FAQ o OpenWrt | Sprzedam różne routery | Oddam

prybka · 2013-01-30 21:31:56

prybka
Użytkownik
Nieaktywny

Zarejestrowany: 2010-11-22
Posty: 119

Temat: Dwa routery, jedna sieć WiFi + sieć gościnna.

Dwa routery, jedna sieć WiFi + sieć gościnna.

Zwracam się z prośba o pomoc w zdiagnozowaniu problemu.
Próbuje uruchomić taka konfiguracje jak w temacie. Przedstawie jak się to ma na obecna chwilę:

Router pierwszy WAN, serwer DHCP, WiFi + Wifi Gosc -> Port LAN skrętka Port LAN -> Router drugi WAN połączony z LAN, wyłączony serwer DHCP, WiFi + Wifi Gosc.

Usterka polega na tym, że łącząc się poprzez Router drugi z siecia Siec-A_Gosc nie działa Internet. Wygląda na to że nie może pobrac adresów po DHCP. W pozostałych przypadkach nie ma problemu. Problem pewnie polega z routingiem, ale szczerze do konca nie ogarniam tego. Z samym Routerem nawiązuje połączenie co pokazuje:

root@OpenWrt:~# iw dev wlan0-1 station dump
Station 7c:61:93:97:50:41 (on wlan0-1)
    inactive time:    1110 ms
    rx bytes:    1242
    rx packets:    8
    tx bytes:    322
    tx packets:    2
    tx retries:    0
    tx failed:    0
    signal:      -52 [-52] dBm
    signal avg:    -50 [-50] dBm
    tx bitrate:    1.0 MBit/s
    rx bitrate:    54.0 MBit/s
    authorized:    yes
    authenticated:    yes
    preamble:    short
    WMM/WME:    yes
    MFP:        no
    TDLS peer:    no

Router pierwszy TL-WR842ND Gargoyle PL 1.5.9.2 (1f082da)
Router drugi TL-WR743ND OpenWrt Attitude Adjustment 12.09-rc1 (r35351)

Ustawienia Router pierwszy

root@Gargoyle:~# cat /etc/config/network 

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option ifname 'eth0'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.35.1'
    option 'defaultroute' '0'
    option 'peerdns' '0'

config interface 'wan'
    option ifname 'eth1'
    option proto 'dhcp'

config switch
    option name 'eth0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'eth0'
    option vlan '1'
    option ports '0 1 2 3 4'

config interface 'gosc'
    option proto 'static'
    option ipaddr '192.168.55.1'
    option netmask '255.255.255.0'
    option 'defaultroute' '0'
    option 'peerdns' '0'

root@Gargoyle:~# cat /etc/config/wireless 

config wifi-device 'radio0'
    option type 'mac80211'
    option macaddr '64:70:02:bb:70:c8'
    option hwmode '11ng'
    option htmode 'HT20'
    option country 'PL'
    option country_ie '1'
    option noscan '1'
    option channel '8'
    option disabled '0'

config wifi-iface
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'Siec-A'
    option encryption 'psk2'
    option key '12345378'

config wifi-iface 'gosc'
    option device 'radio0'
    option mode 'ap'
    option network 'gosc'
    option ssid 'Siec-A_Gosc'
    option encryption 'psk2'
    option key '3453789'

root@Gargoyle:~# cat /etc/config/firewall 

config defaults
    option syn_flood '1'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'lan'
    option network 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'wan'
    option network 'wan'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'

config forwarding
    option src 'lan'
    option dest 'wan'

config rule
    option name 'Allow-DHCP-Renew'
    option src 'wan'
    option proto 'udp'
    option dest_port '68'
    option target 'ACCEPT'
    option family 'ipv4'

config rule
    option name 'Allow-Ping'
    option src 'wan'
    option proto 'icmp'
    option icmp_type 'echo-request'
    option family 'ipv4'
    option target 'ACCEPT'

config rule
    option name 'Allow-DHCPv6'
    option src 'wan'
    option proto 'udp'
    option src_ip 'fe80::/10'
    option src_port '547'
    option dest_ip 'fe80::/10'
    option dest_port '546'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Input'
    option src 'wan'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    list icmp_type 'router-solicitation'
    list icmp_type 'neighbour-solicitation'
    list icmp_type 'router-advertisement'
    list icmp_type 'neighbour-advertisement'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Forward'
    option src 'wan'
    option dest '*'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config include
    option path '/etc/firewall.user'

config include
    option path '/usr/lib/gargoyle_firewall_util/gargoyle_additions.firewall'

