DD-WRT v24-preSP2 實做WAN & LAN 並存於單一網路埠
以下以[URL="http://www.pczone.com.tw/thread/44/143252/"]Belkin F5D7230-4 v1444 刷DD-WRT v24-preSP2 micro-plus 版[/URL]實做, 文章寫於實做成功之後, 以下指令目的在於調整VLAN:
[INDENT][FONT="細明體"]root@DD-WRT:~# nvram show | grep vlan | sort
size: 19323 bytes (13445 left)
dtag_vlan8=0
[B]lan_ifnames=[COLOR="Red"]vlan0[/COLOR] eth1 eth2 eth3[/B]
[B]port0vlans=1[/B] (PS: VLANs -> Port W = Physical WAN Port)
port1vlans=0
port2vlans=0
port3vlans=0
port4vlans=0
[B]port5vlans=0 1 16[/B] (PS: 包含vlan0 & vlan1)
pppoe_ifname=vlan1
pppoe_wan_ifname=vlan1
vlan0_bridged=1
vlan0hwname=et0
[B]vlan0ports=0 1 2 3 5*[/B] (PS: vlan0 = LAN)
vlan1hwname=et0
[B]vlan1ports=[COLOR="Red"]4[/COLOR] 5[/B] (PS: vlan1 = WAN)
vlans=0
[B]wan_default=vlan1
wan_ifname2=vlan1[/B]
wan_ifname=vlan1
wan_ifnames=vlan1
wl0_vlan_prio_mode=off
root@DD-WRT:~# [B]nvram set vlan0ports="0 1 2 3 4 5*"[/B]
root@DD-WRT:~# [B]nvram set vlan1ports=5[/B]
root@DD-WRT:~# [B]nvram set port0vlans=0[/B]
root@DD-WRT:~# [B]nvram set port5vlans=0 16[/B]
root@DD-WRT:~# [B]nvram commit[/B][/FONT][/INDENT]
然後開啟[URL="http://192.168.1.1/Networking.asp"]DD-WRT Setup -> Networking[/URL] -> Port Setup -> WAN Port Assignment -> br0 -> Apply Settings -> 請重新啟動DD-WRT
[CODE][FONT="細明體"]root@DD-WRT:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
1xx.xx.xx.xxx * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
169.254.0.0 * 255.255.0.0 U 0 0 0 br0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default hxxx.sxx.xx.xxx 0.0.0.0 UG 0 0 0 ppp0
root@DD-WRT:~# cat /tmp/ppp/options.pppoe
plugin /usr/lib/rp-pppoe.so
nic-[B]br0[/B][/FONT][/CODE]
請留意網路線可任意連接, 由於已經把路由器的WAN & LAN1-4 合併成為一個 "[B]5-port Switch[/B]", 所以不限定只能連接路由器的WAN Port, 唯一要注意的是路由器的LAN IP 請避開192.168.1.1, 因為很有可能被數據機佔用
嚴格來說WAN Port 應該改為vlan0 (有線網路) 較佳, 然而由於會導致vlan0 脫離br0 (可能和DD-WRT 的設計邏輯有關), 不得已只好選擇br0, 小弟測試時並未啟用無線, 所以不知有何影響, 或許有高手知道如何替vlan0 建立一個別名
以上把WAN & LAN1-4 合併成為一個VLAN (vlan0), 而vlan1 則廢棄不用, DD-WRT WebGUI 無法刪除vlan1, 但從ifconfig 來看, vlan1 已經不存在, 小弟原先一直往VLAN Trunking 方向尋找答案, 實際上是不瞭解VLAN Trunking 所需條件, 因而浪費不少時間, 其實#1 已經分析出WAN (PPPoE) & LAN (IPv4/IPv6) 各跑不同協定, 所以不需要以VLAN 切割, 也不需要802.1q, 剩下的問題就是如何以DD-WRT WebGUI 完成小弟所要達到的功能, 由於DD-WRT 的VLANs 網頁還有一些臭蟲, 所以部份工作還是得靠下指令完成, 此外並非每一種DD-WRT 所支援的路由器都可以支援VLAN, 而OpenWrt Kamikaze 以後也已經不再使用NVRAM, 有興趣者請自行研究
