull/2541>`__)
- WolfSSL instead of OpenSSL is now used when built with WPA3 support
- The option to configure the wireless-channel independent from the
site-selected channel was moved from
``gluon-core.wireless.preserve_channels`` to
``gluon.wireless.preserve_channels``
- ``gluon-info`` is a new command that provides information about the
current node
- ``GLUON_DEPRECATED`` is now set to 0 by default
- To reboot a running gluon-node into setup-mode, Gluon now offers the
``gluon-enter-setup-mode`` command
- Devices without WLAN do not show the private-wifi configuration
anymore
- The Autoupdater now uses the site default branch in case it is
configured to use a non-existent / invalid branch
Known issues
------------
* A workaround for Android devices not waking up to their MLD subscriptions was removed,
potentially breaking IPv6 connectivity for these devices after extended sleep periods.
(`#2672 <https://github.com/freifunk-gluon/gluon/issues/2672>`_)
* Upgrading EdgeRouter-X from versions before v2020.1.x may lead to a soft-bricked state due to bad blocks on the NAND flash which the NAND driver before this release does not handle well.
(`#1937 <https://github.com/freifunk-gluon/gluon/issues/1937>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.1.1.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.1.1
==============
This is the first service release for the Gluon 2023.1.x line, fixing regressions reported by
the community.
Important notes
---------------
Upgrades to this version are only supported from releases v2021.1 and later.
**Note:**
This release was found to be soft-bricking AVM Fritz!Box 7520 and 7530.
We advice to not offer the release for these two devices until this gets fixed.
Affected devices can be recovered to Fritz!OS and then reinstalled by using the (`AVM Recovery Tool <https://download.avm.de/fritzbox/fritzbox-7530/other/recover/>`_)
Bugfixes
--------
- x86: fix config loss during direct upgrades from v2021.1.x to v2023.1.x (`#2972 <https://github.com/freifunk-gluon/gluon/pull/2972>`_)
- tunneldigger: fix regression in v2023.1 caused by an always failing watchdog script resulting in endless restarts (`#2987 <https://github.com/freifunk-gluon/gluon/pull/2987>`_)
- tunneldigger: fix regression in v2023.1 with DNS lookups not using the wan-dnsmasq (`#3001 <https://github.com/freifunk-gluon/gluon/pull/3001>`_)
- gluon-wan-dnsmasq: fix regression in v2023.1 with restart handling and disable DNS caching on the WAN side (`#2991 <https://github.com/freifunk-gluon/gluon/pull/2991>`_)
- D-Link DIR-860L B1: fix regression in v2023.1 that prevented direct upgrades from v2021.1.x to v2023.1.x (`#2990 <https://github.com/freifunk-gluon/gluon/pull/2990>`_)
- Fix build issues with groff 1.23.0+ on the build host (`#3001 <https://github.com/freifunk-gluon/gluon/pull/3001>`_)
Known issues
------------
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
* EFI only systems won't boot due to removed EFI support (introduced in v2023.1). This was necessary to work around a bug that
causes a config loss during direct upgrades from v2021.1.x to v2023.1.x with the *x86-64*, *x86-generic* and *x86-legacy* targets
(`#2967 <https://github.com/freifunk-gluon/gluon/issues/2967>`_).
It is planned that the next major release will reintroduce EFI support.
* AVM Fritz!Box 7520 and 7530 get soft-bricked by this release. The issue was introduced by a kernel bump.
