kibble.bongo.zone
My OpenBSD gateway configuration, connected to NYCMesh. Intended as a how-to guide, in case I ever break this thing.
Network configuration
I connect to NYCMesh Node 1340.
+-------------------+
| Edge router (NAT) | +-----------------------------------------------------+----------------------+
+-------+----+------+ | kibble.bongo.zone | vmd |
| | |-----------------------------------------------------|----------------------|
| v | 3+-----------------+-> nycmesh-dns |
DE/CIX<--+ NYCMesh | 2+----------------+ | +-> tor |
^ | bridge 0 1+-------------+ | | |
| | +--+--+--+--+---------+-------------------+------+-> <testvms> |
+-------+------+ | | | | | | | | | | | | | | |
| nycmesh 1340 | | + + + + + + + + + + + | | |
+-------+------+ |em 0 1 2 3 4 5 vether 0 1 2 3 vlan 0 1 2 | |
802.11ac| +------+--+--+--------------------------------+--+--+-+----------------------+
+-------------+----+ 1Gbps | | | | [ [ [
| nycmesh-lbe-1659 +-------+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%~~%
+------------------+ | | | [ VLAN tags
| | | ] 1: antenna admin
+---------+ 100Mbps | | | VLAN tag for public SSID [ 2: egress traffic
+ airport +----------+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~%
+-+-- --+-+ | |
| | | |
| v | |
v 802.11a/n+b/g/n | | 802.11ac/n+n
Public ^ | | ^
WiFi | | | |
+----+----+ 1Gbps | | 1Gbps +---+----+
| macmini +-------+ +-------+ belkin |
+---------+ +--------+
Installation Overview
- Configure and install OpenBSD
- Install packages
- Configure services
Install packages with pkg_add
pkg_add alpine arping arpwatch bash bsd-airtools coreutils curl git gmake go hping htop iftop \
iperf3 irssi keybase libxml lynx miniupnpd mosh nload nmap pkglocatedb py-pip py-setuptools \
py-virtualenv quirks rsnapshot rsync rtl-sdr snort sshguard the_silver_searcher tmux-mem-cpu-load \
vim vmm-firmware w3m wget wol zshFeatures
TODO
References
- vedetta - OpenBSD Router Boilerplate
- FQ-CoDel and pf - Flows queue discpline for
pf - Fixing bufferbloat on your home network with OpenBSD 6.2 or newer