%20%E7%9A%84%20DSA%20%E4%BB%A5%E5%A4%AA%E7%BD%91%E7%AB%AF%E5%8F%A3%E9%80%9A%E4%BF%A1%E5%A4%B1%E8%B4%A5.png)
我的 Banana PI R1 上的交换机端口上没有运行 TCP/IP 通信(即,不是显示为 eth0 且正在工作的单独 LAN 端口)。它运行“Debian GNU/Linux 9.8”,从带有 Debian 8 的 Armbian 镜像升级而来 [1]。
这是我的 /etc/network/interfaces 文件:
allow-hotplug eth0
iface eth0 inet dhcp
# Local loopback
auto lo
iface lo inet loopback
# Router ports
auto lan1
iface lan1 inet static
address 192.168.12.253
netmask 255.255.255.0
network 192.168.12.0
broadcast 192.168.12.255
gateway 192.168.12.253
dns-search greatsoft.local
auto lan2
iface lan2 inet static
address 192.168.13.253
netmask 255.255.255.0
network 192.168.13.0
broadcast 192.168.13.255
gateway 192.168.13.253
dns-search greatsoft.local
auto lan3
iface lan3 inet static
address 192.168.14.253
netmask 255.255.255.0
network 192.168.14.0
broadcast 192.168.14.255
gateway 192.168.14.253
dns-search greatsoft.local
auto lan4
iface lan4 inet static
address 192.168.15.253
netmask 255.255.255.0
network 192.168.15.0
broadcast 192.168.15.255
gateway 192.168.15.253
dns-search greatsoft.local
启动后,ifconfig 报告这些行(省略 lo0/wlan0):
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.113 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::47:aff:fec1:f535 prefixlen 64 scopeid 0x20<link>
ether 02:47:0a:c1:f5:35 txqueuelen 1000 (Ethernet)
RX packets 4581 bytes 816911 (797.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2392 bytes 294521 (287.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 49
lan1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.12.253 netmask 255.255.255.0 broadcast 192.168.12.255
ether 02:47:0a:c1:f5:35 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lan2: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.13.253 netmask 255.255.255.0 broadcast 192.168.13.255
ether 02:47:0a:c1:f5:35 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lan3: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.14.253 netmask 255.255.255.0 broadcast 192.168.14.255
ether 02:47:0a:c1:f5:35 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lan4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.15.253 netmask 255.255.255.0 broadcast 192.168.15.255
inet6 fe80::47:aff:fec1:f535 prefixlen 64 scopeid 0x20<link>
ether 02:47:0a:c1:f5:35 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 13 bytes 1070 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
“ip -d link show”的输出是(lo0/wlan0 省略):
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
3: lan2@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 switchid 00000000
4: lan3@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 switchid 00000000
5: lan4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 switchid 00000000
6: wan@eth0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 switchid 00000000
7: lan1@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
link/ether 02:47:0a:c1:f5:35 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 switchid 00000000
例如,如果我在 lan 4 端口上连接电缆,并为连接的系统指定 IP 地址 192.168.15.250,网络掩码 255.255.255.0,则来自 Banana PI 的 ping 操作会显示:
From 192.168.15.253 icmp_seq=1 Destination Host Unreachable
arp -n 显示
Address HWtype HWaddress Flags Mask Iface
192.168.15.250 (incomplete) lan4
我不清楚为什么沟通失败。我想一定是有什么东西缺失了。有人给我提示吗?
答案1
默认情况下,ArmBian 和以前的 Bananian 中除了 WAN 端口之外的 4 个端口都是桥接的;它们仅作为单个 IP 接口呈现,即 WAN 端口的第二个接口。这就是您的 IP 操作系统级别配置不起作用的原因。请注意,在 R1 中,端口/芯片组在启动时会作为 5 端口集线器启动,因为该板缺少一个连接到 BCM53125 的电阻,因此不会发生这种情况。更糟糕的是,如果 Linux 内核无法启动,它仍然是一个 5 端口集线器。
BCM53125 交换机芯片组必须经过编程,才能将每个端口转变为单独的 VLAN,而不是与任何其他端口桥接。
请注意端口的编号。至少在旧的内核配置切换中,还没有测试新的DSA,它们是:
|2|1|0|4| |3|
以下配置对于设置交换机 VLAN 很有用,其中 5 个端口中的每一个都是独立的端口/VLAN。
启动完成后:
eth.10 (VLAN 10) 将是您以前的 eth0、192.168.1.x 接口
eth.12 (VLAN 12) 将是您以前的 lan1、192.168.12.x 接口
eth.13 (VLAN 13) 将是您以前的 lan2 , 192.168.13.x 接口
eth.14 (VLAN 14) 将是您以前的 lan3, 192.168.14.x 接口
