我目前正在设置我的家庭网络基础设施。由于我有多种用途并且只有一台服务器,因此我安装了 proxmox 作为主机系统并创建了一个基于 pfsense 的 VM 用作防火墙。以太网卡被转发到防火墙虚拟机中,因此使用电缆时设置可以正常工作。下一个目标是将 wifi 添加到设置中。所以我买了一台华硕 PCE-AX3000。遗憾的是底层 bsd 不支持该卡,所以我使用 Ubuntu 19.10 创建了另一个虚拟机并将 wifi 卡转发到该虚拟机。首先我想说的是,虚拟机可以正确找到并加载该卡:
01:00.0 Network controller: Intel Corporation Device 2723 (rev 1a)
Subsystem: Intel Corporation Device 0084
Physical Slot: 0
Flags: bus master, fast devsel, latency 0, IRQ 16
Memory at c1800000 (64-bit, non-prefetchable) [size=16K]
Capabilities: [c8] Power Management version 3
Capabilities: [d0] MSI: Enable- Count=1/1 Maskable- 64bit+
Capabilities: [40] Express Endpoint, MSI 00
Capabilities: [80] MSI-X: Enable+ Count=16 Masked-
Capabilities: [100] Advanced Error Reporting
Capabilities: [14c] Latency Tolerance Reporting
Kernel driver in use: iwlwifi
Kernel modules: iwlwifi
主要思想是简单地将 wifi 卡与 vm 上的虚拟接口桥接,该虚拟接口“插入”另一个 proxmox 主机桥,包含 wifi VM 和防火墙 VM,因此我基本上可以在防火墙中将设备列入白名单,因为所有流量都由防火墙处理,而且我有一个专用的虚拟接口来管理通过 wifi 连接的任何设备。
该桥接器也完全正常工作。wifi 虚拟机本身使用 netplan,因此我按如下方式配置 netplan:
# This file describes the network interfaces available on your system
# For more information, see netplan(5).
network:
version: 2
renderer: NetworkManager
ethernets:
ens18:
dhcp4: yes
dhcp6: yes
ens19:
dhcp4: yes
dhcp6: yes
wifis:
wlp1s0:
access-points:
Eiveo:
mode: ap
password: ...
bridges:
br0:
interfaces: [ens19, wlp1s0]
dhcp4: yes
dhcp6: yes
理论上一切都应该正常工作,但尽管所有设备(手机、电视、个人电脑、笔记本电脑等)上都有 wifi 网络,但没有一台设备能够连接。在虚拟机上,每当客户端连接时,我都找不到任何包含有用信息的正确日志。然而,我在执行 netplan 生成和应用时能找到以下行:
... wifi NetworkManager[2754]: <info> [...] policy: auto-activating connection 'netplan-wlp1s0-Eiveo' (da5e14bf-7c9b-3545-942c-056eb2fd009b)
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): Activation: starting connection 'netplan-wlp1s0-Eiveo' (da5e14bf-7c9b-3545-942c-056eb2fd009b)
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: disconnected -> prepare (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): Activation: (wifi) access point 'netplan-wlp1s0-Eiveo' has security, but secrets are required.
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: config -> need-auth (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: need-auth -> prepare (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: prepare -> config (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): Activation: (wifi) connection 'netplan-wlp1s0-Eiveo' has security, and secrets exist. No new secrets needed.
... wifi NetworkManager[2754]: <info> [...] Config: added 'ssid' value 'Eiveo'
... wifi NetworkManager[2754]: <info> [...] Config: added 'mode' value '2'
... wifi NetworkManager[2754]: <info> [...] Config: added 'frequency' value '2412'
... wifi NetworkManager[2754]: <info> [...] Config: added 'key_mgmt' value 'WPA-PSK WPA-PSK-SHA256 FT-PSK'
... wifi NetworkManager[2754]: <info> [...] Config: added 'psk' value '<hidden>'
... wifi wpa_supplicant[1396]: Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures
... wifi wpa_supplicant[1396]: Using interface wlp1s0 with hwaddr 50:eb:71:f9:28:fb and ssid "Eiveo"
... wifi wpa_supplicant[1396]: wlp1s0: interface state UNINITIALIZED->ENABLED
... wifi wpa_supplicant[1396]: wlp1s0: AP-ENABLED
... wifi wpa_supplicant[1396]: wlp1s0: CTRL-EVENT-CONNECTED - Connection to 50:eb:71:f9:28:fb completed [id=0 id_str=]
... wifi kernel: [ 2877.598828] IPv6: ADDRCONF(NETDEV_CHANGE): wlp1s0: link becomes ready
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): supplicant interface state: ready -> completed
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): Activation: (wifi) Stage 2 of 5 (Device Configure) successful. Started Wi-Fi Hotspot "Eiveo"
... wifi NetworkManager[2754]: <info> [...] device (p2p-dev-wlp1s0): supplicant management interface state: ready -> completed
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: config -> ip-config (reason 'none', sys-iface-state: 'managed')
... wifi NetworkManager[2754]: <info> [...] device (br0): attached bridge port wlp1s0
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): Activation: connection 'netplan-wlp1s0-Eiveo' enslaved, continuing activation
... wifi NetworkManager[2754]: <info> [...] device (br0): IPv4 config waiting until carrier is on
... wifi NetworkManager[2754]: <info> [...] device (br0): IPv6 config waiting until carrier is on
... wifi NetworkManager[2754]: <info> [...] device (wlp1s0): state change: ip-config -> ip-check (reason 'none', sys-iface-state: 'managed')
此外,key_mgmt 值的使用wpa_cli -i wlp1s0 status看起来很奇怪:
bssid=50:eb:71:f9:28:fb
freq=2412
ssid=Eiveo
id=0
mode=AP
pairwise_cipher=CCMP+TKIP
group_cipher=TKIP
key_mgmt=UNKNOWN
wpa_state=COMPLETED
p2p_device_address=50:eb:71:f9:28:fc
address=50:eb:71:f9:28:fb
uuid=2603753d-14b3-5c52-a2a5-6e84b168c25c
我不知道问题的原因是什么,也不知道如何调试。由于卡通常可以工作,并且整个桥接设置都经过测试,并且 wifi vm 本身正确显示在防火墙 dhcp 客户端列表中,我预计问题出在 netplan 配置 wifi 设置的方式上,但由于我真的不知道问题出在哪里,我在这里询问是否有人可以帮助我 :) 附注:购买 wifi AP 并通过电缆连接它不是理想的选择!
非常感谢您帮助我!
答案1
根据此问题针对 freedesktop.org 上的 NetworkManager,设置桥接的 AP 不起作用。
我有一个测试 PPANetworkManager 已修补,以便 AP 在桥接时可以工作。但它仅适用于 Ubuntu 20.04。
sudo add-apt-repository ppa:shemgp/testing
sudo apt-get update
sudo apt-get install network-manager