(`#3023 <https://github.com/freifunk-gluon/gluon/issues/3023>`_)
docs/releases/v2023.1.2.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.1.2
==============
Minor changes
-------------
- Update latest OpenWRT 22.03 version and the corresponding modules
- Always prefer Gluon feeds over upstream feeds while building (`#3026 <https://github.com/freifunk-gluon/gluon/pull/3026>`_)
Bugfixes
--------
- Fixed Raspberry Pi 3 and 4 naming (`#3099 <https://github.com/freifunk-gluon/gluon/issues/3099>`_)
- Fixed inconsistent usage of env variable BROKEN (`#3103 <https://github.com/freifunk-gluon/gluon/issues/3103>`_)
- Fixed gluon-reconfigure failures when no interface role was selected for an interface (`#3095 <https://github.com/freifunk-gluon/gluon/issues/3095>`_)
- Fixed unexpected WiFi shutdowns on TP-Link Archer C7 (`#3049 <https://github.com/freifunk-gluon/gluon/issues/3049>`_)
- Fixed unintentional CPU downclocks of ipq40xx devices (`#3049 <https://github.com/freifunk-gluon/gluon/issues/3049>`_)
- Fixed bandwidth downstream (ingress) limit (`#3017 <https://github.com/freifunk-gluon/gluon/issues/3017>`_)
- Fixed occasional reboot issues on some TP-Link WDR3600 and WDR4300 devices
(`Upstream <https://github.com/openwrt/openwrt/issues/13043>`_)
(`#2904 <https://github.com/freifunk-gluon/gluon/issues/2904>`_)
Known issues
------------
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
* EFI only systems won't boot due to removed EFI support (introduced in v2023.1). This was necessary to work around a bug that
causes a config loss during direct upgrades from v2021.1.x to v2023.1.x with the *x86-64*, *x86-generic* and *x86-legacy* targets
(`#2967 <https://github.com/freifunk-gluon/gluon/issues/2967>`_).
Gluon v2023.2 reintroduced EFI support.
docs/releases/v2023.1.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.1
============
Important notes
---------------
Upgrades to v2023.1 and later releases are only supported from releases v2021.1 and later.
This is due to migrations that have been removed to simplify maintenance.
**Note:**
Due to a bug, configuration is lost on upgrades from Gluon v2021.1.x on the *x86-64*,
*x86-generic* and *x86-legacy* targets, returning nodes to config mode. If your
network is still running a Gluon version older than v2022.1, it is recommended to
skip v2023.1 and wait for the v2023.1.1 release.
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- Extreme Networks
- WS-AP3805i
ath79-nand
~~~~~~~~~~
- GL.iNet
- GL-XE300
ramips-mt7621
~~~~~~~~~~~~~
- TP-Link
- EAP615-Wall
- Wavlink
- WS-WN572HP3 4G
ramips-mt76x8
~~~~~~~~~~~~~
- TP-Link
- TL-MR6400 (v5)
Features
--------
DNS Caching
~~~~~~~~~~~
DNS caching using the dnsmasq resolver is reintroduced.
See the :ref:`DNS caching documentation <dns-caching>` section for
details on how to enable this feature.
Cellular Modem Support
~~~~~~~~~~~~~~~~~~~~~~
Support for using cellular data connections as the primary uplink connection has been added
to Gluon. This is supported for hardware that comes with a built-in cellular modem. The required user
configuration for the APN and SIM-PIN can be performed in the Advanced Settings in Config Mode.
To use this feature in config-mode, the ``web-cellular`` needs to be enabled in ``site.mk``.
Interface Role UI
~~~~~~~~~~~~~~~~~
Interface Roles can now be assigned from the Network page of the Advanced Settings
in Config Mode. This configuration is preserved on Gluon upgrades.
WireGuard Key Translation
~~~~~~~~~~~~~~~~~~~~~~~~~
This release adds a new mechanism for seamlessly translating existing fastd private keys on the nodes into
equivalent WireGuard keys. The corresponding public keys can be translated **separately** on the servers.
This mitigates the need to re-exchange public keys for communities when migrating to WireGuard-based VPN.
See the :ref:`gluon-mesh-vpn-key-translate <gluon-mesh-vpn-key-translate>` section for details.
Bugfixes
--------
- Custom channel lists using a radios ``channels`` UCI option are now preserved on upgrade
in case ``gluon.wireless.preserve_channels`` is set.
- Custom HT modes for radios are now preserved when ``gluon.wireless.preserve_channels``
is set.
- Broken mesh links between MediaTek 11ax and Qualcomm 11ac hardware are worked around. (`#2905 <https://github.com/freifunk-gluon/gluon/pull/2905>`_)
- Fixed a bug in the MediaTek MT7621 NAND driver that caused devices to end in a bootlooping state
after the initial installation.
