NanoPi R4S-RK3399 is a great new OpenWrt device

Is it possible to maintain the logs on an external device? I want to use a NanoPI R4S as main router but would like to have logs about incoming requests to the router.

Hmm what you mean for external device? Is what I’m doing, I’m using an external drive, you can use everything as long as it’s mounted somewhere on the R4S :slight_smile:

1 Like

How do you log incoming request?

I'm supposing it is something possible, isn't it?

I would like to know how to do it myself. This is why I was asking how you were doing it.

If I plan to use the R4S 4gb for PPPoE 500/500 fibre routing, about 5 OpenVPN clients with policy based routing, and Wireguard server to a few clients.. is there any reason to use a custom build instead of the official Openwrt 22.03.2 image? Thx in advance

If im on the build below

OpenWrt SNAPSHOT r19616-98bb26f9f7 / LuCI Master git-22.126.42175-8583efb

Would there be any advantage to updating to the latest stable?

Also in https://router/cgi-bin/luci/admin/system/opkg do people upgrade all there packages?

As on the update list I get this error

Collected errors:
 * opkg_download: Failed to download https://downloads.openwrt.org/snapshots/targets/rockchip/armv8/kmods/5.10.113-1-2fda71a03d647cd5ecb63802c4826211/Packages.gz, wget returned 8.

22.03.2 is based on r19803, nearly 200 commits after your r19616 snapshot. Now add all the updates and fixes since here: https://git.openwrt.org/?p=openwrt/openwrt.git;a=shortlog;h=refs/heads/openwrt-22.03. I would say yes, update to the latest stable. It's been running quite well on my R4S.

When you upgrade, yes, you will need to either:

a) reinstall all your packages after you upgrade, or

b) use the firmware selector to create an image with all your packages included. If you create and install a squashfs image (versus ext4), the included packages will survive a reset to defaults, which can be handy. Don't forget to add luci (if you want it) - firmware selector images do not include it default.

1 Like

Another couple of reasons to run the latest stable are:

  1. You can update kernel modules ( kmod ) for a long time. They are not available for snapshots for very long.
  2. People tend to be more willing to give more in-depth help here on the forum.
1 Like

Should I buy the eMMC version?

No. Stick with the plain 4GB R4S that is well supported by OpenWrt for your home gateway router use.

3 Likes

I found a nice support for my R4S :smiley: (for few euro).
And it also lowered the R4S temperatures (absolutely not necessary but is a free feature :smiley: ), I wrote here the details: http://giuliomagnifico.blog/tips/2022/11/26/phone-stand-nanoPi-R4S.html

7 Likes

For the record, stuffed into a 41x41x4 cm telecom box in the wall with a cable modem and switch adding some heat to the environment, my R4S tops out at ~43C under light house load. Not nearly as cool as the setup @giuliomagnifico has of course!

I really like your set up by the way!

1 Like

Thanks! Yes, indeed at the beginning I was planning to open the case and replace the thermal pad with a better pad or the paste, but then I left it untouched because the temps are very low and the case works very well. The only downside, as I wrote, is that the case/enclosure become hot in the summer and it can damage the table where it's sitting.This is why it's on the stand :slight_smile:

I got a question about VLANs with the R4S. I currently have 2 Vlan's. LAN and my quest-LAN but i only have ipv6 and ipv4 on the LAN.
No matter what i try and read on the quest-lan i have only ipv4. Am i the only one ?? With this ??

Maybe some body can share settings that has both ipv 4 and 6 running on all of their vlans.

Make sure to use ip6hint and ip6assign and set up odhcpd for your additional interfaces.

maybe you see what i am doing wrong.

My LAN interface is not used. When i deactivate the LAN the VLAN2 has IPV6 and when LAN is activated VLAN2 has no ipv6 and LAN has IPV6. For VLAN3 IPV6 does not work but it probaly works when i deactive LAN and VLAN2 :smile:
This is my DHCP

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option localservice '1'
	option ednspacket_max '1232'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'VLAN2'
	option interface 'VLAN2'
	option start '100'
	option limit '150'
	option ra 'server'
	option dhcpv6 'server'
	option leasetime '12m'

config dhcp 'VLAN3'
	option interface 'VLAN3'
	option start '100'
	option limit '150'
	option ra 'server'
	option dhcpv6 'server'
	option leasetime '12m'

This is my network file

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd97:781c:cad1::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth1'

config device
	option name 'eth1'
	option macaddr 'da:96:6e:0e:99:43'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6hint '10'
	option ip6assign '64'

config device
	option name 'eth0'
	option macaddr 'da:96:6e:0e:99:42'

config interface 'wan'
	option device 'eth0'
	option proto 'dhcp'

config interface 'wan6'
	option device 'eth0'
	option proto 'dhcpv6'

config device
	option type '8021q'
	option ifname 'eth1'
	option vid '2'
	option name 'eth1.2'

config device
	option type '8021q'
	option ifname 'eth1'
	option vid '3'
	option name 'eth1.3'

config interface 'VLAN2'
	option proto 'static'
	option device 'eth1.2'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option ip6assign '64'
	option ip6hint '20'

config interface 'VLAN3'
	option proto 'static'
	option device 'eth1.3'
	option ipaddr '192.168.3.1'
	option netmask '255.255.255.0'
	option ip6assign '64'
	option ip6hint '30'

That is happening to me too, because ISP gives me only one /64 prefix and I don't want to use relay. In this case, there simply aren't enough addresses to split between LAN and GUEST.

My provider has a prefix of 56.
The solution was to set the prefix filter to wan and ula.
Did this for vlan 1 and 2 and ipv6 works now.

Looks like R4S is available in my country, but R6S is a bit harder to source. I'm considering a NanoPi for a gateway device now that I have 1G fiber. My old trusty Newifi D2 MT7621 can't deliver speed when running WG or OVPN. I've seen the benchmarks posted previously. Anyone have daily real world experience with a NanoPi running always on Wireguard or VPN with 500M or 1G fibre? Are you getting good speeds? Are you overheating?