Gargoyle in a VM on a USFF PC running Proxmox with eth0 as LAN and wifi as WAN

[pkkrusty]

The problem:
My router (WDR4300) was overloaded with 30ish concurrent clients and 240ish quotas to keep track of, and load was way too high.

Option 1: Switch to a Draytek router with quota mangement
Option 2: Buy a USB->Ethernet adapter and virtualize Gargoyle on Proxmox on a 4th gen intel processor
Option 3: Set up VLANs on a OpenWRT router and pass tagged traffic to and from the virtualized Gargoyle router using the single ethernet port

1) and 2) are en route, but in the meantime, internet traffic is slow and the router is struggling. I thought about how proxmox doesn't really use wifi, so the PCI wifi card would be available to pass through to a OpenWRT-based VM, and thus would have two network interfaces to avoid having to learn how to do vlans.

Make the wifi card available to VMs by editing nano /etc/default/grub, adding intel_iommu=on to GRUB_CMDLINE_LINUX_DEFAULT (goes inside the quotes with a space in between any other text), run update-grub, and reboot.

Using gargoyle-pl as a base, was able to install onto a VM with the following procedure:

On the proxmox host:

wget https://dl.eko.one.pl/gargoyle-pl/1.15/ ... ned.img.gz

gunzip ~/gargoyle-1.15.0.4-generic-ext4-combined.img.gz

Create a new VM with the following settings:

OS: Do not use any media.

System: Default settings.

Disks: Delete the default disk.

CPU: 1 or 2 cores (Host type is usually best for performance).

Memory: 512MB to 1GB is plenty for Gargoyle.

Network: * net0: This will be your LAN (attached to your internal bridge, usually vmbr0).

In the proxmox host shell:

qm importdisk 100 ~/gargoyle-1.15.0.4-generic-ext4-combined.img local-lvm (or whatever VM id you have)

Go back to the Proxmox Web UI. Select the VM -> Hardware. You will see an Unused Disk. Double-click it and click Add. Go to Options -> Boot Order. Move the new disk to the top and ensure it's checked.

With the pl version of gargoyle, you have access to package manager and a way to install them using opkg. But since the eth0 is associated with LAN, not WAN, the VM won't have internet access because it wants to serve the LAN. To get around this temporarily, use the convenient console in proxmox (this makes it much easier to configure when no route to the host exists)

udhcpc -i br-lan

route add default gw 192.168.1.1 br-lan (or whatever your gateway is)

echo "nameserver 8.8.8.8" > /etc/resolv.conf

Now you should have internet access and can do opkg update and opkg install pciutils. Once that is complete do lspci to make sure the wireless card is being passed to the VM.

When it is confirmed to be there, do wget https://github.com/IIJ-NetBSD/netbsd-sr ... 0-17.ucode (or whatever specific wifi card you have) and put that file in /lib/firmware and reboot.

Now edit vi /etc/config/network to look like this (adjust for your wan and lan details):

config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'fd25:c50b:d1ea::/48'

config device 'brlan_dev'
option name 'br-lan'
option type 'bridge'
list ports 'eth0'

config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.254.0'
option ip6assign '60'
option ip6ifaceid '::1'
option dns '192.168.3.92'

config device 'wan_eth0_dev'
option name 'eth0'
option macaddr 'bc:24:11:3a:3f:5b'

config interface 'wan'
option device 'br-wan'
option proto 'static'
option ipv6 '0'
option ipaddr '192.168.1.97'
option netmask '255.255.255.0'
option gateway '192.168.1.1'
option dns '192.168.1.1'

config device 'brwan_dev'
option name 'br-wan'
option type 'bridge'

And edit vi /etc/config/wireless to be (edit to the correct wifi you want to join):

config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:10.0'
option band '5g'
option channel '48'
option htmode 'VHT80'
option country 'SN'
option disabled '0'

config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'sta'
option network 'wan'
option key 'password'
option ssid 'mywifi'
option encryption 'psk2'

Reboot, and in the console you should see the wifi card connect to network.

Comments welcome.

[Lantis]

Nice one