Update vpn_softetherbridge.md : to briged interaface will assiged with physical interface's MAC address.

tools/vpn/vpn_softetherbridge.md

@@ -2,18 +2,23 @@
 
 NOTE: These instructions assume you are using linux on Raspberry Pi.
 `testuser/pftest` is a sample User ID and password in the instruction.
-This setup is NOT a persistent service; if you reboot, you will have to 
+This setup is NOT a persistent service; if you reboot, you will have to
 reconfigure it.  TODO: separate static and per-boot parts of instructions;
 create a service and a configuration file.
 
 ## 1. Download VPN Bridge from SoftEther Download Center
-- go to https://www.softether-download.com/en.aspx?product=softether
+
+- go to <https://www.softether-download.com/en.aspx?product=softether>
 - Select Software -> SoftEther VPN (Freeware)
 - Select Component -> SoftEther VPN Bridge
 - Select Platform -> Linux
 - Select CPU -> ARM EABI (32bit)
 - Download newest file
-- (as of this writing, newest file is: https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.34-9745-beta/softether-vpnbridge-v4.34-9745-beta-2020.04.05-linux-arm_eabi-32bit.tar.gz )
+- As of this writing, newest file is
+  - [SoftEther VPN Stable Release Page](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases)
+  - [SoftEther VPN Release Page](https://github.com/SoftEtherVPN/SoftEtherVPN/releases)
+  - [v4.41-9782 ARM-64bit](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.41-9782-beta/softether-vpnbridge-v4.41-9782-beta-2022.11.17-linux-arm64-64bit.tar.gz)
+  - [v4.41-9782 ARM-32bit](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/v4.41-9782-beta/softether-vpnbridge-v4.41-9782-beta-2022.11.17-linux-arm-32bit.tar.gz)
 
 ## 2. Extract Downloaded Archive File
 
@@ -28,17 +33,21 @@ create a service and a configuration file.
 ```
 % make
 ```
+
 ## 3.5. Add static route for VPN server (only for Linux)
 
 To avoid looping, on the bridge,
 set static route for VPN server in the cloud.  For example:
+
 ```
 % sudo ip route add xxx.xxx.xxx.xxx via yyy.yyy.yyy.yyy dev zzz0
 ```
-where 
+
+where
+
 - xxx.xxx.xxx.xxx: IP address of Softether VPN server in the cloud
 - yyy.yyy.yyy.yyy: Default gateway of your local network
-- zzz0: Interface name which is connected to your local network. 
+- zzz0: Interface name which is connected to your local network.
 
 ## 4. Start vpnbridge
 
@@ -71,7 +80,8 @@ eth0
 wlan0
 VPN Server>BridgeCreate BRIDGE /DEVICE:eth0      <----
 ```
-Physical interface names may vary.  Use a interface name of dedicated network adapter for bridging. 
+
+Physical interface names may vary.  Use a interface name of dedicated network adapter for bridging.
 
 ## 7. Connect Virtual Hub `BRIDGE` to VPN server
 
@@ -86,65 +96,140 @@ VPN Server/BRIDGE>CascadeOnline mybridge   <---
 ```
 
 ## 8. Note for Local Bridging
+
 If you need to connect the machines in VPN from the machine where `vpnbridge` is running,
 
-you should make a bridge,
+create tap interface on step 6 in above,
 
 ```
-% sudo apt install bridge-utils
+VPN Server>BridgeCreate BRIDGE /DEVICE:svpn /TAP:yes      <----
+```
+
+Install net-tools and bridged-utils to create a bridged interface.
 
-% sudo brctl addbr br0
+```
+% sudo apt install net-tools bridge-utils
 ```
 
-create tap interface on step 6 in above,
+Before creating the tap interface, check the physical interface ('eth0') MAC address by running.
 
 ```
-VPN Server>BridgeCreate BRIDGE /DEVICE:svpn /TAP:yes      <----
+% ifconfig
 ```
 