Minor changes
-------------
- .. rst-class:: strike
Images built for the ``x86`` targets are now natively bootable on
EFI systems without CSM or BIOS support modes.
EFI support was found to break upgrades from Gluon v2021.1.x. It will be removed from
v2023.1.x to be reintroduced in a later release.
Known issues
------------
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
* Configuration is lost on upgrades from Gluon v2021.1.x on the *x86-64*, *x86-generic* and *x86-legacy* targets,
returning nodes to config mode
(`#2967 <https://github.com/freifunk-gluon/gluon/issues/2967>`_)
docs/releases/v2023.2.1.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2.1
==============
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- Ubiquiti
- UniFi Swiss Army Knife Ultra
ramips-mt7621
~~~~~~~~~~~~~
- D-Link
- COVR-X1860 (A1)
Minor changes
-------------
* Nodes using a fastd VPN connection now report the negotiated method on the status page
(`#2465 <https://github.com/freifunk-gluon/gluon/issues/2465>`_)
Bugfixes
--------
* Fixed hostapd being unable to start an AP when selecting channel 116/120 with HT40
(`#3165 <https://github.com/freifunk-gluon/gluon/issues/3165>`_)
* Fixed occasional reboot issues on some TP-Link WDR3600 and WDR4300 devices
(`Upstream <https://github.com/openwrt/openwrt/issues/13043>`_)
(`#2904 <https://github.com/freifunk-gluon/gluon/issues/2904>`_)
Known issues
------------
* Unstable wireless with certain MediaTek devices (`#3154 <https://github.com/freifunk-gluon/gluon/issues/3154>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.2.2.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2.2
==============
Bugfixes
--------
* Fixed a bug where nodes connected using VXLAN would lose connectivity to all but one neighbor
(`#3191 <https://github.com/freifunk-gluon/gluon/issues/3191>`_)
* fastd-l2tp VPN did not re-generate the flow-label for the inner-tunnel traffic,
breaking QoS mechanisms
(`#3203 <https://github.com/freifunk-gluon/gluon/issues/3203>`_)
* Fixed silent-failures when image-customization files were not valid
(`#3218 <https://github.com/freifunk-gluon/gluon/issues/3218>`_)
* Multicast-snooping did stop working after extended uptime periods
(`#3176 <https://github.com/freifunk-gluon/gluon/issues/3176>`_)
Known issues
------------
* Unstable wireless with certain MediaTek devices (`#3154 <https://github.com/freifunk-gluon/gluon/issues/3154>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.2.3.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2.3
==============
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- NETGEAR
- WNDRMAC v2
mpc85xx-p1020
~~~~~~~~~~~~~
- Hewlett-Packard
- MSM460
Bugfixes
--------
* Factory images for TP-Link Archer C7 v2 now contain the correct region code
(`#3260 <https://github.com/freifunk-gluon/gluon/issues/3260>`_)
* Fixed an issue where some bootloader versions of the NETGEAR EX6150 v2 failed
to boot Gluon images in rare cases
(`Upstream <https://github.com/openwrt/openwrt/commit/de59fc45402ff03e320264c8204f6928090534ad>`_)
* Fixed boot procedure becoming stuck on Enterasys WS-AP3710i devices
(`#3248 <https://github.com/freifunk-gluon/gluon/issues/3248>`_)
Known issues
------------
* Unstable wireless with certain MediaTek devices (`#3154 <https://github.com/freifunk-gluon/gluon/issues/3154>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.2.4.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2.4
==============
Added hardware support
----------------------
ramips-mt7620
