Proxmox over Bluetooth

With Proxmox latest version 8.4.1 which has WiFi 7 / Bluetooth 5.4 support. A Intel® Wi-Fi 7 BE200 network adapter https://www.intel.com/content/www/us/en/products/sku/230078/intel-wifi-7-be200/specifications.html is in action.

On Proxmox host, USB devices:

1
2
3
4
5
6
7
8
root@mini:~# lsusb
Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 006: ID 8087:0036 Intel Corp.
Bus 003 Device 003: ID 0461:4e04 Primax Electronics, Ltd Lenovo Keyboard KB1021
Bus 003 Device 002: ID 17ef:600e Lenovo Optical Mouse
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

Proxmox Bluetooth - USB mapping

Proxmox Bluetooth - Resource Mappings

Proxmox Bluetooth - USB Device

Proxmox Bluetooth - Add Device

Proxmox over Wireless

With Proxmox latest version 8.4.1 which has WiFi 7 support. A Intel® Wi-Fi 7 BE200 network adapter https://www.intel.com/content/www/us/en/products/sku/230078/intel-wifi-7-be200/specifications.html is in action.

Setup wireless network as main network for Proxmox. TP-Link Deco BE85/BE95 Mesh WiFi 7 System as the Access Point, with DHCP enabled for the clients.

On Proxmox host, PCI devices:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
root@mini:~# lspci
00:00.0 Host bridge: Intel Corporation Device 4617
00:02.0 VGA compatible controller: Intel Corporation Alder Lake-N [UHD Graphics]
...
00:02.7 VGA compatible controller: Intel Corporation Alder Lake-N [UHD Graphics]
00:0d.0 USB controller: Intel Corporation Alder Lake-N Thunderbolt 4 USB Controller
00:14.0 USB controller: Intel Corporation Alder Lake-N PCH USB 3.2 xHCI Host Controller
00:14.2 RAM memory: Intel Corporation Alder Lake-N PCH Shared SRAM
00:16.0 Communication controller: Intel Corporation Alder Lake-N PCH HECI Controller
00:17.0 SATA controller: Intel Corporation Alder Lake-N SATA AHCI Controller
00:1c.0 PCI bridge: Intel Corporation Alder Lake-N PCI Express Root Port
00:1c.6 PCI bridge: Intel Corporation Alder Lake-N PCI Express Root Port
00:1d.0 PCI bridge: Intel Corporation Alder Lake-N PCI Express Root Port
00:1d.1 PCI bridge: Intel Corporation Alder Lake-N PCI Express Root Port
00:1d.3 PCI bridge: Intel Corporation Alder Lake-N PCI Express Root Port
00:1f.0 ISA bridge: Intel Corporation Alder Lake-N PCH eSPI Controller
00:1f.3 Multimedia audio controller: Intel Corporation Alder Lake-N PCH High Definition Audio Controller
00:1f.4 SMBus: Intel Corporation Alder Lake-N SMBus
00:1f.5 Serial bus controller: Intel Corporation Alder Lake-N SPI (flash) Controller
01:00.0 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01)
01:00.1 Ethernet controller: Intel Corporation 82599ES 10-Gigabit SFI/SFP+ Network Connection (rev 01)
01:10.0 Ethernet controller: Intel Corporation 82599 Ethernet Controller Virtual Function (rev 01)
...
01:10.7 Ethernet controller: Intel Corporation 82599 Ethernet Controller Virtual Function (rev 01)
01:11.0 Ethernet controller: Intel Corporation 82599 Ethernet Controller Virtual Function (rev 01)
...
01:11.7 Ethernet controller: Intel Corporation 82599 Ethernet Controller Virtual Function (rev 01)
02:00.0 Ethernet controller: Intel Corporation Ethernet Controller I226-V (rev 04)
03:00.0 Ethernet controller: Intel Corporation Ethernet Controller I226-V (rev 04)
04:00.0 Network controller: Intel Corporation Wi-Fi 7(802.11be) AX1775*/AX1790*/BE20*/BE401/BE1750* 2x2 (rev 1a)
05:00.0 Non-Volatile memory controller: Micron/Crucial Technology T500 NVMe PCIe SSD (rev 01)

network interfaces:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
root@mini:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback

iface enp2s0 inet manual
iface enp3s0 inet manual

iface enp1s0f0 inet manual
iface enp1s0f1 inet manual

iface enp1s0f0v0 inet manual
...
iface enp1s0f0v7 inet manual

iface enp1s0f1v0 inet manual
...
iface enp1s0f1v7 inet manual

auto wlp4s0f0
iface wlp4s0f0 inet dhcp
wpa-ssid "igloo studio"
wpa-psk "igloo studio password"

auto vmbr0
iface vmbr0 inet static
address 10.0.1.1/24
bridge-ports none
bridge-stp off
bridge-fd 0