-then bridge the tap interface and physical interface (`eth0`) using:
+On the ifconfig output, you can find the MAC address under ether, as shown below.
 
 ```
-% sudo brctl addif br0 tap_svpn
+eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
+       ether 00:a0:98:79:42:65  txqueuelen 1000  (Ethernet)
+       ↑---------------------↑ -> This is Mac address
+```
+
+Then, modify netplan to create a bridged interface as shown,
+
+```
+% sudo nano /etc/netplan/50-cloud-init.yaml # Opening netplan condig file
+```
+
+Add bridged interface
+
+```
+network:
+  version: 2
+  ethernets:
+    eth0:
+      dhcp4: false <--- Make sure to change to false!!! Otherwise you cannot access your device over ether anymore.
+  bridges:
+    br0:
+      macaddress: 00:a0:98:79:42:65  <--- Change to physical MAC address from ifconig
+      interfaces: [ eth0 ]
+      dhcp4: true
+      parameters:
+        stp: true
+        forward-delay: 4
+```
 
-% sudo brctl addif br0 eth0
+Now apply netplan
 
-% sudo ip link set br0 up
+```
+% sudo netplan apply
+```
 
-% sudo dhclient br0
+Then bridge the tap interface and bridge interface (`br0`) using:
+
+```
+% suo brctl addif br0 tap_svpn
+```
+
+In order to automatically bridge tap interface with bridged interface (`br0`) make shell script as shown,
+
+```
+% nano set-tap.sh
+```
+
+Copy those lines into set-tap.sh file.
+
+```
+#!/bin/bash
+
+# Make sure softether vpn server started
+while [ -z "$(ifconfig | grep tap_svpn)" ]; do
+    sleep 5
+done
+
+sleep 2
+brctl addif br0 tap_svpn
+```
+
+Save this file, and run below command to make executable
+
+```
+% chmod +x set-tap.sh
+```
+
+And add to crontab with "@reboot" flag, so it run automatically on the boot, as shown example below
+
+```
+% sudo crontab -e
+```
+
+```
+@reboot /root/set-tap.sh <--- Change this with the actual file location on the system
 ```
 
 You may adjust DHCP setting for physical interfaces.
 
 Further information about local bridge is [here](https://www.softether.org/4-docs/1-manual/3._SoftEther_VPN_Server_Manual/3.6_Local_Bridges#3.6.11_Points_to_Note_when_Local_Bridging_in_Linux.2C_FreeBSD.2C_Solaris_or_Mac_OS_X).
 
 ## 9. Automatically starting at boot
+
 The local VPN bridge software automatically saves its configuration in a file (`vpn_bridge.config`, owned by root) so
 you do not have to reconfigure it each time you run it.
-If you set it up to run in 
-["service mode"](https://www.softether.org/4-docs/1-manual/7._Installing_SoftEther_VPN_Server/7.3_Install_on_Linux_and_Initial_Configurations) 
+If you set it up to run in
+["service mode"](https://www.softether.org/4-docs/1-manual/7._Installing_SoftEther_VPN_Server/7.3_Install_on_Linux_and_Initial_Configurations)
 then it will also run automatically at boot using `init.d`.
 This starts by copying the files to `/usr/local` and making them owned by root,
 then setting up an `init.d` service file.  However the instructions for the service file are not
 quite right for the Raspberry Pi which does not have `chkconfig`.
-Instead you have to 
-manually set the dependencies in the service file (see here for an appropriate 
-[init.d/vpnbridge service file](vpnbridge)) and then use the following to 
+Instead you have to
+manually set the dependencies in the service file (see here for an appropriate
+[init.d/vpnbridge service file](vpnbridge)) and then use the following to
 make it executable and register it:
+
 ```
    sudo chmod +x /etc/init.d/vpnbridge
    sudo update-rc.d vpnbridge defaults
 ```
 
 As a secondary problem,
-if you want to use a bridge interface (see `br0` above) then you have to make the 
+if you want to use a bridge interface (see `br0` above) then you have to make the
 `br0` interface persistent.  This is a bit tricky since `br0` depends on the
 `tap_svpn` interface which
 is actually dynamically created by `vpnbridge` when it starts.
-One way around this is to add the 
-bridge creation to `/etc/network/interfaces`, but the Raspberry Pi makes this complicated by autogenerating 
+One way around this is to add the
+bridge creation to `/etc/network/interfaces`, but the Raspberry Pi makes this complicated by autogenerating
 that file from a DHCP configuration file...
-A simpler if slightly hacky solution is to add the 
+A simpler if slightly hacky solution is to add the
 bridge creation commands to the `init.d` script, which is what I have done above.
 
 Note that I use `eth0` for my connection to the upstream external network (internet) and
@@ -155,7 +240,6 @@ in this service file but if the IP of the VPN server changes that part will have
 and also your local gateway may have a different address than what I used.  In short, make sure to
 check and edit these elements.
 
-
 ## 10. Setting up a Raspberry Pi as a Wi-Fi access point
 
 1. Install `hostapd`
@@ -169,6 +253,7 @@ check and edit these elements.
 2. Setup Wi-Fi interface
 
 In `/etc/dhcpcd.conf`:
+
 ```
 ...
 interface wlan0
@@ -181,6 +266,7 @@ interface wlan0
 3. Setup `hostapd`
 
 In `/etc/hostapd/hostapd.conf`:
+
 ```
 contry_code=US
 interface=wlan0
@@ -194,9 +280,11 @@ wpa_key_mgmt=WPA-PSK
 rsn_pairwise=CCMP
 wpa_passphrase=YOUR_FABORITE_PASSWORD
 ```
-Specify country codes, etc., appropriately for your environment. See https://w1.fi/hostapd/ .
+
+Specify country codes, etc., appropriately for your environment. See <https://w1.fi/hostapd/> .
 
 In `/etc/default/hostapd`:
+
 ```
 ...
 DAEMON_CONF="/etc/hostapd/hostapd.conf"