~~~~~~~~~~~~~
- NETGEAR
- EX6130
ramips-mt7621
~~~~~~~~~~~~~
- Xiaomi
- Mi Router 4A (Gigabit Edition v2)
ramips-mt76x8
~~~~~~~~~~~~~
- TP-Link
- RE200 (v4)
Bugfixes
--------
* Fixed an issue where Enterasys WS-AP3710i devices regularly boot with all-zero MAC-addresses in previous releases
* Detection of `swconfig` based switch architecture has been fixed (`#3309 <https://github.com/freifunk-gluon/gluon/pull/3309>`_)
* Fixed an issue where the AVM FRITZ!Box 4040 used an incorrect primary MAC address
(`Upstream <https://github.com/openwrt/openwrt/commit/87fbb5085d7e290b0ba536ad7d0876c4224723a6>`_)
Known issues
------------
* Unstable wireless with certain MediaTek devices (`#3154 <https://github.com/freifunk-gluon/gluon/issues/3154>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.2.5.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2.5
==============
Added hardware support
----------------------
ath79-generic
~~~~~~~~~~~~~
- Sophos
- AP15C
ramips-mt7621
~~~~~~~~~~~~~
- Genexis
- Pulse EX400
Bugfixes
--------
* VXLAN encapsulated mesh traffic arriving at a client interface is now filtered and not forwarded to the mesh
* Fixed a missing import in `libgluonutil` which led to undefined behavior on 64 bit architectures
Known issues
------------
* Unstable wireless with certain MediaTek devices (`#3154 <https://github.com/freifunk-gluon/gluon/issues/3154>`_)
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/releases/v2023.2.rst 0 → 100644
View file @ 02fd2d04
Gluon 2023.2
============
Important notes
---------------
Upgrades to v2023.2 and later releases are only supported from releases v2022.1 and later.
This is due to migrations that have been removed to simplify maintenance.
Deprecation of Tunneldigger VPN
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tunneldigger is set to be removed from the Gluon base repository in the next major Gluon release. It is recommended
to migrate to fastd or WireGuard. Tunneldigger will be moved to the
community-packages repository and can be installed from there as an alternative.
Site changes
------------
Image customization
~~~~~~~~~~~~~~~~~~~
``GLUON_FEATURES`` and ``GLUON_SITE_PACKAGES`` have been replaced by a more flexible customization framework
based on Lua. Feature and Package selection can be specified more granularly at both target and device level.
All site configs need to be updated. Configuration like the following
must be removed from ``site.mk``:
.. code-block:: make
GLUON_FEATURES := \
autoupdater \
mesh-batman-adv-15 \
mesh-vpn-fastd \
respondd \
status-page \
web-advanced \
web-wizard
GLUON_FEATURES_standard := \
wireless-encryption-wpa3
GLUON_SITE_PACKAGES := iwinfo
It is replaced by a new file ``image-customization.lua`` with content
like the following:
.. code-block:: lua
features({
'autoupdater',
'mesh-batman-adv-15',
'mesh-vpn-fastd',
'respondd',
'status-page',
'web-advanced',
'web-wizard',
})
if not device_class('tiny') then
features({
'wireless-encryption-wpa3',
})
end
packages({'iwinfo'})
Additionally, this framework also allows communities to specify which devices should or should not be built.
For more information, see the :ref:`image customization documentation <site-image-customization>`.
Added hardware support
----------------------
armsr-armv7
~~~~~~~~~~~
- Arm
- Arm SystemReady 32-bit (EFI) [#virt]_
armsr-armv8
~~~~~~~~~~~
- Arm
- Arm SystemReady 64-bit (EFI) [#virt]_
.. [#virt]
The ArmSR targets can be used for running Gluon as a Virtual Machine on
Arm systems.
