justinzane/network

## network
~ # cat /etc/config/network

config globals 'globals'
        option ula_prefix 'fd05:960e:9254::/48'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 2 3 4 5'
        option mtu '7000'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 1'

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth0.1'
        option type 'bridge'
        option _orig_ifname 'eth0.1 radio0.network1 radio1.network1'
        option _orig_bridge 'true'
        option proto 'static'
        option ipaddr '192.168.0.2'
        option netmask '255.255.255.0'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'
        option hostname 'router2'

config interface 'wan6'
        option ifname '@wan'
        option proto 'dhcpv6'

config interface 'tap0_openvpn'
        option proto 'none'
        option ifname 'tap0'

config interface 'br0_openvpn'
        option type 'bridge'
        option proto 'static'
        option ifname 'tap0'
        option ipaddr '192.168.3.102'
        option netmask '255.255.255.0'
        option gateway '192.168.3.2'
        option broadcast '192.168.3.255'
        option dns '192.168.3.2'
        option macaddr 'ff:ff:ff:00:00:02'


## openvpn
~ # cat /etc/config/openvpn
package openvpn

#################################################
# justinzane jz-rs-01                           #
#################################################

config openvpn justinzane-client
# Basic Setup -----------------------------------
        option enabled          1
        option daemon
        option port             1194
        option proto udp
        option remote           jz-rs-01.justinzane.com
        option resolv-retry     infinite
        option keepalive        10 120
        option comp-lzo         adaptive
# Network Setup ---------------------------------
        option device           'tap0'
        option persist-tun
        option persist-remote-ip
# Security --------------------------------------
        option ns-cert-type     server
        option tls-client
        option tls-auth         /etc/openvpn/justinzane-keys/ta.key 1
        option ca               /etc/openvpn/justinzane_keys/ca.crt
        option cert             /etc/openvpn/justinzane_keys/router2.crt
        option key              /etc/openvpn/justinzane_keys/router2.key
        option cipher           AES-256-CBC
        option auth             SHA1
        option persist-key
# Performance -----------------------------------
        option passtos
# Logging ---------------------------------------
        option writepid         /var/run/openvpn.pid
        option log              /var/log/openvpn.log
        option status           /var/log/openvpn.status 10
        option verb             3
        option mute-replay-warnings
	~ # cat /etc/config/network

	config globals 'globals'
	option ula_prefix 'fd05:960e:9254::/48'

	config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

	config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0t 2 3 4 5'
	option mtu '7000'

	config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0t 1'

	config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

	config interface 'lan'
	option ifname 'eth0.1'
	option type 'bridge'
	option _orig_ifname 'eth0.1 radio0.network1 radio1.network1'
	option _orig_bridge 'true'
	option proto 'static'
	option ipaddr '192.168.0.2'
	option netmask '255.255.255.0'

	config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'
	option hostname 'router2'

	config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

	config interface 'tap0_openvpn'
	option proto 'none'
	option ifname 'tap0'

	config interface 'br0_openvpn'
	option type 'bridge'
	option proto 'static'
	option ifname 'tap0'
	option ipaddr '192.168.3.102'
	option netmask '255.255.255.0'
	option gateway '192.168.3.2'
	option broadcast '192.168.3.255'
	option dns '192.168.3.2'
	option macaddr 'ff:ff:ff:00:00:02'
	~ # cat /etc/config/openvpn
	package openvpn

	#################################################
	# justinzane jz-rs-01 #
	#################################################

	config openvpn justinzane-client
	# Basic Setup -----------------------------------
	option enabled 1
	option daemon
	option port 1194
	option proto udp
	option remote jz-rs-01.justinzane.com
	option resolv-retry infinite
	option keepalive 10 120
	option comp-lzo adaptive
	# Network Setup ---------------------------------
	option device 'tap0'
	option persist-tun
	option persist-remote-ip
	# Security --------------------------------------
	option ns-cert-type server
	option tls-client
	option tls-auth /etc/openvpn/justinzane-keys/ta.key 1
	option ca /etc/openvpn/justinzane_keys/ca.crt
	option cert /etc/openvpn/justinzane_keys/router2.crt
	option key /etc/openvpn/justinzane_keys/router2.key
	option cipher AES-256-CBC
	option auth SHA1
	option persist-key
	# Performance -----------------------------------
	option passtos
	# Logging ---------------------------------------
	option writepid /var/run/openvpn.pid
	option log /var/log/openvpn.log
	option status /var/log/openvpn.status 10
	option verb 3
	option mute-replay-warnings