# Enable IP forwarding
post-up echo 1 > /proc/sys/net/ipv4/ip_forward

# Allow all forwarding from VM network to WAN
post-up iptables -A FORWARD -i vmbr0 -o wlp4s0f0 -j ACCEPT
post-down iptables -D FORWARD -i vmbr0 -o wlp4s0f0 -j ACCEPT

# Single NAT rule for all traffic
post-up iptables -t nat -A POSTROUTING -s '10.0.1.0/24' -o wlp4s0f0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.0.1.0/24' -o wlp4s0f0 -j MASQUERADE

auto vmbr1
iface vmbr1 inet manual
bridge-ports enp1s0f0
bridge-stp off
bridge-fd 0

auto vmbr2
iface vmbr2 inet manual
bridge-ports enp1s0f1
bridge-stp off
bridge-fd 0

source /etc/network/interfaces.d/*

dnsmasq for VMs’ DNS and DHCP management:

1
2
3
4
5
6
7
8
9
10
11
12
13
root@mini:~# cat /etc/dnsmasq.conf
...
## Proxmox
# Hosts dnsmasq on vmbr0
interface=vmbr0

# The IP-address range that should be used for the clients (virtual machines/containers):
# dhcp-range=first_available_ip, last_available_ip, net_mask, lease_time (<number>h)
dhcp-range=10.0.1.100, 10.0.1.200, 255.255.255.0, 12h

# Just making sure dnsmasq knows the routers IP-address
# dhcp-option=3,vmbr0_ip
dhcp-option=3,10.0.1.1

Proxmox host allocated wireless IP e.g. 192.168.68.58. Set this IP in /etc/hosts:

1
2
3
4
5
6
7
8
9
10
11
12
root@mini:~# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.68.58 mini.local mini

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

then access Proxmox web UI via URL https://192.168.68.58:8006.

Reboot Proxmox host:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
root@mini:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: enp2s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether a8:b8:e0:05:96:4f brd ff:ff:ff:ff:ff:ff
3: enp3s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether a8:b8:e0:05:96:50 brd ff:ff:ff:ff:ff:ff
4: enp1s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr1 state UP group default qlen 1000
link/ether a8:b8:e0:05:96:4d brd ff:ff:ff:ff:ff:ff
5: enp1s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr2 state UP group default qlen 1000
link/ether a8:b8:e0:05:96:4e brd ff:ff:ff:ff:ff:ff
7: enp1s0f0v1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether de:11:ed:5f:a6:d5 brd ff:ff:ff:ff:ff:ff
...
13: enp1s0f0v7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 3e:45:70:0c:fd:98 brd ff:ff:ff:ff:ff:ff
14: enp1s0f1v0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 06:72:73:c2:7a:fc brd ff:ff:ff:ff:ff:ff
...
21: enp1s0f1v7: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 6a:06:68:af:7a:dc brd ff:ff:ff:ff:ff:ff
22: wlp4s0f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether e0:8f:4c:b2:58:95 brd ff:ff:ff:ff:ff:ff
inet 192.168.68.58/22 brd 192.168.71.255 scope global dynamic wlp4s0f0
valid_lft 3800sec preferred_lft 3800sec
inet6 fda5:9d5d:ff57:10:e28f:4cff:feb2:5895/64 scope global dynamic mngtmpaddr
valid_lft forever preferred_lft forever
inet6 2403:5802:8c44:10:e28f:4cff:feb2:5895/64 scope global dynamic mngtmpaddr
valid_lft 5371sec preferred_lft 1768sec
inet6 fe80::e28f:4cff:feb2:5895/64 scope link
valid_lft forever preferred_lft forever
23: vmbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 10.0.1.1/24 scope global vmbr0
valid_lft forever preferred_lft forever
inet6 fe80::643d:cdff:fe59:f79/64 scope link
valid_lft forever preferred_lft forever
24: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a8:b8:e0:05:96:4d brd ff:ff:ff:ff:ff:ff
inet6 fda5:9d5d:ff57:10:aab8:e0ff:fe05:964d/64 scope global dynamic mngtmpaddr
valid_lft forever preferred_lft forever
inet6 2403:5802:8c44:10:aab8:e0ff:fe05:964d/64 scope global dynamic mngtmpaddr
valid_lft 5372sec preferred_lft 1768sec
inet6 fe80::aab8:e0ff:fe05:964d/64 scope link
valid_lft forever preferred_lft forever
25: vmbr2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a8:b8:e0:05:96:4e brd ff:ff:ff:ff:ff:ff
inet6 fda5:9d5d:ff57:10:aab8:e0ff:fe05:964e/64 scope global dynamic mngtmpaddr
valid_lft forever preferred_lft forever
inet6 2403:5802:8c44:10:aab8:e0ff:fe05:964e/64 scope global dynamic mngtmpaddr
valid_lft 5372sec preferred_lft 1768sec
inet6 fe80::aab8:e0ff:fe05:964e/64 scope link
valid_lft forever preferred_lft forever

