Revisions
-
lukas2511 revised this gist
Jan 26, 2020 . 1 changed file with 6 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,8 +1,13 @@ #!/bin/sh # This script configures a meraki ms220-8p switch completely from scratch # See https://leo.leung.xyz/wiki/Meraki_MS220-8P for rooting instructions # You can keep config and config.local completely empty, but i'd recommend to add a configuration # which isolates all ports from each other. # Without that you might have switching loops on bootup (unlikely since STP keeps longer to initialize # than it takes this script to take over, but it just feels cleaner). # Next to the configuration in this script I'd recommend adding a newer busybox binary to the system # Simply put busybox-mipsel into /storage, cp it to /bin/busybox on init and run /bin/busybox --install -
Jan 26, 2020 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -75,6 +75,7 @@ echo 1 > /click/lldp_source/send_lldp for i in $(seq 1 10); do echo "PORT $i, ACTIVE 1" > /click/lldp_source/active_ports done # cat /click/switch_table/hosts # show lldp neighs # Setup STP echo "PRIORITY 61440, HELLO_TIME 2, FORWARD_DELAY 15, MAX_AGE 20, HOLDCOUNT 6" > /click/stp/set_params -
Jan 26, 2020 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,6 +3,12 @@ # This script configures a meraki ms220-8p switch completely from scratch (leave config.local empty) # See https://leo.leung.xyz/wiki/Meraki_MS220-8P for rooting instructions # Next to the configuration in this script I'd recommend adding a newer busybox binary to the system # Simply put busybox-mipsel into /storage, cp it to /bin/busybox on init and run /bin/busybox --install # Definitive TODO: Figure out how to disable management dhcp client # Obviously a ton of other TODOs, but all features I really need are reversed by now # Kill everything except for a few critical services # We do not want Meraki's software talking to the cloud. ps | grep -vE '\[|init|syslog|ntpd|watchdog' | awk '{print $1}' | while read i ; do kill -9 $i ; done -
Jan 26, 2020 . 1 changed file with 14 additions and 9 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -32,18 +32,23 @@ echo "allow tcp dst port 22" > /click/nat/from_sw0_filter/config # Keep in mind that ALLOW_TAGGED_IN/ALLOW_UNTAGGED_IN will change what other parameters are expected (and may cause errors if left set) echo "PORT 1, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 2, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 3, ALLOWED_VLANS 2, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 2, UNTAGGED_VID 2" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 4, ALLOWED_VLANS 2, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 2, UNTAGGED_VID 2" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 5, ALLOWED_VLANS 3, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 3, UNTAGGED_VID 3" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 6, ALLOWED_VLANS 3, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 3, UNTAGGED_VID 3" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 7, ALLOWED_VLANS 4, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 4, UNTAGGED_VID 4" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 8, ALLOWED_VLANS 4, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 4, UNTAGGED_VID 4" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 9, ALLOWED_VLANS 1-4094, ALLOW_TAGGED_IN 1, ALLOW_UNTAGGED_IN 0" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 10, ALLOWED_VLANS 1-4094, ALLOW_TAGGED_IN 1, ALLOW_UNTAGGED_IN 0" > /click/switch_port_table/set_vlan_allports_conf # Force SFP slots to 1G (at least my test modules didn't work with auto negotation) echo "PORT 9, MODE forced, FORCE_SPEED 1Gfdx" > /click/switch_port_table/set_port_phy_cfgs echo "PORT 10, MODE forced, FORCE_SPEED 1Gfdx" > /click/switch_port_table/set_port_phy_cfgs # Link Aggregation (VLAN config is done on physical ports) echo true > /click/switch_port_table/enable_lacp_on_single_ports echo "AGGR 0, MEMBERS '9,10'" > /click/switch_port_table/add_link_aggr echo "AGGR 0, MEMBERS '9,10', FLAGS rp" > /click/switch_port_table/setup_link_aggrs # Disable CDP (lol) echo false > /click/cdp_source/send_cdp -