[URL="http://www.dd-wrt.com/wiki/index.php/VLAN_Detached_Networks_%28Separate_Networks_With_Internet%29"][B]VLAN Detached Networks (Separate Networks With Internet) - DD-WRT Wiki[/B][/URL]
[URL="http://www.dd-wrt.com/wiki/index.php/Switched_Ports"]Switched Ports - DD-WRT Wiki[/URL]
[URL="http://www.dd-wrt.com/phpBB2/viewtopic.php?t=38087"]DD-WRT Forum :: View topic - HOWTO: Two networks on single port (FON, w/o VLANs)[/URL]
[URL="http://wiki.openwrt.org/oldwiki/OpenWrtDocs/NetworkInterfaces"]VLAN and bridging concepts - OpenWrt Wiki[/URL]
[URL="http://wiki.openwrt.org/doc/uci/network"]Network configuration - OpenWrt Wiki[/URL]
[URL="https://forum.openwrt.org/viewtopic.php?id=5087"]OpenWrt / Mixed tagged untagged packets in VLAN trunk[/URL]
[URL="https://forum.openwrt.org/viewtopic.php?id=4904"]OpenWrt / Several VLans one one port?![/URL]
[URL="http://www.tipsternet.com/articles/dd-wrt_buffalo.html"]WHR-G54S & DD-WRT - TipsterNet[/URL]
Fonera+ 刷Gargoyle v1.3.4 (OpenWrt Backfire v10.03)
Fonera+ 刷Gargoyle v1.3.4 (OpenWrt Backfire 10.03) 的初步測試結果, 內建ppp-mod-pppoe 似乎無法任意選擇ifname, 預設為eth0.2 (Kamikaze 為eth0.1), 改成br-lan 則無法建立連線 (pppoe-wan), 有可能小弟沒能搞懂br-lan 和pppoe-wan 的先後順序, 如果先照預設建立pppoe-wan, 再把eth0.2 加入br-lan, 則會導致pppoe-wan 中斷, 比較理想的方式是先建立br-lan 橋接eth0.1 & eth0.2, 再執行/usr/sbin/pppd, 可是小弟尚未弄懂pppd 參數是否如下:
[CODE]/usr/sbin/pppd plugin rp-pppoe.so mtu 1492 mru 1492 nic-eth0.2[/CODE]
其後安裝rp-pppoe-client 套件, 修改/etc/ppp/pppoe.conf & /etc/ppp/pap-secrets (格式 = 帳號 * 密碼 *), 成功建立連線ppp0 並且可以選擇br-lan, 但必須自行修改Firewall Script, 或自行設法把pppoe-wan 都置換成ppp0, 小弟功力尚淺, 所以只能當作參考, 下一步還是回頭研究pppd 指令參數
[CODE][FONT="細明體"]root@OpenWrt:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xx.xx.xxx * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
default * 0.0.0.0 U 0 0 0 ppp0
[/FONT][/CODE]
Fonera+ 網路介面:
[INDENT][FONT="細明體"]LAN : eth0.1 (Kamikaze eth0.0)
WAN : eth0.2 (Kamikaze eth0.1)
WLAN: ath0
br-lan: ath0 & eth0.1[/FONT][/INDENT]
Gargoyle v1.3.4 on Fonera+ run PPPoE over br-lan
終於搞定Gargoyle v1.3.4 on Fonera+, 以下文章完成於實做成功之後, 但還不是很完美, 只能算是Work-around
稍微把ppp-mod-pppoe 和rp-pppoe-client 的行為差異搞懂了, 不過以下只是小弟瞎猜的, ppp-mod-pppoe 會把綁定網路埠的IP 移除, 若該網路埠屬於橋接器之一, 則從橋接器中移除, 而rp-pppoe-client 只會把新的IP 指定給ppp0, 以下是執行 "ifup wan" 和 "logread | grep ppp" 的結果:
[CODE]Aug 22 04:00:29 OpenWrt daemon.info pppd[1560]: Plugin rp-pppoe.so loaded.