Proxmox Network settings:

Proxmox Wireless - Network

Linux/Ubuntu VM in Proxmox:

Proxmox Wireless - Ubuntu VM

Windows VM in Proxmox:

Proxmox Wireless - Windows VM

Windows VM in Proxmox‘s network:

Proxmox Wireless - Windows VM Network

References

Xray, X-UI, Reality protocol, Vision flow on Oracle Cloud

Oracle Cloud instance, which runs Oracle Linux:

1
2
3
4
$ ssh -i .ssh/id_rsa_ -l opc 19.214.86.113

$ sudo -i
[root@apocalypse ~]#

Install X-UI:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[root@apocalypse ~]# bash <(curl -Ls https://raw.githubusercontent.com/FranzKafkaYu/x-ui/master/install_en.sh)

...

2025-01-21 23:05:50 (100 MB/s) - ‘/usr/bin/x-ui’ saved [25637/25637]

Install/update finished need to modify panel settings out of security
are you continue,if you type n will skip this at this time[y/n]: y
please set up your username: admin
your username will be: admin
please set up your password: password
your password will be: password
please set up the panel port: 10080
your panel port is: 10080
initializing,wait some time here...
set username and password success
account name and password set down!
set port 10080 successpanel port set down!
x-ui v0.3.4.4 install finished,it is working now...

x-ui control menu usages:
----------------------------------------------
x-ui - Enter control menu
x-ui start - Start x-ui
x-ui stop - Stop x-ui
x-ui restart - Restart x-ui
x-ui status - Show x-ui status
x-ui enable - Enable x-ui on system startup
x-ui disable - Disable x-ui on system startup
x-ui log - Check x-ui logs
x-ui update - Update x-ui
x-ui install - Install x-ui
x-ui uninstall - Uninstall x-ui
x-ui geo - Update geo data
----------------------------------------------

Find the root path of X-UI:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[root@ip-237-45-6-183 ~]# x-ui

x-ui control menu
0. exit
————————————————
1. install x-ui
2. update x-ui
3. uninstall x-ui
————————————————
4. reset username
5. reset panel
6. reset panel port
7. check panel info
————————————————
8. start x-ui
9. stop x-ui
10. restart x-ui
11. check x-ui status
12. check x-ui logs
————————————————
13. enable x-ui on system startup
14. disable x-ui on system startup
————————————————
15. enable bbr
16. issuse certs
17. x-ui cron jobs

x-ui status: running
enable on system startup: yes
xray status: running

please input a legal number[0-16],input 7 for checking login info:7
[INF] 当前面板信息[current panel info]:
面板版本[version]: 0.3.4.4:20230717
用户名[username]: admin
密码[userpasswd]: password
监听端口[port]: 10080
根路径[rootPath]: /xui/

Add new Inbound:

X-UI - Oracle Cloud Inbound

Open X-UI panel port and VLESS port in Oracle Cloud firewall:

1
2
3
4
5
6
7
8
[root@apocalypse ~]# firewall-cmd --zone=public --permanent --add-port=10080/tcp
success

[root@apocalypse ~]# firewall-cmd --zone=public --permanent --add-port=32854/tcp
success