ath79-generic
~~~~~~~~~~~~~
- AVM
- FRITZ!Repeater 1750E
- Sophos
- AP100
- AP100c
- AP55
- AP55c
- TP-Link
- Archer C60 (v1)
- EAP225-Outdoor v3
- TL-WR2543N/ND (v1)
ath79-mikrotik
~~~~~~~~~~~~~~
- MikroTik
- wAPR-2nD (wAP R)
ipq40xx-generic
~~~~~~~~~~~~~~~
- ZTE
- MF289F
mediatek-filogic
~~~~~~~~~~~~~~~~
- ASUS
- TUF-AX4200
- Cudy
- WR3000 (v1)
- GL.iNet
- GL-MT3000
- NETGEAR
- WAX220
- Ubiquiti
- Unifi 6 Plus
- ZyXEL
- NWA50AX Pro
mpc85xx-p1010
~~~~~~~~~~~~~
- Enterasys
- WS-AP3715i
ramips-mt7621
~~~~~~~~~~~~~
- TP-Link
- EAP615-Wall
- Wavlink
- WS-WN572HP3 4G
ramips-mt76x8
~~~~~~~~~~~~~
- ASUS
- RT-AX53U
- ZyXEL
- WSM20
Removed hardware support
------------------------
ath79-generic
~~~~~~~~~~~~~
- TP-Link
- Archer C60 (v1)
- RE355
- RE450 (v1)
- Ubiquiti
- NanoBeam 5AC 19 (XC) [#airmax]_
- NanoBeam M5 (XW) [#airmax]_
- NanoStation Loco M2/M5 (XW) [#airmax]_
- NanoStation M2/M5 (XW) [#airmax]_
.. [#airmax]
Ubiquiti airMax devices have been removed temporarily due to an unsolved issue with the flash write-protect.
They will eventually be re-added once the issue has been fixed upstream.
(`#2939 <https://github.com/freifunk-gluon/gluon/issues/2939>`_)
ramips-mt7621
~~~~~~~~~~~~~
- TP-Link
- RE305
Features
--------
TLS support
~~~~~~~~~~~
Gluon now provides HTTPS client support when the `tls` feature is included in the site
configuration, allowing nodes to establish encrypted connections to autoupdater mirrors,
opkg repositories and other HTTPS servers.
Existing site configurations that add libustream TLS packages should switch to the `tls`
feature instead, which will always include the recommended TLS implementation as well
as common CA certificates (`ca-bundle`).
EFI images
~~~~~~~~~~
Gluon x86-64 images now support systems using EFI boot. The same images are still compatible
with legacy MBR boot methods.
Support for CAKE with fastd
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gluon now supports CAKE as a QoS mechanism with fastd. It is automatically enabled with devices
offering at least 200MB of system memory. CAKE is enabled when throughput limits are configured
for the mesh-VPN.
For more information about the technical details, see the
(`OpenWrt wiki <https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm>`_).
Support can be activated by including the `mesh-vpn-sqm` feature in the site configuration.
Docker container
~~~~~~~~~~~~~~~~
The Gluon build-container is now published to the GitHub container registry.
The container contains all the tools required to build Gluon images from source.
See the (`container registry <https://github.com/freifunk-gluon/gluon/pkgs/container/gluon-build>`_) for more information.
GitHub actions
~~~~~~~~~~~~~~
Gluon build tests now run inside a Docker container built from the gluon-build Dockerfile of the same version.
Bugfixes
--------
- Fixed script failure when reconfiguring interface groups without an assigned role.
- Host tools used to be built twice on first compilation.
Major changes
-------------
This release is based on the newest OpenWrt 23.05 release branch.
It ships with Linux kernel 5.15.y, wireless-backports 6.1.24 and batman-adv 2023.1.
.. _releases-v2023.2-minor-changes:
Minor changes
-------------
- D-Link DIR-825 B1 factory images are no longer built due to size constraints.
Please use a recent OpenWrt 23.05 image for factory installation and install Gluon
using sysupgrade.
- The robots.txt now prohibits crawling the status page.
- Changed the order in which Gluon installs packages into the OpenWrt build system
to favor Gluon and site packages over upstream OpenWrt packages.
- If enough nodes are updated, the batman-adv multicast optimizations originally introduced in Gluon 2021.1 for link-local IPv6 multicast addresses
will be applied within the domain to routable IPv6 multicast addresses.
- Gluon now uses mbedtls instead of WolfSSL for hostapd and wpa-supplicant.
Known issues
------------
* The integration of the BATMAN_V routing algorithm is incomplete.
- Mesh neighbors don't appear on the status page. (`#1726 <https://github.com/freifunk-gluon/gluon/issues/1726>`_)
Many tools have the BATMAN_IV metric hardcoded, these need to be updated to account for the new throughput
metric.
