aufbau_heimnetz

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
aufbau_heimnetz [2021/08/06 20:41] brotaufbau_heimnetz [2022/04/25 11:24] (current) brot
Line 14: Line 14:
  
 ===== Netzwerk ===== ===== Netzwerk =====
 +  * VLANs
 +    * 1 (Default PVID) - LAN
 +      * 192.168.107.0/24
 +    * 10 (openwrt wan default): Internet/WAN - von HÜP/Modem M-Net zu Switch
 +      * derzeit: 192.168.178.0/24 via fritzbox 1&1
 +    * 20: DMZ
 +      * 192.168.220.0/24 
 +        * router: 192.168.220.1 - DHCP .50-.250
 +    * 21: IOT/MQTT
 +      * 192.168.221.0/24 
 +        * router: 192.168.221.1 - DHCP .50-.250
 +    * 22: Guest
 +      * 192.168.22.0/24
 +        * router: 192.168.222.1 - DHCP .50-.250
 +    * 40: mnet-wan
 +      * PPPoE zugang zum Internet (via ONT)
 +      * Hängt am ONT, Switch Port 7 kommt Tagged rein
 +      * Geht auf neue Bridge auf NAS zum opnSense
 ==== Internet ==== ==== Internet ====
 ==== opnSense - Router/FW ==== ==== opnSense - Router/FW ====
Line 24: Line 42:
     * 192.168.107.3     * 192.168.107.3
     * Netz via 802.11s Mesh     * Netz via 802.11s Mesh
-=== TODO ===+ 
 +===== Konfig ===== 
 +==== nas ==== 
 +  * Netzwerk via systemd-networkd 
 + 
 +=== Konfigfiles === 
 + 
 +<file bash 05-enp7s0-vlans-bridges.network> 
 +[Match] 
 +Name=enp7s0 
 + 
 +[Network] 
 +VLAN=wan-vlan 
 +VLAN=dmz-vlan 
 +VLAN=iot-vlan 
 +VLAN=mnet-wan-vlan 
 +Bridge=kohlennet-br 
 +</file> 
 +<file bash 10-dmz-bridge.netdev> 
 +[NetDev] 
 +Name=dmz-bridge 
 +Kind=bridge 
 +</file> 
 +<file bash 10-guest-bridge.netdev> 
 +[NetDev] 
 +Name=guest-bridge 
 +Kind=bridge 
 +</file> 
 +<file bash 10-iot-bridge.netdev> 
 +[NetDev] 
 +Name=iot-bridge 
 +Kind=bridge 
 +</file> 
 +<file bash 10-kohlennet-bridge.netdev> 
 +[NetDev] 
 +Name=kohlennet-br 
 +Kind=bridge 
 +</file> 
 +<file bash 10-mnet-wan-bridge.netdev> 
 +[NetDev] 
 +Name=mnet-wan-bridge 
 +Kind=bridge 
 +</file> 
 +<file bash 10-wan-bridge.netdev> 
 +[NetDev] 
 +Name=wan-bridge 
 +Kind=bridge 
 +</file> 
 +<file bash 20-dmz-vlan.netdev> 
 +[NetDev] 
 +Name=dmz-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=20 
 + 
 +[Network] 
 +Bridge=dmz-bridge 
 +</file> 
 +<file bash 20-dmz-vlan.network> 
 +[Match] 
 +Name=dmz-vlan 
 + 
 +[Network] 
 +Bridge=dmz-bridge 
 +</file> 
 +<file bash 20-guest-vlan.netdev> 
 +[NetDev] 
 +Name=guest-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=22 
 + 
 +[Network] 
 +Bridge=guest-bridge 
 +</file> 
 +<file bash 20-guest-vlan.network> 
 +[Match] 
 +Name=guest-vlan 
 + 
 +[Network] 
 +Bridge=guest-bridge 
 +</file> 
 +<file bash 20-iot-vlan.netdev> 
 +[NetDev] 
 +Name=iot-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=21 
 +</file> 
 +<file bash 20-iot-vlan.network> 
 +[Match] 
 +Name=iot-vlan 
 + 
 +[Network] 
 +Bridge=iot-bridge 
 +</file> 
 +<file bash 20-kohlennet-vlan.netdev> 
 +[NetDev] 
 +Name=kohlennet-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=1 
 + 
 +[Network] 
 +Bridge=kohlennet-br 
 +</file> 
 +<file bash 20-mnet-wan-vlan.netdev> 
 +[NetDev] 
 +Name=mnet-wan-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=40 
 + 
 +[Network] 
 +Bridge=mnet-wan-bridge 
 +</file> 
 +<file bash 20-mnet-wan-vlan.network> 
 +[Match] 
 +Name=mnet-wan-vlan 
 + 
