quentin/wpj428
2
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
wpj428/README.md

413 lines
13 KiB
Markdown
Raw Blame History

WPJ428 + SIMCOM 8202G
=====================
We try to build a FOSS 5GNR Router with OpenWRT.
Some challenges we have encountered so far:
- OpenWRT stable misses a patch to enable our board ethernet port -> we compile from source
- The Modem Manager simtech plugin does not declare 5GNR
## Flash OpenWRT from uboot
(Configure your computer with a static IP address 192.168.1.2/24 and make sure you have a running tftp server containing your image)
First connect your UART cable on the router:
![UART](img/uart.jpg)
Launch minicom
```
sudo minicom -D /dev/ttyUSB0
```
Then boot the router. Press repeatidly `[ENTER]` to get the following prompt:
```
(IPQ40xx) #
```
Then enter the following commands:
```
set ipaddr 192.168.1.1
set serverip 192.168.1.2
ping ${serverip}
sf probe
tftpboot 0x84000000 openwrt-ipq40xx-generic-compex_wpj428-squashfs-sysupgrade.bin
sf erase 0x00180000 +$filesize
sf write 0x84000000 0x00180000 $filesize
bootipq
```
## Compile
```
make menuconfig
scripts/diffconfig.sh > ../wpj428/config
make download
make -j $(nproc)
```
To inject a config file:
```bash
# Append changes to bottom of .config
cat config >> .config
# Apply changes
make defconfig
make download
make -j $(nproc)
```
## Flash OpenWRT from OpenWRT (!)
Copy the firmware in router's `/tmp`.
Why `/tmp`? Your router has more volatile storage than persistent one, moreover you will overwrite the persistent storage.
So, copy the firmware in `/tmp`!
Next, we will use the `sysupgrade` command. `-v` is verbose, `-n` ask openwrt to erase configuration files (ie. ask for a factory reset).
```
sysupgrade -v -n /tmp/openwrt-ipq40xx-generic-compex_wpj428-squashfs-sysupgrade.bin
```
## Get root on MimoAP
1. Download a backup from your router firmware
2. Extract it, edit `/etc/shadow`, replace the hash of the `root` user with the one from the `admin` user
3. Recompress the folder hierarchy
4. Import this new archive as backup in MimoAP
5. Run `ssh root@192.168.1.1` (replace with the IP address of your router) and use your `admin` password
6. Enjoy! (But you should really install a vanilla OpenWRT instead)
## Flash OpenWRT from Compex ROM (MimoAP)
*Not written*
## Flash MimoAP/OpenWRT with Compex tools on Uboot
*Not written*
## Using ModemManager
Wait for modems:
```
mmcli -M
```
Connect/Disconnect:
```
mmcli -m 0 --simple-connect="apn=free"
mmcli -m 0 --simple-disconnect
```
Set supported/preferred mode:
```
mmcli -m 0 --set-allowed-modes="3G|4G" --set-preferred-mode=4G
mmcli -m 0 --set-allowed-modes="5G"
```
Equivalent with `qmicli`:
```
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --nas-get-system-selection-preference
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --nas-set-system-selection-preference='5gnr|lte'
```
## QMICLI Connect
About our provider (Free Mobile), IPv4 is acquired through DHCP but IPv6 is statically provided.
### IPv6
```
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --wds-start-network="ip-type=6,apn=free" --client-no-release-cid
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --wds-get-current-settings
ip addr add 2a0d:e487:15f:f7f5:5c58:4e37:90c0:74d8/64 dev wwan0
ip route add default via 2a0d:e487:15f:f7f5:49ec:2e4a:ca1:5b20
echo -e "nameserver 2a0d:e480::1\nnameserver 2a0d:e480::2" > /etc/resolv.conf
```
### IPv4
```
qmicli --device=/dev/cdc-wdm0 --device-open-proxy --wds-start-network="ip-type=4,apn=free" --client-no-release-cid
udhcpc -q -f -n -i wwan0
```
## Unable to directly connect in 5GNR
Despite patching ModemManager simtech plugin, we get an error if we force 5GNR.
We typed:
```
mmcli -m 0 --set-allowed-modes="5G"
mmcli -m 0 --simple-disconnect
mmcli -m 0 --simple-connect="apn=free"
```
We got:
```
Fri Mar 19 23:57:22 2021 daemon.warn [2633]: <warn> [modem0] couldn't load operator code: Current operator MCC/MNC is still unknown
Fri Mar 19 23:57:22 2021 daemon.warn [2633]: <warn> [modem0] couldn't load operator name: Current operator description is still unknown
Fri Mar 19 23:57:48 2021 daemon.info [2633]: <info> [modem0] state changed (connected -> disconnecting)
Fri Mar 19 23:57:48 2021 daemon.info [2633]: <info> [modem0] state changed (disconnecting -> registered)
Fri Mar 19 23:57:48 2021 daemon.info [2633]: <info> [modem0/bearer1] connection #1 finished: duration 936s, tx: 79 bytes, rx :566 bytes
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] simple connect started...