[root@apocalypse ~]# firewall-cmd --reload
success

Open X-UI panel port and VLESS port in Oracle Cloud Security List Ingress Rules:

X-UI - Oracle Cloud

References

Xray, X-UI, Reality protocol, Vision flow on Amazon Linux

AWS EC2 instance, which runs Amazon Linux:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ ssh -i .ssh/aws-free-tier.pem -l ec2-user ec2-203-129-56-97.ap-southeast-2.compute.amazonaws.com
, #_
~\_ ####_ Amazon Linux 2023
~~ \_#####\
~~ \###|
~~ \#/ ___ https://aws.amazon.com/linux/amazon-linux-2023
~~ V~' '->
~~~ /
~~._. _/
_/ _/
_/m/'

$ sudo -i
[root@ip-237-45-6-183 ~]#

Install X-UI:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[root@ip-237-45-6-183 ~]# bash <(curl -Ls https://raw.githubusercontent.com/FranzKafkaYu/x-ui/master/install_en.sh)

...

2025-01-21 23:05:50 (100 MB/s) - ‘/usr/bin/x-ui’ saved [25637/25637]

Install/update finished need to modify panel settings out of security
are you continue,if you type n will skip this at this time[y/n]: y
please set up your username: admin
your username will be: admin
please set up your password: password
your password will be: password
please set up the panel port: 10080
your panel port is: 10080
initializing,wait some time here...
set username and password success
account name and password set down!
set port 10080 successpanel port set down!
x-ui v0.3.4.4 install finished,it is working now...

x-ui control menu usages:
----------------------------------------------
x-ui - Enter control menu
x-ui start - Start x-ui
x-ui stop - Stop x-ui
x-ui restart - Restart x-ui
x-ui status - Show x-ui status
x-ui enable - Enable x-ui on system startup
x-ui disable - Disable x-ui on system startup
x-ui log - Check x-ui logs
x-ui update - Update x-ui
x-ui install - Install x-ui
x-ui uninstall - Uninstall x-ui
x-ui geo - Update geo data
----------------------------------------------

Change AWS security group, and open EC2 instance port 10080 to admin user’s IP address only.

Find the root path of X-UI:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[root@ip-237-45-6-183 ~]# x-ui

x-ui control menu
0. exit
————————————————
1. install x-ui
2. update x-ui
3. uninstall x-ui
————————————————
4. reset username
5. reset panel
6. reset panel port
7. check panel info
————————————————
8. start x-ui
9. stop x-ui
10. restart x-ui
11. check x-ui status
12. check x-ui logs
————————————————
13. enable x-ui on system startup
14. disable x-ui on system startup
————————————————
15. enable bbr
16. issuse certs
17. x-ui cron jobs

x-ui status: running
enable on system startup: yes
xray status: running

please input a legal number[0-16],input 7 for checking login info:7
[INF] 当前面板信息[current panel info]:
面板版本[version]: 0.3.4.4:20230717
用户名[username]: admin
密码[userpasswd]: password
监听端口[port]: 10080
根路径[rootPath]: /WMa7/

In Firefox, go to http://203.129.56.97:10080/WMa7/ and login as admin user:

X-UI - Login

X-UI - Panel

Switch to the latest version Xray e.g. v24.12.31:

X-UI - Xray

Add new Inbound:

X-UI - Inbound

Open up port 32609 to the world 0.0.0.0/0 in AWS security group.

Copy inbound QR link:

X-UI - QR

X-UI - QR Link

and paste to Xray Windows client e.g. v2rayN:

X-UI - v2rayN

References

How to install and run Tailscale client on OpenWrt

Install Tailscale package iptables-nft and tailscale from OpenWrt console:

OpenWrt - Tailscale iptables-nft

OpenWrt - Tailscale

Enable and connect Tailscale service in OpenWrt:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
$ ssh -l root SenseWrt
root@SenseWrt's password:

BusyBox v1.36.1 (2024-12-03 11:41:08 UTC) built-in shell (ash)

_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 24.10.0-rc2, r28161-ea17e958b9
-----------------------------------------------------

root@SenseWrt:~# tailscale up --netfilter-mode=off --advertise-routes=192.168.88.0/24 --accept-routes
Warning: netfilter=off; configure iptables yourself.
Warning: UDP GRO forwarding is suboptimally configured on eth1, UDP forwarding throughput capability will increase with a configuration change.
