给家中的服务器, 分配 IPv6公网地址

发表于21 7 月, 2024由Leic

条件:

中国电信光猫, Openwrt 路由器, 阿里云域名

Step 1: 路由器升级, 最新版 OpenWrt / 23.05.03

Step 2: 从电信获得宽带帐号/宽带密码

Step 3: 设置光猫为Bridge 模式

Step 4: 路由器 Lan 接口 IPv4 地址设置为 10.0.0.1

Step 5: 路由器 Wan 接口修改为 PPPoE 模式, PAP/CHAP username/password 填入从电信获得的　宽带帐号／宽带密码

Step 6: 因为PPPoE 拨号会同时获得 IPv4 和 IPv6地址，wan6 接口没用，删除wan6接口

Step 7: 重起wan接口，会自动拨号，若成功，自动增加wan_6虚拟接口，IPv6 和IPv6-PD

Step 8: 修改Lan接口Advanced Setting：

Delegate IPv6 prefixes = yes

IPv6 assignment length = 60

IPv6 prefix filter = wan_6

Step 9: 修改路由器 network/dhcp/Static Leases, 为每个IPv6公网网卡增加一项纪录：

包括: Hostname, Mac 地址，IPv4，IPv6-Suffix，

为方便记忆，我选择 IPv4 最后一栏与IPv6-Suffix 相同，

比如，mpd IPv4=10.0.0.222, mpd的IPv6-Suffix 设置为0222

Step 10：根据应用需要，修改基于端口的防火墙：Network/Firewall/TrafficRules 增加纪录

至此，路由器设置完毕

域名更新

由于每次拨号，都会获得一个不同的IPv6-PD值

可以使用脚本程序，监控路由器中的IPv6-PD值，若有变化，调用域名服务商的API接口，更新IPv6值

https://github.com/zhengleic/ddns-aliyun

存在问题：

发现重新拨号，IPv6-PD变化后，应用服务器可以自动获得新的IPv6，并访问外部网络，但无法从外部网络访问应用服务器

原因不详，应用服务器为Debian 10

解决办法：

更新域名后，同时将应用服务器的网卡down/up一次: ifdown dev / ifup dev

Setup Home WiFi Audio System

发表于5 12 月, 2023由root

Build home MPD wifi audio system, by combine:

Active Speaker
Wifi Router with usb port, and support openwrt
USB sound card

Upgrade openwrt to the latest version

SSH log into openwrt

######################################
######### Repository #################

cp /etc/opkg/distfeeds.conf  /etc/opkg/distfeeds.conf.bak
sed -i "s#downloads.openwrt.org#mirrors.ustc.edu.cn/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.tuna.tsinghua.edu.cn/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.aliyun.com/openwrt#g" /etc/opkg/distfeeds.conf
#sed -i "s#downloads.openwrt.org#mirrors.cloud.tencent.com/openwrt#g" /etc/opkg/distfeeds.conf

opkg update


######################################
########## pulseaudio ################

opkg install kmod-input-core
opkg install kmod-sound-core
opkg install kmod-usb-audio
opkg install pulseaudio-daemon


#########################################
########## Sound Blaster ################
# opkg install kmod-ac97
# opkg install kmod-sound-ens1371


########## AC 97 ########################
#opkg install kmod-sound-cs5535audio 


####### Motherboard Sound Card ##########
#opkg install  kmod-sound-i8x0

############ Soc Sound Card #############
#opkg install  kmod-sound-soc-core 



##### Editor ############################ 
# opkg install nano


###########  Utility  ###################
#opkg install usbutils
#opkg install alsa-utils


### Allow module load ###
sed -i "s/--disallow-module-loading//"   /etc/init.d/pulseaudio

### Load TCP module ###
sed -i "s/load-module module-native-protocol-unix/load-module module-native-protocol-tcp auth-anonymous=1/"  /etc/pulse/system.pa





### Firewall ###
sh -c " cat >/etc/config/firewall " << EOF


######  ssh port ##################
config redirect
       option src              wan
       option src_dport        22
       option dest             lan
       option dest_ip          192.168.1.1
       option dest_port        22
       option proto            tcp

###### pulseaudio port ############
config redirect
       option src              wan
       option src_dport        4713
       option dest             lan
       option dest_ip          192.168.1.1
       option dest_port        4713
       option proto            tcp