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] simple connect state (4/8): wait to get fully enabled
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] simple connect state (5/8): register
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] simple connect state (6/8): bearer
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] simple connect state (7/8): connect
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] state changed (registered -> connecting)
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0/bearer1] couldn't start network: QMI protocol error (14): 'CallFailed'
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0/bearer1] call end reason (3): generic-no-service
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0/bearer1] verbose call end reason (3,2001): [cm] no-service
Fri Mar 19 23:57:57 2021 daemon.warn [2633]: <warn> [modem0/bearer1] connection attempt #2 failed: QMI protocol error (14): 'CallFailed'
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0] state changed (connecting -> registered)
Fri Mar 19 23:57:57 2021 daemon.info [2633]: <info> [modem0/bearer1] connection #2 finished: duration 0s, tx: 0 bytes, rx :0 bytes
```
And the new bearer contains:
```
root@OpenWrt:/# mmcli -b 1
----------------------------
General | path: /org/freedesktop/ModemManager1/Bearer/1
| type: default
----------------------------
Status | connected: no
| suspended: no
| ip timeout: 20
----------------------------
Properties | apn: free
| roaming: allowed
----------------------------
Statistics | attempts: 2
| attempts: 1
| total-duration: 936
| total-bytes rx: 566
| total-bytes tx: 79
```
Errors :
```
QMI protocol error (14): 'CallFailed'
```
```
call end reason (3): generic-no-service
verbose call end reason (3,2001): [cm] no-service
```
## Final Modem Configuration
### Generic
1. Set a password
2. Set a name: `parangon`
3. Set IP range: `192.168.0.254/24`
### ModemManager
We append the following to ModemManager:
```
config interface 'broadband'
option device '/sys/devices/platform/soc/60f8800.usb2/6000000.dwc3/xhci-hcd.1.auto/usb3/3-1'
option proto 'modemmanager'
option apn 'free'
option iptype 'ipv4v6'
```
Then we can start the interface with:
```
ifup broadband
```
Add our broadband interface to the WAN zone in the firewall.
Both IPv6 and IPv4 should work:
```
ping openwrt.org
ping -6 openwrt.org
```
### Configure Wireguard
On the router:
```bash
mkdir /tmp/x
cd /tmp/x
umask go=
wg genkey | tee wgclient.key | wg pubkey > wgclient.pub
wg genpsk > wgclient.psk
```
Add to `/etc/config/network`
```
config interface 'wg0'
option proto 'wireguard'
list addresses '192.168.2.3'
option private_key '???'
config wireguard_wg0
option public_key '???'
option description 'rayonx'
option persistent_keepalive '25'
option endpoint_port '51820'
list allowed_ips '192.168.2.0/24'
option route_allowed_ips '1'
option endpoint_host 'rayonx.machine.dufour.io'
```
Doc:
- https://openwrt.org/docs/guide-user/services/vpn/wireguard/basics
- https://openwrt.org/docs/guide-user/services/vpn/wireguard/client
### Configure SQM
*Not relevant now*
### Configure our DNS recursive resolver
We use LuCi to setup our recursive DNS
Go to Network -> DHCP and DNS -> Advanced Settings -> Set port 5353 for the DNS server
Go to Service -> Recursive DNS -> Unbound -> DHCP -> and select dnsmasq
Go to System -> Startup -> Start unbound
Check in Service -> Recursive DNS -> Files -> Show: Unbound -> at the end, forward-zone must be declared for you
Check with `netstat -tlpn` that unbound listens on port 53 and dnsmasq on port 5353.
Finally check with `dig +short @192.168.1.1 sci-hub.se` and `dig +short @192.168.1.1 parangon.lan` (this is the name of our router)
We use:
- http://kacangbawang.com/say-bye-to-providers-dns-servers-be-your-own-dns-resolver/
Related with OpenWRT:
- https://openwrt.org/docs/guide-user/services/dns/unbound
- https://openwrt.org/docs/guide-user/services/dns/dot\_unbound
- https://forum.openwrt.org/t/using-unbound-alongside-dnsmasq/50537
- https://gist.github.com/kevinoid/00656e6e4815e3ffe25dabe252e0f1e3
- https://kevinlocke.name/bits/2017/03/09/unbound-with-dnsmasq-on-openwrt/
- https://blog.josefsson.org/tag/openwrt/
- https://zhmail.com/2018/04/20/setting-up-a-dns-over-tls-forwarding-cache-on-openwrt-snapshot-r6693-or-later/
- https://www.dnssec-deployment.org/2012/03/a-validating-recursive-resolver-on-a-70-home-router/
- https://blog.grobox.de/2018/what-is-dns-privacy-and-how-to-set-it-up-for-openwrt/
Not related with OpenWRT:
- https://calomel.org/unbound_dns.html
- https://feeding.cloud.geek.nz/posts/setting-up-your-own-dnssec-aware/
Sites to test:
- sci-hub.se (`ping sci-hub.se` should not return `127.0.0.1`)
### Configure our adblocker
*Not yet written*
Test with Youtube on Android.