config include 'openvpn_include_file'
    option path '/etc/openvpn.firewall'

config remote_accept 'ra_22_9922'
    option local_port '22'
    option remote_port '9922'
    option proto 'tcp'
    option zone 'wan'

config zone
    option name 'gosc'
    option network 'gosc'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'

config forwarding
    option src 'gosc'
    option dest 'wan'

config rule
    option src 'gosc'
    option proto 'udp'
    option src_port '67-68'
    option dest_port '67-68'
    option target 'ACCEPT'
    option family 'ipv4'

config rule
    option src 'gosc'
    option dest_port '53'
    option target 'ACCEPT'
    option family 'ipv4'
    option proto 'tcpudp'

root@Gargoyle:~# route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.10.1    0.0.0.0         UG    0      0        0 eth1
192.168.10.0    *               255.255.255.0   U     0      0        0 eth1
192.168.35.0    *               255.255.255.0   U     0      0        0 br-lan
192.168.55.0    *               255.255.255.0   U     0      0        0 wlan0-1

Ustawienia Router drugi

root@OpenWrt:~# cat /etc/config/network 

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option ifname 'eth0 eth1'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.35.2'
    option dns '192.168.35.1'
    option gateway '192.168.35.1'

config switch
    option name 'eth0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'eth0'
    option vlan '1'
    option ports '0 1 2 3 4'

config interface 'gosc'
    #option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.55.2'
    option netmask '255.255.255.0'
    option dns '192.168.55.1'
    option gateway '192.168.55.1'

root@OpenWrt:~# cat /etc/config/wireless 

config wifi-device 'radio0'
    option type 'mac80211'
    option macaddr 'a0:f3:c1:3b:2b:e4'
    option hwmode '11ng'
    option htmode 'HT20'
    option country 'PL'
    option country_ie '1'
    option noscan '1'
    option channel '8'
    option disabled '0'

config wifi-iface
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'Siec-A'
    option encryption 'psk2'
    option key '12345378'

config wifi-iface 'gosc'
    option device 'radio0'
    option mode 'ap'
    option network 'gosc'
    option ssid 'Siec-A_Gosc'
    option encryption 'psk2'
    option key '3453789'

root@OpenWrt:~# cat /etc/config/firewall 

config defaults
    option syn_flood '1'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'lan'
    option network 'lan'
    option input 'ACCEPT'
    option output 'ACCEPT'
    option forward 'REJECT'

config zone
    option name 'wan'
    option network 'wan'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'
    option masq '1'
    option mtu_fix '1'

config forwarding
    option src 'lan'
    option dest 'wan'

config rule
    option name 'Allow-DHCP-Renew'
    option src 'wan'
    option proto 'udp'
    option dest_port '68'
    option target 'ACCEPT'
    option family 'ipv4'

config rule
    option name 'Allow-Ping'
    option src 'wan'
    option proto 'icmp'
    option icmp_type 'echo-request'
    option family 'ipv4'
    option target 'ACCEPT'

config rule
    option name 'Allow-DHCPv6'
    option src 'wan'
    option proto 'udp'
    option src_ip 'fe80::/10'
    option src_port '547'
    option dest_ip 'fe80::/10'
    option dest_port '546'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Input'
    option src 'wan'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    list icmp_type 'router-solicitation'
    list icmp_type 'neighbour-solicitation'
    list icmp_type 'router-advertisement'
    list icmp_type 'neighbour-advertisement'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config rule
    option name 'Allow-ICMPv6-Forward'
    option src 'wan'
    option dest '*'
    option proto 'icmp'
    list icmp_type 'echo-request'
    list icmp_type 'echo-reply'
    list icmp_type 'destination-unreachable'
    list icmp_type 'packet-too-big'
    list icmp_type 'time-exceeded'
    list icmp_type 'bad-header'
    list icmp_type 'unknown-header-type'
    option limit '1000/sec'
    option family 'ipv6'
    option target 'ACCEPT'

config include
    option path '/etc/firewall.user'

config zone
    option name 'gosc'
    option network 'gosc'
    option input 'REJECT'
    option output 'ACCEPT'
    option forward 'REJECT'

config forwarding
    option src 'gosc'
    option dest 'wan'

config rule
    option src 'gosc'
    option proto 'udp'
    option src_port '67-68'
    option dest_port '67-68'
    option target 'ACCEPT'
    option family 'ipv4'

config rule
    option src 'gosc'
    option dest_port '53'
    option target 'ACCEPT'
    option family 'ipv4'
    option proto 'tcpudp'

root@OpenWrt:~# route 
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.55.1    0.0.0.0         UG    0      0        0 wlan0-1
192.168.35.0    *               255.255.255.0   U     0      0        0 br-lan
192.168.55.0    *               255.255.255.0   U     0      0        0 wlan0-1

TL-WDR3600
TL-WR1043ND
TL-WR842ND

prybka · 2014-01-26 10:15:42

prybka
Użytkownik
Nieaktywny

Zarejestrowany: 2010-11-22
Posty: 119

Odp: Dwa routery, jedna sieć WiFi + sieć gościnna.