See https://tailscale.com/s/ethtool-config-udp-gro

To authenticate, visit:

https://login.tailscale.com/a/98c452901c4ba

Success.

NOTE: 192.168.88.0/24 is the ip range of local network setup in OpenWrt.

Disable key expiry for OpenWrt machine in Tailscale console, then enable all OpenWrt clients access Tailscale network:

OpenWrt - Tailscale Machines

Now add Tailscale virtual network as a new interface in OpenWrt:

OpenWrt - Tailscale Network Interface

Create firewall for Tailscale virtual network interface in OpenWrt:

OpenWrt - Tailscale Firewall

Configure firewall for Tailscale virtual network interface in OpenWrt:

OpenWrt - Tailscale Firewall General Settings

NOTE: opt network is for the downstream DHCP clients.

References

  • 韩风 Talk - Tailscale 玩法之内网穿透、异地组网、全隧道模式、纯 IP 的双栈 DERP 搭建、Headscale 协调服务器搭建,用一期搞定,看一看不亏吧?https://www.youtube.com/watch?v=mgDpJX3oNvI

How to install and run ZeroTier client on OpenWrt

Install ZeroTier package zerotier from OpenWrt console:

OpenWrt - ZeroTier

Enable ZeroTier service in OpenWrt:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
$ ssh -l root SenseWrt
root@SenseWrt's password:

BusyBox v1.36.1 (2024-12-03 11:41:08 UTC) built-in shell (ash)

_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 24.10.0-rc2, r28161-ea17e958b9
-----------------------------------------------------

root@SenseWrt:~# cat /etc/config/zerotier

config zerotier 'global'
# Sets whether ZeroTier is enabled or not
option enabled 1
# Sets the ZeroTier listening port (default 9993; set to 0 for random)
#option port '9993'
# Client secret (leave blank to generate a secret on first run)
option secret ''
# Path of the optional file local.conf (see documentation at
# https://docs.zerotier.com/config#local-configuration-options)
#option local_conf_path '/etc/zerotier.conf'
# Persistent configuration directory (to perform other configurations such
# as controller mode or moons, etc.)
#option config_path '/etc/zerotier'
# Copy the contents of the persistent configuration directory to memory
# instead of linking it, this avoids writing to flash
#option copy_config_path '1'

# Network configuration, you can have as many configurations as networks you
# want to join (the network name is optional)
config network 'earth'
# Identifier of the network you wish to join
option id '8ca917257083e297'
# Network configuration parameters (all are optional, if not indicated the
# default values are set, see documentation at
# https://docs.zerotier.com/config/#network-specific-configuration)
option allow_managed '1'
option allow_global '0'
option allow_default '0'
option allow_dns '0'

# Example of a second network (unnamed as it is optional)
#config network
# option id '1234567890123456'
# option allow_managed '1'
# option allow_global '0'
# option allow_default '0'
# option allow_dns '0'

Restart ZeroTier service:

1
2
$ root@SenseWrt:~# /etc/init.d/zerotier restart
Generating secret - please wait... done.

Verify ZeroTier client status, which ztks555nye is the virtual network interface created on OpenWrt:

1
2
3
root@SenseWrt:~# zerotier-cli listnetworks
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 8ca917257083e297 igloo.studio 9a:09:7b:41:3d:26 OK PRIVATE ztks555nye 192.168.196.176/24

Enable and authorise the new ZeroTier client OpenWrt in https://my.zerotier.com/.

Now add ZeroTier virtual network as a new interface in OpenWrt:

OpenWrt - ZeroTier Network Interface

Create firewall for ZeroTier virtual network interface in OpenWrt:

OpenWrt - ZeroTier Firewall

Configure firewall for ZeroTier virtual network interface in OpenWrt:

OpenWrt - ZeroTier Firewall General Settings

NOTE: opt network is for the downstream DHCP clients.

Add Allow-ZeroTier firewall rule:

OpenWrt - ZeroTier Firewall Rule

Restart ZeroTier service again:

1
2
$ root@SenseWrt:~# /etc/init.d/zerotier restart
Generating secret - please wait... done.

Then all OpenWrt clients can access ZeroTier network now.

References

Connecting OpenWRT to internet

OpenWRT is running on Proxmox. Now setting up it to connect internet.

