Salut,
Actuellement, j'ai en front un CCR2116 et un CRS310.
le CRS310 héberge l'ONU FS (GPON) et fait la COS6 avec des switch rules, et le CCR2116 tient les dhcp-clients.
Mais avant j'avais systemd-networkd avec cette config qui devrait fonctionner out-of-the-box.
Sans oublier de spécifier les bonnes strings d'authentification bien sûr...
- /etc/systemd/network/wan1.network :
[Match]
Name=wan1
[Network]
ConfigureWithoutCarrier=true
Address=192.168.X.254/24
Description=WAN1 Orange1
VLAN=orange1
IPv6AcceptRA=no
[DHCP]
UseDNS=false
- /etc/systemd/network/orange1.netdev :
[NetDev]
Name=orange1
Kind=vlan
MACAddress=<livebox_macaddr>
[VLAN]
Id=832
EgressQOSMaps=6-6 # systemd v253 only
- /etc/systemd/network/orange1.network :
[Match]
Name=orange1
[Network]
Description=Orange1
LinkLocalAddressing=ipv6
DHCP=yes
IPForward=yes
IPv6AcceptRA=yes
DHCPPrefixDelegation=yes
#Address=<orange1_ipext>
Address=<orange1_ip6prefix_2>::254/64
[DHCPv4]
ClientIdentifier=mac
VendorClassIdentifier=sagem
UserClass=FSVDSL_livebox.Internet.softathome.Livebox6
SendOption=90:string:<authentication_string>
UseHostname=no
UseDNS=no
UseDomains=no
UseNTP=no
#UseAddress=no
RouteMetric=0
IPServiceType=CS6 # already default
SocketPriority=6 # systemd v253 only
[DHCPv6]
# prefer DUIDType=link-layer (mac_addr of interface MUST be equal to livebox_macaddr>) ; try DUIDRawData=00:03:00:01:<livebox_macaddr> (should work) or DUIDRawData=00:03:00::<livebox_macaddr> (should not work) ; reset ONT could be required
#DUIDRawData=00:03:00:01:<livebox_macaddr>
DUIDType=link-layer
# UserClass and SendOption=15:string: are equivalent
UserClass=FSVDSL_livebox.Internet.softathome.Livebox6
#UserClass=\x00\x2b\x46\x53\x56\x44\x53\x4c\x5f\x6c\x69\x76\x65\x62\x6f\x78\x2e\x49\x6e\x74\x65\x72\x6e\x65\x74\x2e\x73\x6f\x66\x74\x61\x74\x68\x6f\x6d\x65\x2e\x4c\x69\x76\x65\x62\x6f\x78\x36
#SendOption=15:string:\x00\x2b\x46\x53\x56\x44\x53\x4c\x5f\x6c\x69\x76\x65\x62\x6f\x78\x2e\x49\x6e\x74\x65\x72\x6e\x65\x74\x2e\x73\x6f\x66\x74\x61\x74\x68\x6f\x6d\x65\x2e\x4c\x69\x76\x65\x62\x6f\x78\x36
SendOption=11:string:<authentication_string>
SendOption=16:string:\x00\x00\x04\x0e\x00\x05\x73\x61\x67\x65\x6d
UseHostname=no
UseDNS=no
UseDomains=no
UseNTP=no
UseAddress=no
RouteMetric=1024
WithoutRA=solicit
RapidCommit=no
[IPv6AcceptRA]
DHCPv6Client=always
UseDNS=no
UseDomains=no
[DHCPPrefixDelegation]
SubnetId=0x2
UplinkInterface=:self
Announce=no
#Assign=no
- /etc/system/systemd-networkd.service.d/10-debug.conf :
[Service]
Environment=SYSTEMD_LOG_LEVEL=debug
Pour la COS6, j'avais un script tc (trafic control), c'est plus élégant que des règles nftables (je trouve) :
#!/bin/sh
iface="orange1"
tc_cos="0:6"
tc_tos="0xc0"
tc_retain="0xfc"
vlan="832"
physiface="wan1"
mac_addr="<livebox_mac>"
ip link add link $physiface name $iface type vlan id $vlan
ip link set dev $iface address $mac_addr
ip link set $iface up
tc qdisc del dev $iface root ; tc filter del dev $iface
tc qdisc replace dev $iface root handle 1: prio
tc filter add dev $iface parent 1: prio 1 protocol ip u32 match ip ihl 5 0xf match u16 0x0000 0x1fff at 6 match ip protocol 17 0xff match ip sport 68 0xffff match ip dport 67 0xffff action skbedit priority $tc_cos pipe action pedit pedit munge ip tos set $tc_tos retain $tc_retain pipe action csum ip4h # dhcpv4_DSCP
tc filter add dev $iface parent 1: prio 2 protocol ipv6 u32 match ip6 protocol 17 0xff match ip6 sport 546 0xffff match ip6 dport 547 0xffff action skbedit priority $tc_cos pipe action pedit pedit munge ip6 tos set $tc_tos retain $tc_retain # dhcpv6_DSCP
# the following is not mandatory, but recommended
tc filter add dev $iface parent 1: prio 3 protocol arp u32 match u8 0 0 action skbedit priority $tc_cos # arp
tc filter add dev $iface parent 1: prio 4 protocol ipv6 u32 match ip6 dst fe00::/7 match ip6 protocol 58 0xff action skbedit priority 0:6 pipe action pedit ex munge ip6 traffic_class set $tc_tos retain $tc_retain # icmpv6_dst_DSCP (fe00::/7 = fe80::/10 + ff02::/16)
# for information - no dscp
#tc filter add dev $iface parent 1: prio 3 protocol ipv6 u32 match ip6 protocol 17 0xff match ip6 sport 546 0xffff match ip6 dport 547 0xffff action skbedit priority $tc_cos # dhcpv6
#tc filter add dev $iface parent 1: prio 4 protocol ipv6 u32 match ip6 dst fe00::/7 match ip6 protocol 58 0xff action skbedit priority $tc_cos # icmpv6 dst (fe00::/7 = fe80::/10 + ff02::/16)
Il ne reste plus qu'a jouer avec networkctl...
tu auras peut-être un pb d'IPv6 à cause du DUID qui va changer, il te faudra forcer un/des releases successifs.
L'intégralité de mon post est ici :
https://medium.com/@cyayon/use-your-own-router-with-orange-isp-8eac32895983