eth.15 (VLAN 15) 将是您以前的 lan4, 192.168.15.x 接口
当心那些是内部的芯片组的 VLAN。 Broadcom BCM53125 不支持 802.1Q。因此,在下面的脚本中使用了 untagged 指令。
在以下位置创建文件:/etc/network/if-pre-up.d/dsa
#!/bin/bash
# to avoid execute more than once
[ "$IFACE" == "eth0" ] || exit 0
ip link set eth0 up
# ** create the native VLAN **
ip link add link eth0 name eth0.10 type vlan id 10
ip link add link eth0 name eth0.12 type vlan id 12
ip link add link eth0 name eth0.13 type vlan id 13
ip link add link eth0 name eth0.14 type vlan id 14
ip link add link eth0 name eth0.15 type vlan id 15
# ** ALLOCATION VLAN
bridge vlan add vid 10 dev wan pvid untagged
bridge vlan add vid 12 dev lan1 pvid untagged
bridge vlan add vid 13 dev lan2 pvid untagged
bridge vlan add vid 14 dev lan3 pvid untagged
bridge vlan add vid 15 dev lan4 pvid untagged
# ** Delete VLAN default 1 **
bridge vlan del vid 1 dev wan
bridge vlan del vid 1 dev lan1
bridge vlan del vid 1 dev lan2
bridge vlan del vid 1 dev lan3
bridge vlan del vid 1 dev lan4
bridge vlan del vid 1 dev eth0.10
bridge vlan del vid 1 dev eth0.12
bridge vlan del vid 1 dev eth0.13
bridge vlan del vid 1 dev eth0.14
bridge vlan del vid 1 dev eth0.15
# ** ACTIVATE /Start **
ip link set up wan
ip link set eth0.10 up
ip link set eth0.12 up
ip link set eth0.13 up
ip link set eth0.14 up
ip link set eth0.15 up
ip link set lan1 up
ip link set lan2 up
ip link set lan3 up
ip link set lan4 up
使文件可执行: chmod 0777 /etc/network/if-pre-up.d/dsa
启动后检查所有内容 ip -d link show eth0.10 ip -d link show eth0.11 ....
桥接 VLAN 显示 桥接链路显示
删除其他 VLAN 文件的所有权限,使其只读: chmod 0444 /etc/network/if-post-down.d/vlan chmod 0444 /etc/network/if-pre-up.d/vlan
脚本未经测试并改编自指南: BPi-R1 - 分布式交换机架构 2017
在链接的指南中,还有一个用于关闭开关的脚本。
免责声明:我不会声称该脚本在第一次尝试时就有效,但应该是一个好的开始。我也将在 6-7 周内在我的 R1 中测试它,在此之前还没有时间。
PS:你们的R1每隔一天随机死机一次吗?我的每两周都会出现神秘的只读文件系统情况。
我找到了原因,并通过删除 realtek wifi 芯片组解决了这个问题。
后来有人进行电气测量,设法发现瑞昱芯片组有时会使 R1 完全过载,从而导致不稳定,即使它没有被使用,这证实了我的经验发现。
PPS:当我购买 R1 时,我试图将其变成 AP。一个失败的事业。参见相关:使用华硕 USB-N13 适配器 (realtek) 时出现 Wi-Fi 问题
答案2
中的片段https://github.com/armbian/build/issues/511给了我正确的方向,我最终得到了这个 /etc/network/interfaces 文件:
auto lo
iface lo inet loopback
auto eth0.101
iface eth0.101 inet dhcp
pre-up ip link add br53125 type bridge
pre-up ip link set wan master br53125
pre-up bridge vlan add vid 101 dev wan pvid untagged
pre-up bridge vlan del vid 1 dev wan
pre-up ip link set wan up
post-down ip link set wan down
post-down ip link del dev eth0.101
auto eth0.102
iface eth0.102 inet manual
pre-up ip link set lan1 master br53125
pre-up ip link set lan2 master br53125
pre-up ip link set lan3 master br53125
pre-up ip link set lan4 master br53125
pre-up bridge vlan add vid 102 dev lan1 pvid untagged
pre-up bridge vlan del vid 1 dev lan1
pre-up ip link set lan1 up
pre-up bridge vlan add vid 102 dev lan2 pvid untagged
pre-up bridge vlan del vid 1 dev lan2
pre-up ip link set lan2 up
pre-up bridge vlan add vid 102 dev lan3 pvid untagged
pre-up bridge vlan del vid 1 dev lan3
pre-up ip link set lan3 up
pre-up bridge vlan add vid 102 dev lan4 pvid untagged
pre-up bridge vlan del vid 1 dev lan4
pre-up ip link set lan4 up
post-down ip link set lan4 down
post-down ip link set lan3 down
post-down ip link set lan2 down
post-down ip link set lan1 down
post-down ip link del dev br53125
post-down ip link del dev eth0.102
auth eth0.102
iface eth0.102 inet static
address 192.168.12.254
netmask 255.255.255.0
gateway 192.168.12.254
iface eth0.102 inet6 static
address 0db8:cafe:beef:c::
netmask 64
gateway 0db8:cafe:beef:c::
allow-hotplug wlan0
iface wlan0 inet static
address 192.168.13.254
netmask 255.255.255.0
gateway 192.168.13.254
iface wlan0 inet6 static
address 0db8:cafe:beef:d::
netmask 64
gateway 0db8:cafe:beef:d::
不幸的是,IPv6 还不能在 LAN 上工作,但这应该在另一个问题中处理。
结果是交换 LAN 端口的行为就像实际上是一个端口一样,因此所有端口共享一个 IP 地址,并且 DHCP 服务器为同一子网 192.168.12.0 提供地址。拥有四个不同的子网本来就很好,但就我的目的而言,当前的行为是可以接受的。