已经有类似的问题,但我无法理解他们的描述。这是我所拥有的:
+-----+ +--------------------+ +----------------------+ +---------------+
| | | ISP's Modem/Router | | Debian Box with | <--GbE-- | |
| ISP | <-- | (opposite corner | <--WiFi-- | USB WiFi adapter and | <--GbE-- | Local Network |
| | | of the house) | | 8-port GbE switch | <--GbE-- | |
+-----+ +--------------------+ +----------------------+ +---------------+
其中一些本地以太网线变得有点长。
这就是我想要的:
+-----+ +--------------------+ +---------------------------+ +---------------+
| | | ISP's Modem/Router | | Debian Box with | <--GbE--- | |
| ISP | <-- | (opposite corner | <--WiFi-- | TWO USB WiFi adapters and | <--GbE--- | Local Network |
| | | of the house) | | 8-port GbE switch | <--WiFi-- | |
+-----+ +--------------------+ +---------------------------+ +---------------+
本质上,我只是在同一个本地网络中用 WiFi 替换较长的电线。总体结果应该就像标准 WiFi 路由器将其 WAN 端口转换为单独的 WiFi 适配器一样,因为有线和无线的本地组合表现为单个网络,我可以通过匹配“路由器的”来将任何东西连接到它。 “ SSID 和密码。 (本例中的“路由器”指的是 Debian 机器,而不是 ISP 的调制解调器/路由器。)
这是到目前为止我的 Debian 盒子的配置文件,当前生成了顶部图表。问题是在插入第二个WiFi适配器后如何修改它们,以生成第二个图,并保证两个适配器不会交换角色。 (目前连接到 ISP 的那个声称也支持 AP 模式,但在尝试时就崩溃了。所以我想保留那个当前的角色,并让新的一个作为新的 AP。)
/etc/network/if-pre-up.d/swconfig:
# Affects several other files:
# /etc/dnsmasq.conf
# /etc/network/interfaces
# /root/Scripts/Startup-Network.sh
#---------------------------#
# BPI-R1 VLAN configuration #
#---------------------------#
#
# This will create the following ethernet port:
# - eth0.101 = LAN (5 port switch)
ifconfig eth0 up
# The swconfig port number are:
# |2|1|0|4| |3|
# (looking at front of ports)
swconfig dev eth0 set reset 1
swconfig dev eth0 set enable_vlan 1
swconfig dev eth0 vlan 101 set ports '4 0 1 2 3 8t'
swconfig dev eth0 set apply 1
exit 0
/etc/network/interfaces:
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d
auto lo
iface lo inet loopback
# eth0.x matches the 'vlan x set ports' line(s) in /etc/network/if-pre-up.d/swconfig
auto eth0.101
# dhcp configuration
#iface eth0.101 inet dhcp
# static ip configuration
iface eth0.101 inet static
address 192.168.50.1 # (not my actual IP, but you get the idea)
netmask 255.255.255.0
# gateway 192.168.50.1
auto wlan0
iface wlan0 inet dhcp
wpa-ssid <ISP's SSID>
wpa-psk <ISP's password>
/etc/dnsmasq.conf除了底部的这一点之外,完全被注释掉了:
# eth0.x matches the 'vlan x set ports' line(s) in /etc/network/if-pre-up.d/swconfig
interface=eth0.101
# normal DHCP
dhcp-range=192.168.50.100,192.168.50.199,12h
# special, need to be found easily
# Static1 (by MAC address instead of hostname, so that a replacement can exist simultaneously for a while)
dhcp-host=12:34:56:78:9a:bc,192.168.50.25
# Static2 (by MAC address instead of hostname, so that a replacement can exist simultaneously for a while)
dhcp-host=34:56:78:9a:bc:de,192.168.50.35
# Static3 (by MAC address instead of hostname, so that a replacement can exist simultaneously for a while)
dhcp-host=56:78:9a:bc:de:f0,192.168.50.72
/root/Scripts/Startup-Network.sh启动时运行,最终来自/etc/rc.local:
# Match settings in /etc/network/interfaces
IFACE_WAN="wlan0"
IFACE_LAN="eth0.101"
# Actual work
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --table nat --append POSTROUTING --out-interface $IFACE_WAN -j MASQUERADE
iptables --append FORWARD --in-interface $IFACE_LAN -j ACCEPT
答案1
就像很多事情一样,这被证明是一个XY问题。
我想要这个,作为我已经拥有的最小的改变:
+-----+ +--------------------+ +---------------------------+ +---------------+
| | | ISP's Modem/Router | | Debian Box with | <--GbE--- | |
| ISP | <-- | (opposite corner | <--WiFi-- | TWO USB WiFi adapters and | <--GbE--- | Local Network |
| | | of the house) | | 8-port GbE switch | <--WiFi-- | |
+-----+ +--------------------+ +---------------------------+ +---------------+
但我最终得到了这个,它的功能同样好,并将我无法弄清楚的部分推入一个现成的盒子中,该盒子的设计正是为了做到这一点:
+-----+ +--------------------+ +-------------------------------+ +---------------------------+ +---------------+
| | | ISP's Modem/Router | | Raspberry Pi Model A with | | Off-the-Shelf WiFi Router | <--GbE--- | |
| ISP | <-- | (opposite corner | <--WiFi-- | USB 2.0 Dock (includes Enet) | <--100baseT-- | with different subnet | <--GbE--- | Local Network |
| | | of the house) | | and USB WiFi adapter | | from ISP's network | <--WiFi-- | |
+-----+ +--------------------+ +-------------------------------+ +---------------------------+ +---------------+
我有 Pi A、Dock、CanaKit(“Pi 官方”?) USB WiFi 适配器,还有路由器,所以它实际上是免费的。 Pi 甚至由扩展坞供电,所以这也很好。我特别想知道按照今天的标准,我要用一个动力不足的 Pi 做什么,但它在这里似乎做得很好,因为我的互联网速度慢且便宜。
现在我有原来的 Debian Box(一个 Banana Pi R1,或“绝对不是想要的路由器”),未使用并可用于其他用途。
在多次尝试使用 NAT 和 DCHP 等将 RasPi 变成自己的路由器失败后,只是为了将现成的路由器作为唯一的客户端(很多过时的教程来做到这一点,但不工作,因为 RPi 操作系统现在工作方式不同;但没有什么可说的,甚至没有发布日期),我决定尝试一个实际的桥。 这个脚本“刚刚起作用”(从该网站逐字复制):