- Throughput values are not correctly acquired for different interface types.
(`#1728 <https://github.com/freifunk-gluon/gluon/issues/1728>`_)
This affects virtual interface types like bridges and VXLAN.
* Default TX power on many Ubiquiti devices is too high, correct offsets are unknown
(`#94 <https://github.com/freifunk-gluon/gluon/issues/94>`_)
Reducing the TX power in the Advanced Settings is recommended.
* In configurations without VXLAN, the MAC address of the WAN interface is modified even when Mesh-on-WAN is disabled
(`#496 <https://github.com/freifunk-gluon/gluon/issues/496>`_)
This may lead to issues in environments where a fixed MAC address is expected (like VMware when promiscuous mode is disallowed).
docs/requirements.txt
View file @ 02fd2d04
sphinx-rtd-theme
Sphinx==8.2.3
sphinx-rtd-theme==3.0.2
docs/site-example/i18n/de.po
View file @ 02fd2d04
......@@ -45,7 +45,7 @@ msgstr ""
"selbstverständlich vertraulich behandelt und nicht weitergegeben."
"</p>"
"<div class=\"the-key\">"
"# <%= pcdata(hostname) %><br />"
"# <%= pcdata(hostname) %><br>"
"<%= pubkey %>"
"</div>"
"<p>Dein Knoten startet gerade neu und wird anschließend versuchen, sich mit "
......@@ -58,10 +58,10 @@ msgid "gluon-config-mode:novpn"
msgstr ""
"<p><strong>Du hast ausgewählt die Internetverbindung (Mesh-VPN) nicht zu "
"nutzen</strong>. Dein Knoten kann also nur dann eine Verbindung zum "
"Freifunk-Netz aufbauen, wenn andere Freifunk-Knoten in WLAN-Reichweite sind."
"Freifunk-Netz aufbauen, wenn andere Freifunk-Knoten in WLAN-Reichweite sind.</p>"
"<p>Bitte schicke uns eine E-Mail mit dem Namen deines Knotens "
"(<em><%= pcdata(hostname) %></em>) und ein paar Informationen an <a href="
"\"mailto:freifunk-keys@lists.in-kiel.de?"
"\"mailto:kontakt@alpha-centauri.freifunk.net?"
"subject=<%= urlencode('Anmeldung: ' .. hostname) %>&amp;"
"body=<%= urlencode('# ' .. hostname .. '\n# ' .. sysconfig.primary_mac .. '\n# kein mesh-VPN') %>"
"<%= urlencode('\n\nIch habe zur Kenntnis genommen, dass der im ') %>"
......
docs/site-example/i18n/en.po
View file @ 02fd2d04
......@@ -41,7 +41,7 @@ msgstr ""
"\">keys@alpha-centauri.freifunk.net</a>. Of course, your e-mail address will "
"be treated confidentially and will not be passed on.</p>"
"<div class=\"the-key\">"
" # <%= pcdata(hostname) %><br />"
" # <%= pcdata(hostname) %><br>"
"<%= pubkey %>"
"</div>"
"<p>Your node <em><%= pcdata(hostname) %></em> is currently rebooting and will "
......@@ -55,9 +55,9 @@ msgstr ""
"<p>You have selected <strong>not</strong> to use the mesh VPN. "
"Your node will only be able to connect to the Freifunk network if other nodes "
"in reach already have a connection.</p>"
"Please send an e-mail with the name of your node "
"<p>Please send an e-mail with the name of your node "
"(<em><%=pcdata(hostname)%></em>) and some additional information to "
"<a href=\"mailto:keys@alpha-centauri.freifunk.net?subject="
"<a href=\"mailto:kontakt@alpha-centauri.freifunk.net?subject="
"<%= urlencode('Registration: ' .. hostname) %>&amp;body="
"<%= urlencode('# ' .. hostname .. '\n# ' .. sysconfig.primary_mac .. '\nkey ') %>"
"%22<%= pubkey %>%22;"
......@@ -65,7 +65,7 @@ msgstr ""
"<%= urlencode('node is publicly available on the Internet and can be ') %>"
"<%= urlencode('used by any services (e.g. the meshviewer map).') %>"
"<%= urlencode('\n\nThanks, \n\n') %>"
"\">keys@alpha-centauri.freifunk.net</a>. Of course, your e-mail address will "
"\">kontakt@alpha-centauri.freifunk.net</a>. Of course, your e-mail address will "
"be treated confidentially and will not be passed on.</p>"
"<p>Your node <em><%= pcdata(hostname) %></em> is currently rebooting and will "
"try to connect to other nearby Freifunk nodes after that.</p>"
......
