My ZyXEL VMG 1312-B10A modems, which are in modem-only mode and have custom firmware built by our own Mr johnson, have a few problems with their networking.
1. They don’t have a default gateway set for IPv4. I have yet to fix this, would appreciate some help. I can’t see an opportunity to do it in the ZyXEL XML config file, but I may have missed it. I need to research how to declare it in Linux, bearing in mind that this is a very cut-down version and a lot of the usual executables and facilities are absent.
Without this, a lot of networking is simply broken. I’m making up for this by intercepting all known IPv4 coming from the modem and getting my Firebrick router to NAT it. But it’s not ideal.
2. IPv6 doesn’t fully work. I would like to clean this up, but it’s hardly a priority. I’m not sure how to get this minimal Linux build to listen for an RADVD prefix announcement so it can generate a global IPv6 address or two for its LAN i/f. It does have link-local IPv6 addresses, but that doesn’t help us much, since this is presumably a different L2 broadcast domain (a different ‘LAN’) from my normal main LAN and has only two machines on it: the modem, and my Firebrick’s per-modem facing i/f.
IPv4 addressing conventions: The Firebrick’s per-modem i/f facing a modem is 192.168.n.254, and a modem’s admin i/f facing the Firebrick is 192.168.n.1, where n = 1..4 the number of the modem, from four modems in total.
3. NTP time; Yay! I now have timekeeping working successfully because the Firebrick is a relay NTP server and with the correct XML config I have the modem looking at 192.168.n.254 set as a good time server in the list and with this I don’t need to go to eg my ISP’s nearby NTP servers or 1.1.1.1 or whatever - which would be difficult given the system’s current inability to talk directly to the internet, which is a showstopper. (That’s because of the lack of an IPv4 gateway definition, plus the use of RFC1918 addresses for the modem, and the fact that the current Firebrick NATing only takes the modem to the main LAN.)
- [ ] 4. I’ve just got DNS working for the first time. I set /etc/resolv.conf by hand to make it use the Firebrick’s accessible IPv4 i/f where the Firebrick provides a local caching relay recursive DNS server service. Another minor triumph. But how to make this persist? Need the config changes initially made by hand to survive a reboot. For this I used Mr johnson’s /data/boot-cmds.sh custom boot commands feature, writing a few commands into the aforementioned custom boot script file to define three name servers, which are 127.0.0.1 and ::1 then 192.168.n.254 for the Firebrick again, which is the nearby DNS
I don’t yet have a clean way of dealing with the variable .n.254. I can’t remember how to expand variable names in bash or whatever busybox shell we have here. Currently I’m ashamed to say that I have written out four custom script files, one per modem, eg modem-set-dns-n.sh and I have to remember which one to run on which modem!
Rather than customising the script files with a variable at the top or passing a parameter in, what I really need to do is work out which modem I am. I could perhaps inspect the XML config but that seems a bit awkward. Assuming the XML config has already taken effect and the modem has booted configured in the correct per-modem state we see the correct IPv4 address on its LAN-facing i/f. We do have say interface br0 showing the expected IPv4 address. Is i/f br0 the right one to choose to inspect ?
Anyway, I could get the modem number out of the IPv4 address - I could attack it with sed? Tips would be appreciated as it’s a long time since I looked at this, but regexes are my daily pleasure on the iPad. Deriving the modem n value and then injecting it into the script to specify the name servers, that would make the script per-modem-independent, so much less faffing about and no longer error-prone. The basic problem is to transform 192\.168\.n\.1 or even 192\.168\.n\..* into 192\.168\.n\.254, as simply as that. I’m thinking grep alone might do it, rather that sed, but I’m not sure which approach would win the beauty contest.
5. A bash tip appreciated again. I am thinking that I should not write over the entirety of the content of the boot-cmds.sh script here. If somewhere down the line, I end up having various unrelated functions invoked in the custom boot script, then these functions’ respective installers or updaters should certainly not stomp over and overwrite each other on installation in the boot-cmds.sh file. What I’m thinking of is to always have calls to a separate script from the main boot-cmds file. The separate script will have a meaningful name such as johnson-custom-boot—set-dns.sh. What I should be doing is to detect that line that contains a call, and if it’s not found, then insert it, being careful not to add or append an initialisation call twice so we’re making multiple calls to install the same thing. Is this another larger job for sed? If so, could do with some help.
6. Would be nice to somehow have a choice of insertion point in the main custom boot script. It’s not necessarily good enough to just always append everything as I can foresee circumstances where there might need to be a certain ordering because of dependencies. For example in this particular case later calls might need the availability of DNS which only comes into being after this insertion point in the overall main script, so always appending the DNS setup thing would not be at all clever. I don’t know how to specify this. Perhaps define it by dependencies, so ‘before-xx’ and ‘after-xx’ ?
7. SSH. It just fails completely. I just get as far as some incomprehensible message about certs or something when I SSH-connect to a modem from my iPad. The username and password are correct; the password is pasted in from a password-store in the terminal program, so it’s not being mistyped. That username+password works at a normal shell login prompt after a telnet connect. I’m using the app ‘Prompt’ on my iPad to access the modem. Anyway, straight after the incomprehensible message, the CLI process on the iPad just crashes and disappears. BANG! All the modems do it, and it’s 100% reproducible. It would be so incredibly useful if I could get SSH going. This is because I’ve been cobbling together iPad programs using the iOS Shortcuts framework and that has library functions to perform operations over SSH but not Telnet. But at the moment it’s all telnet-only for me.
8. SAMBA? Having said it’s a minimal installation, this Linux build has some rich components still left in it. I see SAMBA. That might be incredibly useful if I can get IPv6 installed properly, as I can easily have real IPv6 addresses both link-local and global/routable but I would be grateful for some IPv6 installation-related Linux tips and then the SMB server config might hopefully not be too bad? That might be great to help in installation work.
9. Would it be a nightmare getting other basic communications services going? Bonjour/Avahi/mDNS would require a new build perhaps with the help of my good friend Mr Johnson, who has already done so much. I wonder how much of a pain it would be to get SMTP going? It would be a lot easier to get something such as that going over IPv6 as there there is no problem arising from the RFC1918 addressing, and as mentioned before, there’s nothing in the way of getting real IPv6 addresses going as needed. I can also see what looks certain to be TFTP services in this Linux build.
10. Other kinds of notification services? Having the modems send you a message when something bad happens, or something inserting happens, that could be very useful indeed. What other facilities in this area could there be found in a modest Linux installation such as this?
I believe Alex is fond of SNMP? Not something that I have ever got my head around.
Anyway, tips, guidance, reading matter, all appreciated, Especially a bit of hand-holding, as my brain has turned to mush just now.