#!/usr/bin/env bash
set -e
[ $EUID -ne 0 ] && echo "run as root" >&2 && exit 1
##########################################################
# You should not need to update anything below this line #
##########################################################
# parprouted - Proxy ARP IP bridging daemon
# dhcp-helper - DHCP/BOOTP relay agent
apt update && apt install -y parprouted dhcp-helper
systemctl stop dhcp-helper
systemctl enable dhcp-helper
# Enable ipv4 forwarding.
sed -i'' s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/ /etc/sysctl.conf
# Service configuration for standard WiFi connection. Connectivity will
# be lost if the username and password are incorrect.
systemctl restart wpa_supplicant.service
# Enable IP forwarding for wlan0 if it's not already enabled.
grep '^option ip-forwarding 1$' /etc/dhcpcd.conf || printf "option ip-forwarding 1\n" >> /etc/dhcpcd.conf
# Disable dhcpcd control of eth0.
grep '^denyinterfaces eth0$' /etc/dhcpcd.conf || printf "denyinterfaces eth0\n" >> /etc/dhcpcd.conf
# Configure dhcp-helper.
cat > /etc/default/dhcp-helper <<EOF
DHCPHELPER_OPTS="-b wlan0"
EOF
# Enable avahi reflector if it's not already enabled.
sed -i'' 's/#enable-reflector=no/enable-reflector=yes/' /etc/avahi/avahi-daemon.conf
grep '^enable-reflector=yes$' /etc/avahi/avahi-daemon.conf || {
printf "something went wrong...\n\n"
printf "Manually set 'enable-reflector=yes in /etc/avahi/avahi-daemon.conf'\n"
}
# I have to admit, I do not understand ARP and IP forwarding enough to explain
# exactly what is happening here. I am building off the work of others. In short
# this is a service to forward traffic from WiFi to Ethernet.
cat <<'EOF' >/usr/lib/systemd/system/parprouted.service
[Unit]
Description=proxy arp routing service
Documentation=https://raspberrypi.stackexchange.com/q/88954/79866
Requires=sys-subsystem-net-devices-wlan0.device dhcpcd.service
After=sys-subsystem-net-devices-wlan0.device dhcpcd.service
[Service]
Type=forking
# Restart until wlan0 gained carrier
Restart=on-failure
RestartSec=5
TimeoutStartSec=30
# clone the dhcp-allocated IP to eth0 so dhcp-helper will relay for the correct subnet
ExecStartPre=/bin/bash -c '/sbin/ip addr add $(/sbin/ip -4 -br addr show wlan0 | /bin/grep -Po "\\d+\\.\\d+\\.\\d+\\.\\d+")/32 dev eth0'
ExecStartPre=/sbin/ip link set dev eth0 up
ExecStartPre=/sbin/ip link set wlan0 promisc on
ExecStart=-/usr/sbin/parprouted eth0 wlan0
ExecStopPost=/sbin/ip link set wlan0 promisc off
ExecStopPost=/sbin/ip link set dev eth0 down
ExecStopPost=/bin/bash -c '/sbin/ip addr del $(/sbin/ip -4 -br addr show wlan0 | /bin/grep -Po "\\d+\\.\\d+\\.\\d+\\.\\d+")/32 dev eth0'
[Install]
WantedBy=wpa_supplicant.service
EOF
systemctl daemon-reload
systemctl enable parprouted
systemctl start parprouted dhcp-helper
对新 Pi 进行常规设置,包括连接到上游 WiFi 并完全更新,然后以 root/sudo 身份运行该脚本,然后重新启动。完毕!
我大部分都不知道它的作用、作用和原因。只是它“正常工作”。
现成的本地路由器现在的行为就好像其 WAN/Internet 端口直接连接到 ISP 的 WiFi(中间的 Pi 是完全透明的),然后它从那里开始执行其设计为 WiFi 路由器的功能。我想象 ISP 的路由器在 WiFi 上看到 2 个客户端 - Pi 和我的路由器 - 但我不觉得有必要检查。
有点偏离主题,但对于想要复制我的设置的人来说很重要:
我还为 Pi 设置了一个 cron 作业,每周自动更新和重启一次,只是为了获取最新的安全补丁。我不知道系统中的那个人可能会做什么(至少“切断电源线”),但我也不想知道。另外,为了安全起见,我禁用了 SSH,并使用串行控制台,以及我在管理 PC 上也有的 USB UART。
剩下要做的唯一一件事就是再次设置 GPIO 触发的 UPS 关闭,因为该 UPS 没有 USB,但我确实有一个额外的 5V“墙疣”插入非 UPS 电源。串联电阻(希望)可以防止损坏,它实际上连接在 Pi 的 +5V 和 GPIO 引脚(根本没有 GND)之间,因此“未通电”应该浮动到 Pi 的 +3.3V 并保持在那里,留下 1.7 V 穿过未通电的墙疣。如果使用 3V 壁挂式插座会更好,但我没有。