docs/site-example/i18n/fr.po
View file @ 02fd2d04
......@@ -36,7 +36,7 @@ msgstr ""
"body=<%= urlencode('# ' .. hostname .. '\n' .. pubkey) %>\">keys@alpha-centauri.freifunk.net</a>."
"</p>"
"<div class=\"the-key\">"
" # <%= pcdata(hostname) %><br />"
" # <%= pcdata(hostname) %><br>"
"<%= pubkey %>"
"</div>"
......
docs/site-example/image-customization.lua 0 → 100644
View file @ 02fd2d04
packages {'iwinfo'}
features {
'autoupdater',
'ebtables-filter-multicast',
'ebtables-filter-ra-dhcp',
'ebtables-limit-arp',
'mesh-batman-adv-15',
'mesh-vpn-fastd',
'respondd',
'status-page',
'web-advanced',
'web-wizard'
}
if not device_class('tiny') then
features {
'wireless-encryption-wpa3'
}
end
docs/site-example/modules
View file @ 02fd2d04
......@@ -12,7 +12,6 @@
# the git repository from where to clone the package feed
#PACKAGES_MY_OWN_PACKAGES_REPO=https://github.com/.../my-own-packages.git
## PACKAGES_$feedname_COMMIT
# the version/commit of the git repository to clone
#PACKAGES_MY_OWN_PACKAGES_COMMIT=123456789aabcda1a69b04278e4d38f2a3f57e49
......
docs/site-example/site.conf
View file @ 02fd2d04
-- This is an example site configuration for Gluon v2020.2
-- This is an example site configuration for Gluon v2023.2.5
--
-- Take a look at the documentation located at
-- https://gluon.readthedocs.io/ for details.
......@@ -105,7 +105,6 @@
mesh_vpn = {
-- enabled = true,
mtu = 1312,
fastd = {
-- Refer to https://fastd.readthedocs.io/en/latest/ to better understand
......@@ -113,6 +112,7 @@
-- List of crypto-methods to use.
methods = {'salsa2012+umac'},
mtu = 1312,
-- configurable = true,
-- syslog_level = 'warn',
......@@ -164,7 +164,8 @@
},
autoupdater = {
-- Default branch. Don't forget to set GLUON_BRANCH when building!
-- Default branch (optional), can be overridden by setting GLUON_AUTOUPDATER_BRANCH when building.
-- Set GLUON_AUTOUPDATER_ENABLED to enable the autoupdater by default for newly installed nodes.
branch = 'stable',
-- List of branches. You may define multiple branches.
......@@ -173,7 +174,15 @@
name = 'stable',
-- List of mirrors to fetch images from. IPv6 required!
mirrors = {'http://1.updates.services.ffhl/stable/sysupgrade'},
mirrors = {
'http://1.updates.example.org/stable/sysupgrade',
-- Requires the tls feature in image-customization.lua
-- 'https://2.updates.example.org/stable/sysupgrade',
-- Uses http or https depending on the tls feature in image-customization.lua
'//3.updates.example.org/stable/sysupgrade',
},
-- Number of good signatures required.
