Thanks Pau,

I am using downloads.libremesh. I'll give the manual compilation a try.


On 02/03/2017 10:20 AM, Pau wrote:
Are you using the generic images from or Chef?

It looks like the OPKG repository where you are getting the OpenVPN
files is compiled on a different way that the liblzo library compiled on
the firmware. This sucks, it should be fixed but I don't think it will
be the next days.

So I would propose you to clone lime-build on your local computer and
create your own firmware with all needed packets precompiled.

On lime-build, you can make your own selection of packets executing the
menu config:

make T=ar71xx menuconfig


On 02/02/17 06:15, Marvin Arnold wrote:
I switched to a wdr4300 with full lime but still having issues. This is
the output on community chaos:

root@LiMe-d00515:~# openvpn --config marvin.ovpn
Thu Feb  2 05:10:24 2017 OpenVPN 2.3.6 mips-openwrt-linux-gnu [SSL
(OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Jan 31 2016
Thu Feb  2 05:10:24 2017 library versions: OpenSSL 1.0.2g  1 Mar 2016,
LZO 2.08
Thu Feb  2 05:10:24 2017 NOTE: the current --script-security setting may
allow this configuration to call user-defined scripts
Thu Feb  2 05:10:24 2017 Control Channel Authentication: tls-auth using
INLINE static key file
Thu Feb  2 05:10:24 2017 Outgoing Control Channel Authentication: Using
256 bit message hash 'SHA256' for HMAC authentication
Thu Feb  2 05:10:24 2017 Incoming Control Channel Authentication: Using
256 bit message hash 'SHA256' for HMAC authentication
openvpn: can't resolve symbol '__clzsi2'

And on develop:
root@LiMe-d00515:~# openvpn --config marvin.ovpn
Error relocating /usr/lib/ __clzsi2: symbol not found
Error relocating /usr/lib/ __ctzsi2: symbol not found
Error relocating /usr/sbin/openvpn: __clzsi2: symbol not found

Any ideas?

On 01/31/2017 05:03 PM, Pau wrote:
The problem is that Tinc runs on userspace so all network data is
copied from kernel to user and the way back. Even increasing the
hardware I dont think more than 20Mbit/s is possible.

Using GRE tunnels which run on kernel space would increase the
performance. But for set it up you need a global/public IP configured
on the router side (or maybe, just maybe, set up a bloody dirty NAT).

On 31 de gener de 2017 10:42:13 GMT-03:00, Leonardo Taborda
<> wrote:

    Hello guys

    Depending on the router you are using, the ar71xx-mini does not
    have opkg included, but the 8mb image it does. I have tinc running
    on a wdr3600 for librenet6 service. As Nicolas points out, it has
    some pitfalls running in the same device mesh and vpn control. Of
    course i use tinc only to provide ipv6 connectivity.

    For Nicolas, would tinc have the same performance issues?


    El 31/01/17 a las 06:26, escribió:
    Hi Marvin

    I've done a lot of tests with VPNs for the standard setup of the mesh network we're building here in Milano, Italia, and I've found that usually routers are rather terrible at handling VPNs with reasonable speeds, openvpn being the slowest [10mbps up and down] and l2tp+ipsec being faster [15 to 20mbps], at the expense of being less secure. Also, I've gotten to the conclusion that doing the VPN routing in the same device as the one doing the meshing makes it rather difficult to diagnose issues over time and to pinpoint the bottleneck for slow overall speeds.

    I know this is not the answer you were looking for, but our definitive setup involves setting up getting a microtik hex router that you can buy for about 60 to 80€ and running l2tp+ipsec to a Streisand instance [a fully self installing VPN and anonymity server]. We've been getting stable 120/120mbps speeds.

    This setup also makes it very simple to understand what device is doing what, and how the routing is done on the large scale from the ISPs router, to the VPN router, to the meshing router, to the AP router, and so on [this is our setup].

    I don't know how to solve your problem directly, but I thought I'd share my experience with you. Sorry for going slightly off topic.

    Hope you can get your setup working nicely however you decide to do it!

    From: Marvin Arnold <>
    Sent: Jan 31, 2017 06:34
    Subject: [lime-users] VPN

    I would like to finally make my internet at home available to my
    neighbors over lime. I called my ISP and they made it pretty clear they
    would take action against me if one of the users accessed illicit
    content. So I'm thinking about routing all web traffic through a VPN. Is
    this the most sensible thing to do?

    Assuming it is, I already setup the VPN server and now I'm trying to
    connect my lime router as a client.

    But as far as I can tell, opkg is not installed on the router. What's
    the best way to install it or install the openvpn client without it?

    lime-users mailing list

    lime-users mailing list

    Leonardo Taborda Ángel

    "When there is a will, there is a way"

Sent from my Android device with K-9 Mail. Please excuse my brevity.

lime-users mailing list

lime-users mailing list


lime-users mailing list