## Known Bugs
section\_id is not defined: https://forum.openwrt.org/t/updated-cant-fetch-latest-git-error-when-creating-interface-with-luci-section-id-is-not-defined/91836/3
## Logs
uboot logs:
```
Format: Log Type - Time(microsec) - Message - Optional Info
Log Type: B - Since Boot(Power On Reset), D - Delta, S - Statistic
S - QC_IMAGE_VERSION_STRING=BOOT.BF.3.1.1-00118
S - IMAGE_VARIANT_STRING=DAABANAZA
S - OEM_IMAGE_VERSION_STRING=CRM
S - Boot Config, 0x00000021
S - Reset status Config, 0x00000000
S - Core 0 Frequency, 0 MHz
B - 261 - PBL, Start
B - 1339 - bootable_media_detect_entry, Start
B - 1679 - bootable_media_detect_success, Start
B - 1693 - elf_loader_entry, Start
B - 5073 - auth_hash_seg_entry, Start
B - 7219 - auth_hash_seg_exit, Start
B - 577690 - elf_segs_hash_verify_entry, Start
B - 695375 - PBL, End
B - 695399 - SBL1, Start
B - 786439 - pm_device_init, Start
D - 7 - pm_device_init, Delta
B - 787885 - boot_flash_init, Start
D - 52818 - boot_flash_init, Delta
B - 844845 - boot_config_data_table_init, Start
D - 3835 - boot_config_data_table_init, Delta - (419 Bytes)
B - 852054 - clock_init, Start
D - 7575 - clock_init, Delta
B - 864102 - CDT version:2,Platform ID:8,Major ID:1,Minor ID:0,Subtype:0
B - 867516 - sbl1_ddr_set_params, Start
B - 872614 - cpr_init, Start
D - 2 - cpr_init, Delta
B - 876996 - Pre_DDR_clock_init, Start
D - 4 - Pre_DDR_clock_init, Delta
D - 13176 - sbl1_ddr_set_params, Delta
B - 890735 - pm_driver_init, Start
D - 2 - pm_driver_init, Delta
B - 960961 - sbl1_wait_for_ddr_training, Start
D - 28 - sbl1_wait_for_ddr_training, Delta
B - 976579 - Image Load, Start
D - 151978 - QSEE Image Loaded, Delta - (297240 Bytes)
B - 1128985 - Image Load, Start
D - 1447 - SEC Image Loaded, Delta - (2048 Bytes)
B - 1139420 - Image Load, Start
D - 211388 - APPSBL Image Loaded, Delta - (432219 Bytes)
B - 1351204 - QSEE Execution, Start
D - 60 - QSEE Execution, Delta
B - 1357421 - SBL1, End
D - 664130 - SBL1, Delta
S - Flash Throughput, 2007 KB/s (731926 Bytes, 364613 us)
S - DDR Frequency, 537 MHz
U-Boot 2012.07 [Chaos Calmer 15.05.1,r35193] (Jul 25 2017 - 11:36:26)
smem ram ptable found: ver: 1 len: 3
DRAM: 256 MiB
machid : 0x8010000
NAND: SF: Detected MX25L25635E with page size 4 KiB, total 32 MiB
ipq_spi: page_size: 0x100, sector_size: 0x1000, size: 0x2000000
32 MiB
MMC:
*** Warning - bad CRC, using default environment
In: serial
Out: serial
Err: serial
machid: 8010000
flash_type: 0
Hit any key to stop autoboot: 0
Net: MAC0 addr:4:f0:21:65:18:12
PHY ID1: 0x4d
PHY ID2: 0xd0b1
ipq40xx_ess_sw_init done
eth0
```
## Sources
- [All the commits in OpenWRT about the WPJ428](https://git.openwrt.org/?p=openwrt%2Fopenwrt.git&a=search&h=HEAD&st=commit&s=WPJ428)
- https://openwrt.org/docs/guide-developer/build-system/use-buildsystem
- https://damow.net/5g-home-broadband/
- https://techship.com/faq/how-to-step-by-step-set-up-a-data-connection-over-qmi-interface-using-qmicli-and-in-kernel-driver-qmi-wwan-in-linux/
- [No 5GNR, many qmicli commands to help debug and compare!](https://forums.quectel.com/t/rm500q-gl-not-working/6594)
- https://forum.sierrawireless.com/t/mc7354-got-qmi-error-callfailed-when-starting-network/9053
- https://community.autopi.io/t/error-when-starting-qmi-connection/2338
- https://lists.freedesktop.org/archives/libqmi-devel/2018-January/002707.html
Reference in a new issue View git blame Copy permalink