 +[Network] 
 +Bridge=mnet-wan-bridge 
 +</file> 
 +<file bash 20-wan-vlan.netdev> 
 +[NetDev] 
 +Name=wan-vlan 
 +Kind=vlan 
 + 
 +[VLAN] 
 +Id=10 
 + 
 +[Network] 
 +Bridge=wan-bridge 
 +</file> 
 +<file bash 20-wan-vlan.network> 
 +[Match] 
 +Name=wan-vlan 
 + 
 +[Network] 
 +Bridge=wan-bridge 
 +</file> 
 +<file bash 30-dmz-bridge.network> 
 +[Match] 
 +Name=dmz-bridge 
 + 
 +[Network] 
 +DHCP=no 
 + 
 +[DHCP] 
 +RouteMetric=9999 
 +</file> 
 +<file bash 30-guest-bridge.network> 
 +[Match] 
 +Name=guest-bridge 
 + 
 +[Network] 
 +DHCP=no 
 + 
 +[DHCP] 
 +RouteMetric=9999 
 +</file> 
 +<file bash 30-iot-bridge.network> 
 +[Match] 
 +Name=iot-bridge 
 + 
 +[Network] 
 +DHCP=no 
 + 
 +[DHCP] 
 +RouteMetric=9999 
 +</file> 
 +<file bash 30-kohlennet-bridge.network> 
 +[Match] 
 +Name=kohlennet-br 
 + 
 +[Network] 
 +Address=192.168.107.107/24 
 +Gateway=192.168.107.1 
 +DNS=192.168.107.1 
 +Domains=kohlennet.local 
 +</file> 
 +<file bash 30-mnet-wan-bridge.network> 
 +[Match] 
 +Name=mnet-wan-bridge 
 + 
 +[Network] 
 +DHCP=no 
 +IPv6AcceptRA=no 
 + 
 +[DHCP] 
 +RouteMetric=9999 
 +</file> 
 +<file bash 30-wan-bridge.network> 
 +[Match] 
 +Name=wan-bridge 
 + 
 +[Network] 
 +DHCP=no 
 +IPv6AcceptRA=no 
 + 
 +[DHCP] 
 +RouteMetric=9999 
 +</file> 
 + 
 + 
 +==== opnsense ==== 
 +TODO 
 + 
 +==== openwrt ====
   * 802.11r - Fast Roaming   * 802.11r - Fast Roaming
     * Siehe: https://www.simianer.de/blog/home-wifi-setup-with-802.11s-meshing-and-802.11r-roaming     * Siehe: https://www.simianer.de/blog/home-wifi-setup-with-802.11s-meshing-and-802.11r-roaming
     * evtl schon done durch haken im luci?     * evtl schon done durch haken im luci?
 +      * <code> 147.493987] wlp3s0: disconnect from AP 16:59:c0:5a:4c:81 for new auth to 16:59:c0:5a:4c:a8
 +[  147.573859] wlp3s0: authenticate with 16:59:c0:5a:4c:a8
 +[  147.585831] wlp3s0: send auth to 16:59:c0:5a:4c:a8 (try 1/3)
 +[  147.623454] wlp3s0: authenticated
 +[  147.626035] wlp3s0: associate with 16:59:c0:5a:4c:a8 (try 1/3)
 +[  147.629848] wlp3s0: RX ReassocResp from 16:59:c0:5a:4c:a8 (capab=0x11 status=0 aid=2)
 +[  147.661426] wlp3s0: associated
 +[  177.764194] wlp3s0: disconnect from AP 16:59:c0:5a:4c:a8 for new auth to 16:59:c0:5a:4c:81
 +[  177.849750] wlp3s0: authenticate with 16:59:c0:5a:4c:81
 +[  177.861627] wlp3s0: send auth to 16:59:c0:5a:4c:81 (try 1/3)
 +[  177.895841] wlp3s0: authenticated
 +[  177.899567] wlp3s0: associate with 16:59:c0:5a:4c:81 (try 1/3)
 +[  177.902458] wlp3s0: RX ReassocResp from 16:59:c0:5a:4c:81 (capab=0x11 status=17 aid=1)
 +[  177.902478] wlp3s0: 16:59:c0:5a:4c:81 denied association (code=17)
 +[  178.091236] wlp3s0: authenticate with 16:59:c0:5a:4c:a8
 +[  178.100102] wlp3s0: send auth to 16:59:c0:5a:4c:a8 (try 1/3)
 +[  179.400394] wlp3s0: send auth to 16:59:c0:5a:4c:a8 (try 2/3)
 +[  179.430455] wlp3s0: authenticated
 +[  179.432905] wlp3s0: associate with 16:59:c0:5a:4c:a8 (try 1/3)
 +[  179.435326] wlp3s0: RX AssocResp from 16:59:c0:5a:4c:a8 (capab=0x11 status=30 aid=2)
 +[  179.435338] wlp3s0: 16:59:c0:5a:4c:a8 rejected association temporarily; comeback duration 1000 TU (1024 ms)
 +</code>
  
  
  • aufbau_heimnetz.1628282503.txt.gz
  • Last modified: 2021/08/06 20:41
  • by brot