Aug 22 04:00:29 OpenWrt daemon.notice pppd[1560]: pppd 2.4.4 started by root, uid 0
Aug 22 04:00:29 OpenWrt daemon.info pppd[1560]: PPP session is 10069
Aug 22 04:00:29 OpenWrt daemon.info pppd[1560]: [B]Renamed ppp0 to pppoe-wan[/B]
Aug 22 04:00:29 OpenWrt daemon.info pppd[1560]: Using interface pppoe-wan
Aug 22 04:00:29 OpenWrt daemon.notice pppd[1560]: [B][COLOR="Red"]Connect: pppoe-wan <--> br-lan[/COLOR][/B]
Aug 22 04:00:30 OpenWrt daemon.notice pppd[1560]: PAP authentication succeeded[/CODE]
以下是執行 "/etc/init.d/pppoe-client start" 和 "logread | grep ppp" 的結果:
[CODE]Aug 22 04:03:56 OpenWrt daemon.notice pppd[1662]: pppd 2.4.4 started by root, uid 0
Aug 22 04:03:56 OpenWrt daemon.info pppd[1662]: [B]Using interface ppp0[/B]
Aug 22 04:03:16 OpenWrt daemon.notice pppd[1627]: [B][COLOR="Red"]Connect: ppp0 <--> /dev/pts/0[/COLOR][/B]
Aug 22 04:03:56 OpenWrt daemon.debug pppoe[1667]: PADS: Service-Name: ''
Aug 22 04:03:56 OpenWrt daemon.info pppoe[1667]: PPP session is 6482 (0x1952)
Aug 22 04:03:57 OpenWrt daemon.warn pppd[1662]: Warning - secret file /etc/ppp/pap-secrets has world and/or group access
Aug 22 04:03:57 OpenWrt daemon.warn pppd[1662]: Warning - secret file /etc/ppp/pap-secrets has world and/or group access
Aug 22 04:03:58 OpenWrt daemon.notice pppd[1662]: PAP authentication succeeded[/CODE]
既然知道ppp-mod-pppoe 會把綁定網路埠的IP 移除, 那就加回來就是了, 以下是Fonera+ (FON2201) 的 /etc/config/network:
[CODE]config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'
config 'interface' 'lan'
option 'type' 'bridge'
option 'ifname' '[B][COLOR="Red"]eth0.1 eth0.2[/COLOR][/B]'
option 'proto' 'static'
option 'netmask' '255.255.255.0'
option 'ipaddr' '192.168.1.254'
config 'interface' 'wan'
option 'ifname' '[B][COLOR="Red"]br-lan[/COLOR][/B]'
option 'proto' 'pppoe'
option 'username' '[email protected]'
option 'password' 'PASSWORD'
option 'keepalive' '3'
option 'ppp_redial' 'persist'
option 'persist'[/CODE]
先於重啟之後執行 "route"
[CODE][FONT="細明體"]root@OpenWrt:/# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan[/FONT][/CODE]
可見pppd 並未執行, 於是執行 "ifup wan ; route"
[CODE][FONT="細明體"]root@OpenWrt:/# ifup wan ; route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xx.xx.xxx * 255.255.255.255 UH 0 0 0 pppoe-wan
default * 0.0.0.0 U 0 0 0 pppoe-wan[/FONT][/CODE]
pppd 終於成功, 但br-lan 卻不見了, 於是再執行 "ifconfig br-lan 192.168.1.254 netmask 255.255.255.0 ; route"
[CODE][FONT="細明體"]root@OpenWrt:/# ifconfig br-lan 192.168.1.254 netmask 255.255.255.0 ; route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xx.xx.xxx * 255.255.255.255 UH 0 0 0 pppoe-wan
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
default * 0.0.0.0 U 0 0 0 pppoe-wan[/FONT][/CODE]
最後檢查橋接器是否正確, 以免功虧一簣:
[CODE][FONT="細明體"]root@OpenWrt:/# brctl show
bridge name bridge id STP enabled interfaces