-- Have multiple maintainers sign your build and only
......
docs/site-example/site.mk
View file @ 02fd2d04
## gluon site.mk makefile example
## GLUON_FEATURES
# Specify Gluon features/packages to enable;
# Gluon will automatically enable a set of packages
# depending on the combination of features listed
GLUON_FEATURES := \
autoupdater \
ebtables-filter-multicast \
ebtables-filter-ra-dhcp \
ebtables-limit-arp \
mesh-batman-adv-15 \
mesh-vpn-fastd \
respondd \
status-page \
web-advanced \
web-wizard
## GLUON_SITE_PACKAGES
# Specify additional Gluon/OpenWrt packages to include here;
# A minus sign may be prepended to remove a packages from the
# selection that would be enabled by default or due to the
# chosen feature flags
GLUON_SITE_PACKAGES := iwinfo
## DEFAULT_GLUON_RELEASE
# version string to use for images
# gluon relies on
......@@ -52,6 +27,3 @@ GLUON_REGION ?= eu
# Languages to include
GLUON_LANGS ?= en de
# Do not build images for deprecated devices
GLUON_DEPRECATED ?= 0
docs/user/faq.rst
View file @ 02fd2d04
......@@ -25,84 +25,3 @@ interface. This DNS server must be announced in router advertisements (using
on *batman-adv*. If your mesh does not have global IPv6 connectivity, you can setup
your *radvd* not to announce a default route by setting the *default lifetime* to 0;
in this case, the *radvd* is only used to announce the DNS server.
.. _faq-mtu:
What is a good MTU on the mesh-vpn?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Setting the MTU on the transport interface requires careful consideration, as
setting it too low will cause excessive fragmentation and setting it too high
may leave peers with a broken tunnel due to packet loss.
Consider these key values:
- Payload: Allow for the transport of IPv6 packets, by adhering to the minimum MTU
of 1280 Byte specified in RFC 2460
- and configure `MSS clamping`_ accordingly,
- and announce your link MTU via Router Advertisements and DHCP
.. _MSS clamping: https://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.cookbook.mtu-mss.html
- Encapsulation: Account for the overhead created by the configured mesh protocol
encapsulating the payload, which is up to 32 Byte (14 Byte Ethernet + 18 Byte
batadv).
- PMTU: What MTU does the path between your gateway and each of its peers support?
For reference, the complete MTU stack looks like this:
.. image:: mtu-diagram_v5.png
Minimum MTU
-----------
Calculate the minimum transport MTU by adding the encapsulation overhead to the
minimum payload MTU required. This is the lowest recommended value, since going
lower would cause unnecessary fragmentation for clients which respect the announced
link MTU.
Example: Our network currently uses batman-adv v15, it therefore requires up
to 32 Bytes of encapsulation overhead on top of the minimal link MTU required for
transporting IPv6.::
\ 1312 1294 1280 0
\---------+-----------------+-------------+----------------------------------+
\TAP | batadv v15 | Ethernet | Payload |
\-------+-----------------+-------------+----------------------------------+
\ ^
|
MTU_LOW = 1280 Byte + 14 Byte + 18 Byte = 1312 Byte
Maximum MTU
-----------
Calculating the maximum transport MTU is interesting, because it increases the
throughput, by allowing larger payloads to be transported, but also more difficult
as you have to take into account the tunneling overhead and each peers PMTU, which
varies between providers.
The underlying reasons are mostly PPPoE, Tunneling and IPv6 transition technologies
like DS-Lite.
Example: The peer with the smallest MTU on your network is behind DS-Lite and can
transport IPv4 packets up to 1436 Bytes in size. Your tunnel uses IPv4 (20 Byte),
UDP (8 Byte), Fastd (24 byte) and you require TAP (14 Byte) for Layer 2 (Ethernet)
Tunneling.::
1436 1416 1408 1384 1370 \
+-------------------+--------+-----------------------+-------------+------\
| IP | UDP | Fastd | TAP | bat\
+-------------------+--------+-----------------------+-------------+--------\
^ \
|
MTU_HIGH = 1436 Byte - 20 Byte - 8 Byte - 24 Byte - 14 Byte = 1370 Byte
Conclusion
----------
Determining the maximum MTU can be a tedious process, especially since the PMTU
of peers could change at any time. The general recommendation for maximized
compatibility is therefore the minimum MTU of 1312 Byte, which works well with
both IPv4 and IPv6.

Impressum - Datenschutz