Add new network interface OPT on eth2 adapter:

OpenWRT - OPT Interface

OpenWRT - OPT Advanced Settings

OpenWRT - OPT Firewall Settings

OpenWRT - OPT DHCP Server General Setup

OpenWRT - OPT DHCP Server Advanced Settings

OpenWRT - OPT DHCP Server IPv6 Settings

OpenWRT - OPT DHCP Server IPv6 RA Settings

OpenWRT - OPT

Add a new Firewall Zone, from network opt to wan:

OpenWRT - Firewall Zone General Settings

OpenWRT - Firewall Zone Advanced Settings

OpenWRT - Firewall Zone Conntrack Settings

OpenWRT - Firewall Zone

Add a new Firewall Traffic Rule for network opt:

OpenWRT - Firewall Traffic Rule General Settings

OpenWRT - Firewall Traffic Rule Advanced Settings

OpenWRT - Firewall Traffic Rule Time Restrictions

OpenWRT - Firewall Traffic Rule

Setup DHCP clients’ static IP addresses:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
$ ssh -l root 192.168.2.1
root@192.168.2.1's password:

BusyBox v1.36.1 (2024-09-23 12:34:46 UTC) built-in shell (ash)

_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 23.05.5, r24106-10cc5fcd00
-----------------------------------------------------

root@OpenWRT:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/local/'
option domain 'local'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
...
config host
option name 'TL-SX3016F'
option ip '192.168.2.100'
option mac '3C:52:A1:47:23:5D'

config host
option name 'MikroTik'
option ip '192.168.2.110'
option mac '78:9A:18:D0:20:ED'

config domain
option name 'TL-SX3016F'
option ip '192.168.2.100'

config domain
option name 'MikroTik'
option ip '192.168.2.110'

OpenWRT - DHCP and DNS

Running OpenWRT on Proxmox

  • Create OpenWRT VM in Proxmox

OpenWRT - VM General

OpenWRT - VM OS

OpenWRT - VM System

OpenWRT - VM Disks

OpenWRT - VM CPU

OpenWRT - VM Memory

OpenWRT - VM Network

This is the LAN, and Firewall is DISABLED.

OpenWRT - VM Confirm

Add WAN into VM, and Firewall is DISABLED.

Detach and delete current Hard Disk.

From Proxmox Console, download the latest OpenWRT image:

1
2
3
4
5
6
7
8
9
10
root@sense:~# wget https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/openwrt-23.05.5-x86-64-generic-ext4-combined.img.gz
--2024-12-03 12:20:33-- https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/openwrt-23.05.5-x86-64-generic-ext4-combined.img.gz
Resolving downloads.openwrt.org (downloads.openwrt.org)... 2a04:4e42:13::644, 151.101.82.132
Connecting to downloads.openwrt.org (downloads.openwrt.org)|2a04:4e42:13::644|:443... failed: No route to host.
Connecting to downloads.openwrt.org (downloads.openwrt.org)|151.101.82.132|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 11352149 (11M) [application/octet-stream]
Saving to: ‘openwrt-23.05.5-x86-64-generic-ext4-combined.img.gz’

openwrt-23.05.5-x86-64-generic-ext4-combined.img.gz 100%[===================================================>] 10.83M --.-KB/s in 0.1s

Create disk image for VM:

1
2
3
4
5
6
7
root@sense:~# gunzip openwrt-23.05.5-x86-64-generic-ext4-combined.img.gz

root@sense:~# mv openwrt-23.05.5-x86-64-generic-ext4-combined.img openwrt.raw

# increase the raw disk
root@sense:~# qemu-img resize -f raw ./openwrt.raw 1024M
Image resized.

Convert OpenWRT image to VM disk:

1
2
3
4
5
6
7
8
9
# import the raw disk to OpenWRT VM
root@sense:~# qm importdisk 104 openwrt.raw local-lvm
Use of uninitialized value $dev in hash element at /usr/share/perl5/PVE/QemuServer/Drive.pm line 555.
importing disk 'openwrt.raw' to VM 104 ...
Logical volume "vm-104-disk-0" created.
transferred 0.0 B of 1.0 GiB (0.00%)
...
transferred 1.0 GiB of 1.0 GiB (100.00%)
unused0: successfully imported disk 'local-lvm:vm-104-disk-0'

Double click the Unused Disk, then click the Add button:

OpenWRT - VM Unused Disk

OpenWRT - VM Hardware

OpenWRT - VM Boot Order

  • Configure OpenWRT

Start up VM; change the user root password; set LAN ip address temporarily to 192.168.2.3 (Default: 192.168.1.1):

OpenWRT - Console

Login OpenWRT at http://192.168.2.3/, via LAN port, and land on dashboard:

OpenWRT - Login

