API tools faq
paste
Advertisement
RingtailedFox

RingtailedFox's Guide on How To Install CJDNS on OpenWRT

RingtailedFox
May 12th, 2024 (edited)
182
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.49 KB | None | 0 0
raw download clone embed print report
  1. RingtailedFox's Guide on How to configure CJDNS on OpenWRT 23.x and above:
  2.  
  3. Tested on a Netgear R7800 / IPQ806x / ARM Cortex A15 Neon VFPV4 / ARMv7! Contact the author at <slycooper1986@yahoo.ca> for assistance with other architectures!
  4.  
  5. Step 1: DO NOT USE THE OPENWRT .ipk FILE! IT SEGFAULTS! And since luci-app-cjdns requires that, it's mostly useless too!
  6.  
  7. Step 2: grab https://dl-cdn.alpinelinux.org/alpine/latest-stable/community/armv7/cjdns-22-r4.apk instead!!!
  8.  
  9. Step 3: Extract on your computer.
  10.  
  11. Step 4: open the extracted folder and navigate to ./usr/sbin/ in the extracted folder. You should see files like cjdroute and testcjdroute, among others. Upload cjdroute to /usr/sbin/ in your OpenWRT router.
  12.  
  13. Step 4a: I'd recommend symlinking /usr/bin/cjdroute to /usr/sbin/cjdroute so it's in your path.
  14.  
  15. Step 5: Open up your favourite SSH program (like Putty) and access /etc/. From there, run /usr/sbin/cjdroute --genconf > /etc/cjdroute.conf so you end up with /etc/cjdroute.conf
  16.  
  17. Step 6: Open /etc/cjdroute.conf in a text editor and scroll down to the following section ending at line 102:
  18.  
  19. // Nodes to connect to (IPv4 only).
  20. "connectTo": {
  21. // Add connection credentials here to join the network
  22. // If you have several, don't forget the separating commas
  23. // They should look like:
  24. // "ipv4 address:port": {
  25. // "login": "(optional) name your peer has for you"
  26. // "password": "password to connect with",
  27. // "publicKey": "remote node key.k",
  28. // "peerName": "(optional) human-readable name for peer"
  29. // },
  30. // Ask somebody who is already connected.
  31.  
  32.  
  33. Step 7: Add these following lines:
  34.  
  35. "170.75.163.51:9202": {
  36. "login": "public",
  37. "password" : "public",
  38. "publicKey": "2v6dt6f841hzhq2wsqwt263w2dswkt6fz82vcyxqptk88mtp8y50.k",
  39. "notes" : "vps.cjdns.ca ircerr 100mb 2TB lunanode"
  40. },
  41. "170.75.162.17:9202": {
  42. "login": "public",
  43. "password" : "public",
  44. "publicKey": "tcbvl7zf6d8127d1phgq1t01jqdtug7qwmfcg97lcstt22ct7jg0.k",
  45. "notes" : "vps.ircerr.ca ircerr 100mb 2TB lunanode"
  46. },
  47. "145.239.86.218:49480": {
  48. "login": "public",
  49. "password": "zczihnhzwferfjjwviwvqtuv",
  50. "peerName": "akn01",
  51. "publicKey": "vgfb790mldbdzjlf4kkgqd4ux6r9zqv8b4k7ljds4dh7gpvgjx30.k"
  52. },
  53. "95.216.159.63:12786": {
  54. "login": "default-login",
  55. "password": "l0fgl9qkujmw6rh22w6knbwcc7x4t64",
  56. "publicKey": "ppxv6z0dunqsnv9n4qnw9vjzg1yr2w82hxhk6mx82vlkcc7vmhg0.k",
  57. "peerName": "akn02"
  58. },
  59. "51.195.222.58:34056": {
  60. "login": "public",
  61. "password": "jwgvrfnpgsidbubsdfyxdgys",
  62. "peerName": "akn03",
  63. "publicKey": "bbpvzftn4plvhjtrct2uq39x9t0j13mfgn4fvtx5fmktprur02c0.k"
  64. }
  65.  
  66.  
  67. Step 8: Check to make sure they are directly above this section:
  68.  
  69.  
  70.  