Jan 25, 2020 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,76 @@ #!/bin/sh # This script configures a meraki ms220-8p switch completely from scratch (leave config.local empty) # See https://leo.leung.xyz/wiki/Meraki_MS220-8P for rooting instructions # Kill everything except for a few critical services # We do not want Meraki's software talking to the cloud. ps | grep -vE '\[|init|syslog|ntpd|watchdog' | awk '{print $1}' | while read i ; do kill -9 $i ; done freeze -w # IP Config (IP Netmask Gateway MTU Broadcast VID) echo 192.168.178.254 255.255.255.0 192.168.178.1 1500 192.168.178.255 1 > /click/set_host_ip/run # IPv6 Config (Link-Local IPv6 Netmask Gateway $whatever VID) echo fe80::254 fd00::192:168:178:254 64 fd00::192:168:178:1 whatever 1 > /click/set_host_ip6/run # DNS echo nameserver 192.168.178.1 > /etc/resolv.conf # Re-Enable SSH (Password Authentication is disabled!) dropbear -E -r /storage/dropbear/dropbear_rsa_host_key -s -p 22 #echo "root:meraki" | chpasswd echo "ssh-rsa <foobar> <whatever>" > /etc/dropbear/authorized_keys echo "allow tcp dst port 22" > /click/nat/from_sw0_filter/config # Switch config # ALLOWED_VLANS: format unclear, single vlan tag seems to work # ALLOW_TAGGED_IN: 0/1 # ALLOW_UNTAGGED_IN: 0/1 # PVID: $vlan-id # UNTAGGED_VID: $vlan-id (?) # Keep in mind that ALLOW_TAGGED_IN/ALLOW_UNTAGGED_IN will change what other parameters are expected (and may cause errors if left set) echo "PORT 1, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 2, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 3, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 4, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 5, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 6, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 7, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 8, ALLOWED_VLANS 1, ALLOW_TAGGED_IN 0, ALLOW_UNTAGGED_IN 1, PVID 1, UNTAGGED_VID 1" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 9, ALLOWED_VLANS 1-4094, ALLOW_TAGGED_IN 1, ALLOW_UNTAGGED_IN 0" > /click/switch_port_table/set_vlan_allports_conf echo "PORT 10, ALLOWED_VLANS 1-4094, ALLOW_TAGGED_IN 1, ALLOW_UNTAGGED_IN 0" > /click/switch_port_table/set_vlan_allports_conf # Link Aggregation (not sure how this works yet) #echo true > /click/switch_port_table/enable_lacp_on_single_ports #echo "AGGR 0, MEMBERS '9,10'" > /click/switch_port_table/add_link_aggr # Disable CDP (lol) echo false > /click/cdp_source/send_cdp echo false > /click/cdp_source/active for i in $(seq 1 10); do echo "PORT $i, ENABLED 0" > /click/cdp_source/active_ports done # Setup LLDP echo "CiscoDisco" > /click/lldp_source/system_name echo "Cisco Meraki MS220-8P" > /click/lldp_source/system_desc echo 0 > /click/lldp_source/is_router echo 0 > /click/lldp_source/is_ap echo 1 > /click/lldp_source/is_bridge echo 0 > /click/lldp_source/include_meraki_nethash echo 30000 > /click/lldp_source/interval_ms echo 1 > /click/lldp_source/send_lldp for i in $(seq 1 10); do echo "PORT $i, ACTIVE 1" > /click/lldp_source/active_ports done # Setup STP echo "PRIORITY 61440, HELLO_TIME 2, FORWARD_DELAY 15, MAX_AGE 20, HOLDCOUNT 6" > /click/stp/set_params # Adjust the LED to green echo 1 > /click/sw0_ctrl/power_led_green echo 0 > /click/sw0_ctrl/power_led_orange # Cleanup killall sync_log