OpenWRT - Dashboard

  • Themes

SSH login:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
$ ssh -l root 192.168.2.3
The authenticity of host '192.168.2.3 (192.168.2.3)' can't be established.
ED25519 key fingerprint is SHA256:AggWAL1oU8+r1f84KoqpvcsYUylZOTfN0sXwHSby3b0.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.2.3' (ED25519) to the list of known hosts.
root@192.168.2.3's password:
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 23.05.5, r24106-10cc5fcd00
-----------------------------------------------------

BusyBox v1.36.1 (2024-09-23 12:34:46 UTC) built-in shell (ash)

OpenWRT packages configuration:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
root@OpenWrt:~# ls -al /etc/opkg
drwxr-xr-x 3 root root 4096 Dec 6 02:46 .
drwxr-xr-x 23 root root 4096 Dec 6 02:41 ..
-rw-r--r-- 1 root root 103 Sep 23 12:34 customfeeds.conf
-rw-r--r-- 1 root root 555 Dec 6 02:46 distfeeds.conf
drwxr-xr-x 2 root root 4096 Sep 23 12:34 keys

root@OpenWrt:~# ls -al /var/opkg-lists/
drwxr-xr-x 2 root root 320 Dec 6 03:15 .
drwxrwxrwt 17 root root 440 Dec 6 03:15 ..
-rw-r--r-- 1 root root 72705 Dec 6 03:15 openwrt_base
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_base.sig
-rw-r--r-- 1 root root 10039 Dec 6 03:15 openwrt_core
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_core.sig
-rw-r--r-- 1 root root 100416 Dec 6 03:15 openwrt_kmods
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_kmods.sig
-rw-r--r-- 1 root root 197242 Dec 6 03:15 openwrt_luci
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_luci.sig
-rw-r--r-- 1 root root 516243 Dec 6 03:15 openwrt_packages
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_packages.sig
-rw-r--r-- 1 root root 9918 Dec 6 03:15 openwrt_routing
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_routing.sig
-rw-r--r-- 1 root root 58240 Dec 6 03:15 openwrt_telephony
-rw-r--r-- 1 root root 142 Dec 6 03:15 openwrt_telephony.sig

There is some issue with IPv6 support in OpenWRT when download update. Errors thrown when wan connected to a IPv6 router:

1
2
3
4
5
6
7
8
9
10
11
12
13
root@OpenWrt:~# opkg update
Downloading https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/packages/Packages.gz
*** Failed to download the package list from https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/packages/Packages.gz
...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/telephony/Packages.gz
*** Failed to download the package list from https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/telephony/Packages.gz

Collected errors:
* opkg_download: Failed to download https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/packages/Packages.gz, wget returned 4.
* opkg_download: Check your network settings and connectivity.
...
* opkg_download: Failed to download https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/telephony/Packages.gz, wget returned 4.
* opkg_download: Check your network settings and connectivity.

Turn off IPv6 - navigate through OpenWRT UI, Network -> Interfaces, select Devices tab. For device br-lan click on Configure …, choose disabled option for Enable IPv6 in General device options tab.

1
2
3
4
5
6
7
8
9
10
root@OpenWRT:~# opkg update
Downloading https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_core
Downloading https://downloads.openwrt.org/releases/23.05.5/targets/x86/64/packages/Packages.sig
Signature check passed.
...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/telephony/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_telephony
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/telephony/Packages.sig
Signature check passed.

Install OpenWRT2020 Theme https://openwrt.org/docs/guide-user/luci/luci.themes:

1
2
3
4
root@OpenWRT:~# opkg install luci-theme-openwrt-2020
Installing luci-theme-openwrt-2020 (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-theme-openwrt-2020_git-24.332.79522-a493155_all.ipk
Configuring luci-theme-openwrt-2020.

Install Argon Theme https://github.com/jerrykuku/luci-theme-argon:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
