Bien le bonjour,
Lecteur depuis un moment et posteur pour le première fois, je viens quérir vos conseils.
Tout d'abords, je tiens à préciser que j'ai bien vu plusieurs post ici et sur d'autres forums qui s'approchent de ce que je veux faire mais rien de correspond exactement.... Et voilà deux semaine que je n'arrache cheveux à essayer de comprendre d'où bien le problème avec ma config...
J'ai actuellement un BT Home Hub 5A que j'avais configuré en suivant partiellement le tuto de ubune
https://lafibre.info/remplacer-livebox/remplacement-de-la-livebox-par-un-routeur-openwrt-18-dhcp-v4v6-tv/ et ça marchait du feu de dieu. Enfin... au fur et à mesure j'ai rajouté un peu de QoS, VPNs et malgré mon petit debit (25up/1down) je max largement le petit proc de mon cher modem...
Je désire donc bridger le BT en modem only et passer l'autentification/routing/ et tout le tintoin sur un Edgerouter X. Et, opensource oblige, le tout sur Openwrt.
Le soucis étant que en suivant ce super pdf (
https://www.dropbox.com/sh/c8cqmpc6cacs5n8/AAA2f8htk1uMitBckDW8Jq88a?dl=0&preview=1-OpenWrt-LEDE+Installation+Guide+for+HH5A.pdf) pour configurer le BT en bridge et suivit le tuto de ubune pour configurer l'accès internet sur l'ER-X et bien ça ne fonctionne pas...
La config actuelle du BT
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.99.1'
option netmask '255.255.255.0'
option ip6assign '64'
option type 'bridge'
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'fc:xx:xx:xx:xx:xx'
config interface 'wan'
option ifname 'dsl0.832'
option proto 'dhcp'
option broadcast '1'
option vendorid 'sagem'
option reqopts '1 15 28 51 58 59 90'
option sendopts '77:2b46535644534c5f6c697665626f782e496e7465726e65742e736f66746174686f6d652e4c697665626f7834 90:00000000000000000000001a0900000558010341010dxxxxxxxxxxxxxxxx'
config device 'wan_dev'
option name 'dsl.832'
option macaddr 'fc:xx:xx:xx:xx:xx'
config interface 'wan6'
option ifname 'dsl0.832'
option proto 'dhcpv6'
option reqprefix 'auto'
option reqaddress 'none'
option defaultreqopts '0'
option sendopts '11:00000000000000000000001a0900000558010341010dxxxxxxxxxxxxxxxxxxxxxx 15:FSVDSL_livebox.Internet.softathome.livebox4 16:0000040e0005736167656d'
option reqopts '11 17 23 24'
option noclientfqdn '1'
option noacceptreconfig '1'
option auto '0'
config dsl 'dsl'
option annex 'b'
option tone 'a'
option ds_snr_offset '0'
option xfer_mode 'ptm'
option line_mode 'vdsl'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '6t 4 2 0 1'
/etc/config/firewall
config defaults
option input 'DROP'
option output 'DROP'
option forward 'DROP'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option input 'DROP'
option forward 'DROP'
option network 'wan'
option family 'ipv4'
config zone
option name 'wan6'
option input 'DROP'
option forward 'DROP'
option network 'wan6'
option family 'ipv6'
option output 'ACCEPT'
config forwarding
option dest 'wan6'
option src 'lan'
config forwarding
option dest 'wan'
option src 'lan'
config include
option path '/etc/firewall.user'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
config rule
option name 'Allow-MLD'
option proto 'icmp'
option src_ip 'fe80::/10'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
config rule
option name 'Allow-ICMPv6-Input'
option proto 'icmp'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option icmp_type 'echo-reply destination-unreachable echo-request router-advertisement router-solicitation time-exceeded'
option src 'wan6'
config rule
option name 'Allow-ICMPv6-Forward'
option proto 'icmp'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
option dest '*'
Et voici les configs du BT et du ER-X qui pour je ne sais quelle raison n'ont pas l'air de fonctionner... :
Le BT:
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config dsl 'dsl'
option xfer_mode 'ptm'
option annex 'b'
option tone 'a'
option line_mode 'vdsl'
option ds_snr_offset '0'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.99.1'
option dns '8.8.8.8'
config device 'lan_dev'
option name 'eth0.1'
option macaddr '02:xx:xx:xx:xx:xx'
config interface 'wan'
option proto 'none'
option delegate '0'
option type 'bridge'
option ifname 'eth0.2 dsl0.832'
config device 'wan_dev'
option name 'dsl0'
option macaddr '02:yy:yy:yy:yy:yy'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 4 6t'
option vid '1'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 6t'
option vid '2'
/etc/config/firewall
config defaults
option input 'DROP'
option output 'DROP'
option forward 'DROP'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option input 'DROP'
option forward 'DROP'
option network 'wan'
option family 'ipv4'
Et celle du ER-X
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config interface 'lan'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.99.1'
option netmask '255.255.255.0'
option ip6assign '64'
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'fc:xx:xx:xx:xx:xx'
config interface 'wan'
option ifname 'eth0.832'
option proto 'dhcp'
option broadcast '1'
option vendorid 'sagem'
option reqopts '1 15 28 51 58 59 90'
option sendopts '77:2b46535644534c5f6c697665626f782e496e7465726e65742e736f66746174686f6d652e4c697665626f7834 90:00000000000000000000001a0900000558010341010dxxxxxxxxxxxxxxxxxxxx'
config device 'wan_dev'
option name 'eth0.832'
option macaddr 'fc:xx:xx:xx:xx:xx'
config interface 'wan6'
option ifname 'eth0.832'
option proto 'dhcpv6'
option reqprefix 'auto'
option reqaddress 'none'
option defaultreqopts '0'
option sendopts '11:00000000000000000000001a0900000558010341010dxxxxxxxxxxxxxxxxxx 15:FSVDSL_livebox.Internet.softathome.livebox4 16:0000040e0005736167656d'
option reqopts '11 17 23 24'
option noclientfqdn '1'
option noacceptreconfig '1'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '1 2 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 6t'
option vid '832'
/etc/config/firewall
config defaults
option syn_flood '1'
option input 'DROP'
option output 'DROP'
option forward 'DROP'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option input 'DROP'
option forward 'DROP'
option network 'wan'
option family 'ipv4'
config zone
option name 'wan6'
option input 'DROP'
option forward 'DROP'
option network 'wan6'
option family 'ipv6'
option output 'ACCEPT'
config forwarding
option dest 'wan6'
option src 'lan'
config forwarding
option dest 'wan'
option src 'lan'
config include
option path '/etc/firewall.user'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option target 'ACCEPT'
option name 'igmp'
option family 'ipv4'
option proto 'igmp'
option src 'wanTV'
config rule
option target 'ACCEPT'
option name 'multicast'
option family 'ipv4'
option proto 'udp'
option src 'wanTV'
option dest 'tv'
option dest_ip '224.0.0.0/4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
config rule
option name 'Allow-MLD'
option proto 'icmp'
option src_ip 'fe80::/10'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
config rule
option name 'Allow-ICMPv6-Input'
option proto 'icmp'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option icmp_type 'echo-reply destination-unreachable echo-request router-advertisement router-solicitation time-exceeded'
option src 'wan6'
config rule
option name 'Allow-ICMPv6-Forward'
option proto 'icmp'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option src 'wan6'
option dest '*'
Abreuvez moi de votre sagesse, je vous en prie!