  71. }
  72. },
  73. {
  74. // Bind to this port.
  75. "bind": "[::]:24619",
  76. // Set the DSCP value for Qos. Default is 0.
  77. // "dscp": 46,
  78.  
  79. Step 9: attempt to run /usr/sbin/cjdroute < /etc/cjdroute.conf via SSH.
  80.  
  81. If all is well, you should see a line at the end saying "Cjdns started in the background".
  82.  
  83.  
  84. Step 10: Open up LuCI on your router in your web browser and go to
  85.  
  86. Network -> Interfaces.
  87.  
  88. Step 11: Click [Add new interface] towards the bottom. A new interface window will pop up. This new interface will be an Unmanaged Protocol. its Device will be "tun0". You can name it whatever you'd like, such as "cjdns". After this, click [Create interface].
  89.  
  90. Step 12: click on "Firewall Settings" tab within that interface configuration window. Create a new zone labelled CJDNS., then click [Save]. On the main Interfaces page, click [Save & Apply] to immediately apply these changes.
  91.  
  92. Step 13: Edit the CJDNS interface but this time, go to Firewall Settings and Add it to your WAN firewall-zone. Then, click [Save]. On the main Interfaces page, click [Save & Apply] to immediately apply these changes.
  93.  
  94. Step 14: go to Network -> Firewall then select NAT Rules. Click on [Add].
  95.  
  96. Step 15: Type in the following:
  97.  
  98. Name: CJDNS (or whatever you want to call this)
  99. Restrict to address family: IPv6 only
  100. Protocol: Any
  101. Outbuond Zone: Any
  102. Source Address: any
  103. Destination address: Scroll down to where you see a text box with -- custom -- in it. Click that and write fc00::/8
  104. Action: MASQUERADE
  105.  
  106.  
  107.  
  108. Step 16: Click on the Advanced Settings tab to make sure Outbound Device says "tun0". Then click [Save & Apply]. If you see the page complaining about invalid fields, don't worry. this should be fine. It's just whining that you're masquerading an internet address range to a LAN address range. So as said before, when you're ready, click [Save & Apply].
  109.  
  110. Step 17: Check in Netework -> Firewall Zone Settings that you have the following:
  111. LAN -> WAN (Input: Accept, Output: Accept, Forward: Accept, Masquerading un-checked)
  112. WAN -> Reject (Input: Reject, Output: Accept, Forward: Reject, Masquerading is CHECKED)
  113. CJDNS -> Reject (Input: Accept, Output: Accept, Forward: Reject, Masquerading is un-checked)
  114. You may have additional interfaces configured in additon, but these are the ones you want to look for.
  115.  
  116. Step 18: back in SSH, go to /etc/ and type this command to restart DNSMasq and cjdroute, and have cjdroute pull its configuration from /etc/cjdroute.conf:
  117.  
  118. /etc/init.d/dnsmasq restart && killall cjdroute && /usr/sbin/cjdroute < /etc/cjdroute.conf
  119.  
  120. Step 19: attempt to ping or curl a website from both your router and your downstream machines (laptop, desktop, whatever) via this command in SSH/Command Prompt/Terminal:
  121.  
  122. curl "http://[fc59:6076:6299:6776:c13d:fbb2:1226:ead0]/" --noproxy fc59:6076:6299:6776:c13d:fbb2:1226:ead0
  123.  
  124. Just remember that after each reset, you'll have to run /usr/sbin/cjdroute < /etc/cjdroute.conf or... you could add that line to /etc/rc.local on a seperate line ABOVE/BEFORE "exit 0" so that file looks something like:
  125.  
  126.  
  127. # Put your custom commands here that should be executed once
  128. # the system init finished. By default this file does nothing.
  129.  
  130. /usr/bin/cjdroute < /etc/cjdroute.conf
  131.  
  132. exit 0
  133.  
  134. Now it should auto-start with your system right after initialization and network handshakes have completed!
  135.  
  136.  
  137.  
  138. Step 20: I dunno... celebrate or something? It took me and the guys at #cjdns on EFNet IRC several months to figure this stuff out!
Tags: DNS Linux networking OpenWRT Arm cjdns armv7 r7800 openwrt 23.05.3 mesh networking
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!