br-lan 8000.001884aabbcc no ath0
eth0.1
eth0.2[/FONT][/CODE]
既然看起來都沒問題了, 剩下的就是找個地方存放Startup Script, 例如 /etc/init.d/custom-user-startup:
[CODE][FONT="細明體"]#!/bin/sh /etc/rc.common
START=98
start() {
ifup wan
ifconfig br-lan 192.168.1.254 netmask 255.255.255.0
}[/FONT][/CODE]
輸入完畢請執行:
[CODE]chmod +x /etc/init.d/custom-user-startup
/etc/init.d/custom-user-startup enable
/etc/init.d/custom-user-startup start[/CODE]
以上指令會產生 /etc/rc.d/S98custom-user-startup
La Fonera (FON2100 & FON2200) 應該只需把以上 "[B]eth0.1 eth0.2[/B]" 改成 "[B]eth0[/B]" 即可套用
此外pppd 指令應該看起來像是:
[CODE]/usr/sbin/pppd plugin rp-pppoe.so mtu 1492 mru 1492 nic-br-lan persist usepeerdns defaultroute replacedefaultroute user [U][I][email protected][/I][/U] password [U][I]PASSWORD[/I][/U] unit 0 linkname wan ipparam wan[/CODE]
[URL="https://forum.openwrt.org/viewtopic.php?id=16173"]OpenWrt / pppoe with kamikaze[/URL]
[URL="https://forum.openwrt.org/viewtopic.php?id=24717"]OpenWrt / lan and wan on one ethernet port with vlan[/URL]
[URL="http://linux.die.net/man/8/pppd"]pppd(8): Point-to-Point Protocol Daemon - Linux man page[/URL]
OpenWrt Kamikaze v8.09.2 on ASUS WL-HDD2.5 running PPPoE over br-lan
由於手邊沒有La Fonera, 所以只剩ASUS WL-HDD2.5 可供實驗, 由於先前已經變磚過一次, 所以這次特別小心
雖然ASUS WL-HDD2.5 的network 組態有 "switch" 一項, 但小弟尚未搞懂, 所以只沿用前面採用過的的旁門左道
[B]/etc/config/network[/B]:
[CODE][FONT="細明體"]config 'switch' 'eth0'
option 'vlan0' '1 2 3 4 5*'
option 'vlan1' '0 5'
config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'
config 'interface' 'lan'
option 'type' 'bridge'
option 'ifname' 'eth1'
option 'proto' 'static'
option 'ipaddr' '192.168.1.1'
option 'netmask' '255.255.255.0'
config 'interface' 'wan'
option 'ifname' 'br-lan'
option 'proto' 'pppoe'
option 'username' '[email protected]'
option 'password' 'PASSWORD'
option 'keepalive' '3'
option 'defaultroute' '1'
option 'ppp_redial' 'persist'
option 'persist'
#In case you brick your router
config 'alias'
option 'interface' 'wan'
option 'proto' 'static'
option 'ipaddr' '169.254.255.1'
option 'netmask' '255.255.0.0'[/FONT][/CODE]
[B]/etc/init.d/custom-user-startup[/B]:
[CODE][FONT="細明體"]#!/bin/sh /etc/rc.common
START=98
start() {
ifup wan
wifi up
ifconfig br-lan 192.168.1.1 netmask 255.255.255.0
}[/FONT][/CODE]
輸入完畢請執行:
[CODE][FONT="細明體"]chmod +x /etc/init.d/custom-user-startup
/etc/init.d/custom-user-startup enable
/etc/init.d/custom-user-startup start[/FONT][/CODE]
以上指令會產生 /etc/rc.d/S98custom-user-startup
重啟之後檢查結果:
[CODE][FONT="細明體"]root@OpenWrt:~# route ; brctl show
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xx.xx.xxx * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
169.254.0.0 * 255.255.0.0 U 0 0 0 br-lan
default hxxx.sxx.xx.hin 0.0.0.0 UG 0 0 0 ppp0
bridge name bridge id STP enabled interfaces
br-lan 8000.0015f2aabbcc no eth1
wl0[/FONT][/CODE]