Deploying 4MB flash routers, and controlling them

Hi Guys.

I have around 200 LEDE routers which need to be deployed in the field, and controlled by a centralised server.

Let's assume they are all behind NAT's and I do not know their IP. I will be using reverse SSH tunneling using dropbear.

I do NOT have autossh on these routers to maintain the reverse SSH connections.

I am going to use something like this : Set up ssh tunnel, the procd way

and using the SSH tunnel in the init.d script.

On the centralised server, I would ideally like to have a large dashboard, where I can see the status of each device, and then double click on a device to bring up the SSH terminal to that device. This is something similar to what Dataplicity offers. I could also use Yaler or some DynDNS service.

How do I make the server side , router management program?

This is one idea on Github

There are other tunnel managers as well, using Java, Node, C, etc.

Another way is to use OpenWISP.

My requirement is to

  1. Have accurate date/time on all the LEDE routers. The ntpd command frequently fails to update the router.
  2. Maintain an SSH connection via a web-based terminal window with on all the LEDE routers.
  3. Have data submitted to the centralised server from all the routers. This is already being achieved using netcat. Some part of the data will be shown on the webpage to designate the router.
  4. Selectively update a certain group of LEDE routers. Say, I would like to run a certain program on routers 1 through 30, another program on routers 31 through 50 ...and so on.

You might want to take a look at WireGuard, it is a proper VPN solution, which works pretty nicely with NAT from my experience.
Given that you have so many routers, one issue you might have is that you’ll have to allocate IP addresses manually, as, unlike OpenVPN, WireGuard doesn’t do any sort of DHCP and needs all IPs known in advance.