root@OpenWRT:~# opkg install luci-compat
Installing luci-compat (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-compat_git-24.332.79522-a493155_all.ipk
Installing liblua5.1.5 (5.1.5-11) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/base/liblua5.1.5_5.1.5-11_x86_64.ipk
Installing lua (5.1.5-11) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/base/lua_5.1.5-11_x86_64.ipk
Installing luci-lib-nixio (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lib-nixio_git-24.332.79522-a493155_x86_64.ipk
Installing luci-lib-ip (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lib-ip_git-24.332.79522-a493155_x86_64.ipk
Installing luci-lib-jsonc (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lib-jsonc_git-24.332.79522-a493155_x86_64.ipk
Installing liblucihttp-lua (2023-03-15-9b5b683f-1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/liblucihttp-lua_2023-03-15-9b5b683f-1_x86_64.ipk
Installing luci-lib-base (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lib-base_git-24.332.79522-a493155_all.ipk
Installing libubus-lua (2023-06-05-f787c97b-1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/base/libubus-lua_2023-06-05-f787c97b-1_x86_64.ipk
Installing ucode-mod-lua (1) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/ucode-mod-lua_1_x86_64.ipk
Installing luci-lua-runtime (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lua-runtime_git-24.332.79522-a493155_x86_64.ipk
Configuring liblua5.1.5.
Configuring lua.
Configuring luci-lib-nixio.
Configuring luci-lib-ip.
Configuring luci-lib-jsonc.
Configuring liblucihttp-lua.
Configuring luci-lib-base.
Configuring libubus-lua.
Configuring ucode-mod-lua.
Configuring luci-lua-runtime.
Configuring luci-compat.

root@OpenWRT:~# opkg install luci-lib-ipkg
Installing luci-lib-ipkg (git-24.332.79522-a493155) to root...
Downloading https://downloads.openwrt.org/releases/23.05.5/packages/x86_64/luci/luci-lib-ipkg_git-24.332.79522-a493155_all.ipk
Configuring luci-lib-ipkg.

root@OpenWRT:~# wget --no-check-certificate -O luci-theme-argon.ipk https://github.com/jerrykuku/luci-theme-argon/releases/download/v2.3.1/luci-theme-argon_2.3.1_all.ipk
root@OpenWRT:~# wget --no-check-certificate -O luci-app-argon-config.ipk https://github.com/jerrykuku/luci-app-argon-config/releases/download/v0.9/luci-app-argon-config_0.9_all.ipk

There are ERRORS:

  • //usr/lib/opkg/info/luci-theme-argon.postinst: .: line 2: can’t open ‘/etc/uci-defaults/30_luci-theme-argon’: No such file or directory
  • //usr/lib/opkg/info/luci-app-argon-config.postinst: .: line 2: can’t open ‘/etc/uci-defaults/luci-argon-config’: No such file or directory

thrown when try to install these packages.

A workaround solution is modify /lib/functions.sh file, replace line 282 (OpenWrt version 23.05.5), or line 377 (OpenWrt version 24.10.0):

1
( [ -f "$i" ] && cd "$(dirname $i)" && . "$i" ) && rm -f "$i"

with:

1
( [ -f "$i" ] && cd "$(dirname $i)" && . "$i" ) && echo

temporarily. Then run installation:

1
2
3
4
5
6
7
root@OpenWRT:~# opkg install luci-theme-argon.ipk
Installing luci-theme-argon (2.3.1) to root...
Configuring luci-theme-argon.

root@OpenWRT:~# opkg install luci-app-argon-config.ipk
Installing luci-app-argon-config (0.9) to root...
Configuring luci-app-argon-config.
  • Upgrade

To upgrade all of the OpenWRT packages:

1
root@OpenWRT:~# opkg list-upgradable | cut -f 1 -d ' ' | xargs -r opkg upgrade

References

Fixing Multimedia Audio Controller driver missing issue in Windows 11

Error thrown while missing Multimedia Audio Driver driver in Device Manager in Windows 11:

Windows - Multimedia Audio Controller

when runs on an Intel i3 N305 Mini PC https://www.aliexpress.com/item/1005007278560105.html

Intel Network - Mini PC

Need this handy tool to find all the missing parts:

Windows - Driver Identifier

Driver Identifier, a digital assistant for your system’s hardware, can scan the device, identifies outdated or missing drivers, and provides a customized list of updates for your specific hardware:

Windows - Drivers

References