|
OpenBSD Installation and Upgrading Installing and upgrading OpenBSD. |
|
Thread Tools | Display Modes |
|
|
|||
Installing OpenBSD 7.0 on an RPi4 and using as a WireGuard client gateway
I've put together some detailed notes on how to install OpenBSD 7.0 on an RPi4, including replacing the UEFI files to allow OpenBSD to boot, and how to configure OpenBSD for use as a WireGuard client gateway linking to a remote WireGuard server. More or less the same configuration could be used for the server end of the WireGuard link. Total boot time from power-on to login prompt is approximately 80 seconds - 35 secs in the UEFI bootloader and 45 secs due to OpenBSD itself.
The notes also cover how to configure the UEFI bootloader to allow OpenBSD to use a DS3231 real-time clock as time is critical to correct WireGuard operation. Finally be aware of a gotcha which caught me out for a while: ifconfig only shows the full wg0 configuration if you run it as root. So use either: Code:
# ifconfig wg0 Code:
$ doas ifconfig wg0
Comments, errata and suggestions welcome. I might eventually format up these notes into something a bit more presentable! Last edited by Reeshar; 21st February 2022 at 03:07 PM. Reason: Minor correction to instructions |
|
|||
I've now updated my RPi4 test rig to use VLANs rather than a USB Ethernet adaptor. The net result is a significant increase in performance: whereas I could only get 100Mbit/s throughput with the Ethernet dongle, I get 200+Mbit/s using VLANs where the "200" is the upload speed limit of my broadband connection.
Using a D-Link 5-port smart switch, which incidentally I run off a USB power supply alongside my RPi4 so I need only one power source for the two, the total power consumption is around 10W. My next goal is to set the RPi4 up as a fully-fledged firewall with two internal VLANs, one routed directly out to the Internet, the other going through the WireGuard tunnel. This mirrors a setup already in existence at our house in France which allows us to stream UK content via an OpenBSD WireGuard server at our UK home while in parallel being able to directly access the local Internet in France. The two networks are accessed via two separate APs, one for the UK and one for France. Currently though we're using a GL-iNet Slate to manage the WireGuard link. Ironically we have a better and cheaper Internet connection in a small village of 200 inhabitants in the Pyrenees (300/200Mbit/s over fibre-to-the-home) than we do here in the UK where we have 200/20Mbit/s over cable. Updated notes will follow... |
Tags |
raspberry pi, wireguard |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Defend your network and privacy : VPN gateway with OpenBSD | gkbsd | OpenBSD Security | 8 | 14th May 2014 10:20 AM |
Setting up OpenBSD as a ssh gateway | dbach | OpenBSD General | 6 | 12th January 2012 05:30 PM |
OBSD client hangs mounting NFS; Linux client doesn't | amorphousone | OpenBSD General | 7 | 26th August 2010 05:21 AM |
4.6/i386 hangs when installing on a Gateway laptop | AlexLibman | OpenBSD Installation and Upgrading | 22 | 24th January 2010 10:47 PM |
mobile client to ipsec gateway | milo974 | OpenBSD Security | 8 | 22nd July 2009 05:19 AM |