My Raspberry 4 running apache and dns having some problems with itds network interfaces (SW problem), it is time to migrate the services onto a raspberry Pi 5
1) Installation of rasbian trixie on the NVMe SSD (pimoroni). 2) As the firmware was corrupted, it was resintated using the SD card firmware installer (using piImager). 3) Trixie installed on an SD card, Rpi booted, used SD copier to install on SSD, rpi-config to enable NVMe SSD boot. 4) Installed in the printed Case with a proper cover (POe’s GPIO in the way). 5) Apache and PHP installed 5.1 chown wwwdata /var:www/html apt-get install letsencrypt copied rasp4 letencrypt into rpi5, need to enable the updater script. a2enmod -> rewrite ssl proxy … see all module configured a2ensite enable all defined sites Webmin backup used to transfer the configuration of apache2
6) bind -> copied files vrom /etc/bind and /var/lib/bind chmod g+w /etc/bind /var/lib/bin webmin backup used to trasnfer bind9 configuration (zone file …) a secondary dns should be installed for to prevent denial of services when prime server fails
7) mosquitto copied the /etc/mosquitto directory including the certs (SSL), the owner/group has to be mosquitto
8) interface bonding using nmtui (command line)
8.1 Added an Ethernet USB interface (USB3), and changed the raspberry power limitation (raspi-config) as it fails to come up after reboot (not every time though).
8.2 Create interface
root@rpi5:/home/jcoenen# nmcli con add type bond ifname mybond0
Connexion « bond-mybond0 » (69bd586c-1f1d-4be7-a4cc-86497fc0fda0) ajoutée avec succès.
8.3 add physical interfaces to the bond
defaulted to balanced-rr --> need to configure active-backup mode, balanced-rr
root@rpi5:/home/jcoenen# nmcli con add type ethernet ifname eth1 master mybond0 bond.options "mode=active-backup"
Connexion « bond-slave-eth1 » (90a48c9d-adac-4667-8ed4-9d842416ba13) ajoutée avec succès.
root@rpi5:/home/jcoenen# nmcli con add type ethernet ifname eth0 master mybond0
Connexion « bond-slave-eth0 » (970aa455-c7fa-47e3-bb2c-cab059549fe0) ajoutée avec succès.
8.4 resulting in
root@rpi5:/home/jcoenen# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.59 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2a02:578:8545:600:67dd:e915:503d:20a9 prefixlen 64 scopeid 0x0<global>
inet6 fd81:e6bf:551a:0:f4a6:d2fc:22d7:ee9d prefixlen 64 scopeid 0x0<global>
inet6 fe80::d0d8:deaa:2568:32be prefixlen 64 scopeid 0x20<link>
ether d8:3a:dd:a4:7d:a5 txqueuelen 1000 (Ethernet)
RX packets 104960 bytes 13951659 (13.3 MiB)
RX errors 0 dropped 974 overruns 0 frame 0
TX packets 3365 bytes 452610 (442.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 112
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.131 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::88ce:1a59:6221:af61 prefixlen 64 scopeid 0x20<link>
inet6 2a02:578:8545:600:400b:a2cb:2e0e:900f prefixlen 64 scopeid 0x0<global>
inet6 fd81:e6bf:551a:0:9038:c2cf:86f7:c48d prefixlen 64 scopeid 0x0<global>
ether 00:e0:4c:12:69:b8 txqueuelen 1000 (Ethernet)
RX packets 155317 bytes 23445174 (22.3 MiB)
RX errors 0 dropped 978 overruns 0 frame 0
TX packets 7134 bytes 905437 (884.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Boucle locale)
RX packets 72 bytes 13391 (13.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 72 bytes 13391 (13.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
mybond0: flags=5123<UP,BROADCAST,MASTER,MULTICAST> mtu 1500
ether ee:b0:5b:f3:14:9c txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.248 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 2a02:578:8545:600:417c:372d:6b7a:3355 prefixlen 64 scopeid 0x0<global>
inet6 fe80::c43b:ac68:224d:f1b prefixlen 64 scopeid 0x20<link>
inet6 fd81:e6bf:551a:0:2944:e8ec:f4ff:29af prefixlen 64 scopeid 0x0<global>
ether d8:3a:dd:a4:7d:ad txqueuelen 1000 (Ethernet)
8.4 activate the slave interface on the bond
root@rpi5:/home/jcoenen# nmcli con up bond-slave-eth0
Connexion activée (chemin D-Bus actif : /org/freedesktop/NetworkManager/ActiveConnection/8)
root@rpi5:/home/jcoenen# nmcli con up bond-slave-eth1
Connexion activée (chemin D-Bus actif : /org/freedesktop/NetworkManager/ActiveConnection/9)
Now the interfaces are active as bond0 with the former address of eth0 (first slave), eth0 and eth1 are without address
root@rpi5:/home/jcoenen# ip address show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master mybond0 state UP group default qlen 1000
link/ether d8:3a:dd:a4:7d:a5 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc fq_codel master mybond0 state UP group default qlen 1000
link/ether d8:3a:dd:a4:7d:a5 brd ff:ff:ff:ff:ff:ff permaddr 00:e0:4c:12:69:b8
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d8:3a:dd:a4:7d:ad brd ff:ff:ff:ff:ff:ff
inet 192.168.1.248/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
valid_lft 863155sec preferred_lft 863155sec
inet6 2a02:578:8545:600:417c:372d:6b7a:3355/64 scope global dynamic noprefixroute
valid_lft 7200sec preferred_lft 3600sec
inet6 fd81:e6bf:551a:0:2944:e8ec:f4ff:29af/64 scope global dynamic noprefixroute
valid_lft 7200sec preferred_lft 3600sec
inet6 fd96:b008:ef4c:4e45:73e4:77c9:698d:5dd5/64 scope global deprecated dynamic noprefixroute
valid_lft 1513sec preferred_lft 0sec
inet6 fe80::c43b:ac68:224d:f1b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
5: mybond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether d8:3a:dd:a4:7d:a5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.59/24 brd 192.168.1.255 scope global dynamic noprefixroute mybond0
valid_lft 863894sec preferred_lft 863894sec
inet6 2a02:578:8545:600:ee61:4034:7407:2de1/64 scope global dynamic noprefixroute
valid_lft 7200sec preferred_lft 3600sec
inet6 fd81:e6bf:551a:0:64d0:4fef:e344:d582/64 scope global dynamic noprefixroute
valid_lft 7200sec preferred_lft 3600sec
inet6 fe80::940e:8a77:71da:7da7/64 scope link noprefixroute
valid_lft forever preferred_lft forever
To see the packet drop on the insterfaces use
netstat -i
netstat --interfaces
or
ip -s link
ip -s link show bond0
hugo do not use snap to install hugo as it prevent installation of sites outside local directory, sudoo apt-get install hugo instead
Hotspot on USB WiFi dongle, this is using a bridge to connect to the ethernet network (IP are thus provided by DHCP ethernet server).
nmcli connection add type bridge con-name 'Bridge' ifname bridge0
nmcli connection add type ethernet slave-type bridge con-name 'Ethernet' ifname eth0 master bridge0
nmcli connection add con-name 'Hotspot' ifname wlan0 type wifi slave-type bridge master bridge0 wifi.mode ap wifi.ssid rpi5 wifi-sec.key-mgmt wpa-psk wifi-sec.proto rsn wifi-sec.pairwise ccmp wifi-sec.psk 9725145239910203
nmcli connection modify 'Hotspot' master bridge0
nmcli connection up Bridge
nmcli connection up Hotspot
Migration of GPS system