Witam,

Wracam do problemu z poprzedniego posta, z pytaniem jak odpowiednio zmodyfikować poradnik Sieć gościnna tak aby zachować taka funkcjonalność całego zestawu
Router pierwszy WAN, LAN + dhcp dla LAN

 | Gargoyle PL 1.6.0.1 (f70487a)                                |
 | OpenWrt Attitude Adjustment 12.09.1 (r39154)                 |
 | Build time: 2014-01-24 12:21 CET                             |
 | Cezary Jackiewicz (obsy), http://eko.one.pl                  |
 | Machine: Ubiquiti AirRouter                                  |
 | WAN: 192.168.10.179, proto: dhcp                             |
 | LAN: 192.168.35.1                                            |
 | WLAN: mode: ap, ssid: Gargoyle, channel: 1, conn: 0          |

Router drugi LAN = dhcp dla GUEST

 | Gargoyle PL 1.6.0.1 (f70487a)                                |
 | OpenWrt Attitude Adjustment 12.09.1 (r39154)                 |
 | Build time: 2014-01-24 12:11 CET                             |
 | Cezary Jackiewicz (obsy), http://eko.one.pl                  |
 | Machine: TP-Link TL-WR842N/ND v1                             |
 | WAN:                                                         |
 | LAN: 192.168.35.3                                            |
 | WLAN: mode: ap, ssid: Gargoyle, channel: 1, conn: 0          |
 | WLAN: mode: ap, ssid: Gargoyle_Guest, channel: 1, conn: 1    

root@Gargoyle:~# cat /etc/config/network 

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option ifname 'eth0'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.255.0'
    option ipaddr '192.168.35.3'
    option gateway '192.168.35.1'
    option dns '192.168.35.1'

config switch
    option name 'eth0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'eth0'
    option vlan '1'
    option ports '0 1 2 3 4'

config interface 'guest'
    option proto 'static'
    option ipaddr '10.1.1.1'
    option netmask '255.255.255.0'

root@Gargoyle:~# cat /etc/config/wireless 

config wifi-device 'radio0'
    option type 'mac80211'
    option hwmode '11ng'
    option path 'pci0000:00/0000:00:00.0'
    option htmode 'HT20'
    list ht_capab 'SHORT-GI-20'
    list ht_capab 'SHORT-GI-40'
    list ht_capab 'TX-STBC'
    list ht_capab 'RX-STBC1'
    list ht_capab 'DSSS_CCK-40'
    option noscan '1'
    option channel '1'

config wifi-iface 'ap_g'
    option device 'radio0'
    option mode 'ap'
    option network 'lan'
    option ssid 'Gargoyle'
    option encryption 'psk'
    option key 'password'

config wifi-iface 'guest'
    option device 'radio0'
    option mode 'ap'
    option network 'guest'
    option ssid 'Gargoyle_Guest'
    option encryption 'none'

root@Gargoyle:~# cat /etc/config/dhcp 

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan'
    option expandhosts '1'
    option nonegcache '0'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'

config dhcp 'wan'
    option interface 'wan'
    option ignore '1'

config dhcp 'guest'
    option start '100'
    option limit '150'
    option leasetime '2h'
    option interface 'guest'

W zasadzie do tego momentu wszystko działa, ale moja wiedza jest na tyle uboga aby wymyśleć co dalej?
Z góry dziekuje za wszelkie podpowiedzi.

TL-WDR3600
TL-WR1043ND
TL-WR842ND

FAQ o OpenWrt | Sprzedam różne routery | Oddam

Dwa routery, jedna sieć WiFi + sieć gościnna.

Posty: 2

1 Temat przez prybka 2013-01-30 21:31:56

Temat: Dwa routery, jedna sieć WiFi + sieć gościnna.

2 Odpowiedź przez prybka 2014-01-26 10:15:42

Odp: Dwa routery, jedna sieć WiFi + sieć gościnna.

Posty: 2