###### Http Port ##################
onfig redirect
        option src 'wan'
        option src_dport '80'
        option dest 'lan'
        option dest_ip '192.168.1.1'
        option dest_port '80'
        option proto 'tcp'

EOF



/etc/init.d/firewall   restart
/etc/init.d/pulseaudio restart




######################################
######################################
########## WiFI Relay ################
opkg install relayd
opkg install luci-proto-relay


# From web admin portal, setup new wireless wan port for 5G and 2G separately:
# http://192.168.1.1/cgi-bin/luci/
### Network
### Wireless
### Scan
### Selected your existed SSID, Joining Network
### ## Replace wireless configuration  = yes
### ## Create / Assign firewall-zone   = LAN
### Go to Network/Interface
### Set the IP of  wireless wan, as normal

audio_output {

 type "pulse"

 name " Wifi Router"

 server "IP_OF_WIFI_ROUTER:4713" 

}

Now, you can find the “Wifi Router” option item, from Outputs/Server properties/M.A.L.P, suppose M.A.L.P apk installed android handset

socks proxy

发表于5 9 月, 2016由Leic

Socks_v5_Proxy_Protocol

Advanced Firewall Configurations with ipset

发表于15 12 月, 2015由Leic

http://www.linuxjournal.com/content/advanced-firewall-configurations-ipset

Update NO-IP DDNS

发表于10 12 月, 2015由Leic

Updating no-ip ddns on

DDWRT Router:

with the help of inadyn tool

https://github.com/torglobit/inadyn

Linux box:

With the help of noip-udc-linux

http://www.no-ip.com/client/linux

Failed Issus:

No direct internet link

DNS resolve too slow

inadyn: timeout=IP_DEFAULT_TIMEOUT=20s

noip-udc: using gethostbyname linux api to get IP address, the timeout can be defined in /etc/resolv.conf, the default value in linux is 5 ms,

Example of resolv.conf:

nameserver 8.8.8.8 options timeout:30

Setup SSH VPN between two linux device

发表于9 12 月, 2015由Leic

https://help.ubuntu.com/community/SSH_VPN

SSH_VPN

work with ddwrt (with openssh+ ip installed)

Setup mirror of Openwrt package repository

发表于22 7 月, 2015由Leic

Suppose we need a local package repository, 15.05-rc3 branch of newif

# Create local repository directory

mkdir -p /mirror/openwrt

# Goto repository directory

cd /mirror/openwrt

# download packages with wget

wget -m –no-parent -e robots=off http://downloads.openwrt.org/chaos_calmer/15.05-rc3/ramips/mt7620/packages/

# config http server, here lighttpd

# add alias in configure: alias.url = (“download.openwrt.org”=>”/mirror/openwrt/downloads.openwrt.org/”)

# restart http server

/etc/init.d/lighttpd restart

# Modify OPKG-Configuration in luci web site

# src/gz chaos_calmer_base http://localip/downloads.openwrt.org/…”

#…

OpenWrt swconfig

发表于10 2 月, 2015由Leic

swconfig 是OpenWrt用来配置交换机的命令。

swconfig list 现实系统交换机。

swconfig dev <switch0/eth1> show现实当前端口配置。

http://wiki.openwrt.org/zh-cn/doc/uci/network/switch

Config OpenWrt on WNDR3700v4

发表于23 1 月, 2015由Leic

Http proxy for opkg:
Add following line in OPKG-Configuration via LuCI Web
option http_proxy http://172.24.61.252:8080/

Enable USB Storage
Install kmod-usb-storage
Install kmod-fs-ext4
Install kmod-fs-msdos
Install kmod-nls-utf8
Install block-mount

Install openwrt onto WNDR3700v4 from factory image

发表于23 1 月, 2015由Leic

Download openwrt image
openwrt-ar71xx-nand-wndr3700v4-ubi-factory
https://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/nand/

Install with update feature from web interface

Issue of of 2014.10.2 version

Unable to use the 128MB flash space.

Status of 2014.10.2 version

System

Hostname	OpenWrt
Model	NETGEAR WNDR3700v4
Firmware Version	OpenWrt Barrier Breaker 14.07 / LuCI Trunk (0.12+svn-r10530)
Kernel Version	3.10.49