question

huit avatar image
huit asked

Network bridge eth0-wifi0 on Venus OS - Cerbo GX / Einstein

I have a cerbo gx connected to a router over ethernet and want to allow devices connected to the wireless AP on the cerbo to access the internet.

I attempted to create a bridge intending to add each of the eth0 and wifi0 network devices to it, e.g as root on cerbo:

ip link add br0 type bridge
ip link set wifi0 master br0
ip link set eth0 master br0
ip link set br0 up

But adding the bridge in the first step raises an error:

Error: Unknown device type

The bridge type is listed in the help page and this same command works on most linux systems that I am familiar with

ip link help

.. so I might guess that this is some particularity with the way that ip link is compiled for Venus OS. I thought it might be customised to support CAN/ve.bus etc.

My other thought is to check if selinux might be blocking.

Does anybody have advice or cautions about going in this direction?

wifiethernetlinux
1 comment
2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Warwick Bruce Chapman avatar image Warwick Bruce Chapman commented ·

Agree this would be useful.

0 Likes 0 ·
7 Answers
mvader (Victron Energy) avatar image
mvader (Victron Energy) answered ·

Hi, we dont do anything Victron specific to the ip command.


the thing I’d check first is if maybe some kernel config option is disabled.


The sunxi recipe here defines location of sources as well as version of the kernel for the cerbo:

https://github.com/victronenergy/meta-victronenergy/tree/master/meta-bsp/recipes-kernel/linux

Make sure to select the v2.65 tag if you are working with venus os v2.65.


If thats the issue, you’ll have to recompile the kernel



17 comments
2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

huit avatar image huit commented ·

I am running 2.7 large which isn't tagged in your link so I took a look at the kernel config directly:

zcat /proc/config.gz

shows that indeed

#CONFIG_BRIDGE is not set

I think this is required so a recompile is probably necessary, which will take a while for me to figure out. I will accept this answer and post back if I make any progress.

Thanks for your help.

0 Likes 0 ·
Show more comments
dakoal avatar image
dakoal answered ·

Hello.

I am wondering if someone got the bridge working, because I am trying the same.

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

mawi avatar image
mawi answered ·

Hi,

actually I will be not able to make such a change myself so I am wondering if that could become a official firmware feature. I believe many user would appreciate it since installing an other HotSpot where there is such a nice device which is capable to do is much smarter.
In my case the Victron is in the garage connected with ethernet where my wall box has Wi-Fi and my router is too far - so the cerbo GX would be a smart solution for me to bridge the wall box to the internet.

Thanks


Matthias

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

ted avatar image
ted answered ·

Bridge would be useful. Wifi Connect and EM24 to the Cerbo Ethernet Port should be possible

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

johanndo avatar image
johanndo answered ·

You can use iptables and nat to route the traffic from LAN to WiFi or just route the traffic through. You must run the WiFi in AP as hotspot (install and configure hostapd)

1 comment
2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Petr Pospíšil avatar image Petr Pospíšil commented ·
Have you tested it? Does it really works?
0 Likes 0 ·
blacksun avatar image
blacksun answered ·

Hello, is it already possible to create a bridge?

Installed a Waveshare RJ45 HAT on my Raspberry PI to get another RJ45 interface.

ll-eth0   Link encap:Ethernet  HWaddr 82:B7:22:E7:67:EB
          inet addr:169.254.10.228  Bcast:0.0.0.0  Mask:255.255.0.0
          inet6 addr: fe80::80b7:22ff:fee7:67eb/64 Scope:Link
          inet6 addr: 2003:ca:af16:b800:80b7:22ff:fee7:67eb/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1450  Metric:1
          RX packets:6215 errors:0 dropped:64 overruns:0 frame:0
          TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:968838 (946.1 KiB)  TX bytes:24637 (24.0 KiB)

But as soon as I want to add eth0 to the bridge I get this error message.

Using username "root".
root@192.168.178.40's password:
Last login: Thu Jan 26 18:25:33 2023
root@raspberrypi2:~# ip link add br0 type bridge
root@raspberrypi2:~# ip link set ll-eth0 master br0
root@raspberrypi2:~# ip link set eth0 master br0
RTNETLINK answers: Device or resource busy
root@raspberrypi2:~#

Is the bridge not supported by VenusOS?


2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

slqa avatar image
slqa answered ·

I got NAT working on cerbo. All is done on roots filesystem due to strict requirement between .ko files and kernel version, so it won't preserve during system update. If you will put this on /data partition, most likely it will brick cerbo, so you will have to perform recovery

If victron will add NAT support to their kernel defconfig, iptables and forwarding setup could be moved into script on /data partition, and will preserve during system update

On your host machine

git clone https://github.com/victronenergy/linux
cd linux
git checkout BRANCH(issue command "uname -a" on cerbo to get branch version name, for me "Linux cerbo 5.10.109-venus-13" branch_tag was v5.10.109-venus-13)

ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- make sunxi_victron_defconfig
ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- make menuconfig
-> General setup
 ->Local version
  -> "-venus-13"

->Networking support 
 -> Networking options 
  -> Network packet filtering framework (Netfilter) 
   -> IP: Netfilter Configuration
    -> set iptables NAT support
    -> MASQUERADE target support
    -> NETMAP target support
    -> REDIRECT target support

save and exit

ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- make modules

On cerbo

copy .ko files in "net/netfilter/", "net/ipv4/netfilter/", "net/ipv6/netfilter/" from your build directory to respective directories on cerbo "/lib/modules/5.10.109-venus-13/kernel/net/"

run depmod -a

append /etc/sysctl.conf with
net.ipv4.ip_forward = 1
net.ipv4.conf.all.forwarding = 1

reboot cerbo

setup NAT in iptables
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i ap0 -o eth0 -j ACCEPT
iptables-save > /etc/iptables/rules

comment "no-resolv" in /etc/dnsmasq.ap.conf, without this you will be able to ping ip addresses, but dns on ap clients won't work 
# If you don't want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers for this file instead (see below), then
# uncomment this
no-resolv


restart dnsmasq /etc/init.d/dnsmasq.ap restart

do on your own risk

2 |3000

Up to 8 attachments (including images) can be used with a maximum of 190.8 MiB each and 286.6 MiB total.

Related Resources

Additional resources still need to be added for this topic