macOS 可以开启DNS64/NAT64, 简单快捷。但是mac mini 信号不太好,开发同学抱怨常常连不上,而且有多个组的同学要测试,再买几台mac mini 好像有点费钱。
所以接了个活,用OpenWrt 搭建几个IPv6 Only 测试环境。
选路由
看了下,Newifi D2、斐讯K2P 、极路由以及小米部分版本均可以刷OpenWrt。先是在京东下单了一个小米R3G,到手后发现是R3G V2,其实是4A,坑爹,刷机还得接TTL。 转去咸鱼,挑了一个二手的小米R3G(V1,带USB)和 Newifi D2。
刷机
小米R3G到手需要先刷Breed,再刷OpenWrt,基本按照网上的教程没啥问题,参考小米路由器3G刷入OpenWrt。
刷完breed遇到一个问题,无法启动,电脑线连WAN口,只能进入breed,搜来搜去,看到两个帖子:
在breed环境设置界面删除normal_firmware_md5,保存重启,果然好了。
Newifi D2 到手,卖家已经刷好breed 和定制版本的OpenWrt,不太喜欢,从openwrt.org 下载了一个升级包,覆盖即可。
DNS64/NAT64
基本是参考这篇帖子:openwrt使用tayga/totd实现NAT64/DNS64,NAT64 安装tayga 照着配置没啥问题。除了tayga,还有一个新的项目Jool也可以实现NAT64。
换源/etc/opkg/distfeeds.conf,中科大源最近好像有点问题,换成清华:
src/gz openwrt_core http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/targets/ramips/mt7621/packages
src/gz openwrt_kmods http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/targets/ramips/mt7621/kmods/4.14.171-1-2e88863ccdd594fb8e842df3c25842ee
src/gz openwrt_base http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/packages/mipsel_24kc/base
src/gz openwrt_luci http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/packages/mipsel_24kc/luci
src/gz openwrt_packages http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/packages/mipsel_24kc/packages
src/gz openwrt_routing http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/packages/mipsel_24kc/routing
src/gz openwrt_telephony http://mirrors.tuna.tsinghua.edu.cn/openwrt/releases/19.07.2/packages/mipsel_24kc/telephony
参考前面教程设置完成后:
tayga-nat64 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet6 addr: fe80::xxx:xxx:xxx:1fea/64 Scope:Link
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:36077 errors:0 dropped:0 overruns:0 frame:0
TX packets:36793 errors:0 dropped:3 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:15494186 (14.7 MiB) TX bytes:15679087 (14.9 MiB)
root@OpenWrt:~# ping6 qq.com
PING qq.com (fd2e:f49a:9639:1111::7b97:8912): 56 data bytes
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=0 ttl=50 time=37.958 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=1 ttl=50 time=37.962 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=2 ttl=50 time=38.267 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=3 ttl=50 time=37.821 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=4 ttl=50 time=37.260 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=5 ttl=50 time=37.530 ms
64 bytes from fd2e:f49a:9639:1111::7b97:8912: seq=6 ttl=50 time=37.828 ms
^C
--- qq.com ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 37.260/37.803/38.267 ms
DNS64 需要totd,不过这软件在仓库中没了,需要交叉编译,有点麻烦。后来看到unbound,仓库里面也没有。那只能用bind 了。
opkg install bind-server
/etc/init.d/named enable
修改配置/etc/bind/named.conf:
options {
directory "/tmp";
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
recursion yes;
allow-recursion { any; };
allow-query { any; };
allow-query-cache { any; };
forwarders {
202.96.134.133;
223.5.5.5;
114.114.114.114;
};
auth-nxdomain no;
dns64 fd2e:f49a:9639:1111::/96 {}; #参考tayga 中配额的前缀
};
openwrt 本身跑着一个dnsmasq,用作DNS 和DHCP 等服务,本来想通过server= 配置,把请求转给bind,bind设置一个非53端口,
不过尝试了下好像有点问题,那就直接关掉dnsmasq 的dns 服务好了(设置port为0):
/etc/config/dhcp
config dnsmasq
option port '0'
option domainneeded '1'
...
重启网络和named后,dig(opkg install bind-tools)测试一下:
root@OpenWrt:~# dig qq.com AAAA +short
fd2e:f49a:9639:1111::b703:e223
fd2e:f49a:9639:1111::3d81:72f
fd2e:f49a:9639:1111::7b97:8912
root@OpenWrt:~#
完美。
再关闭下Lan口的DHCP 即可,可以在网页上点点点,或者修改下配置:
...
config dhcp 'lan'
option interface 'lan'
option dhcpv6 'server'
option ra 'server'
option ra_management '1'
option ignore '1'
option ra_default '1'
...
配置项解释,可参考DHCPv6 over PPPoE on OpenWrt / LEDE。
最后,感谢各位网友的教程:) 。
2023年-06-27 更新:
- 如果ULA 是内网段(fd,fc )又关闭了dhcpv4,安卓设备会无法连接,将ULA替换为公网段即可解决。
- 现在,使用Jool 是最佳选择:
- https://openwrt.org/docs/guide-user/network/ipv6/nat64
- https://nicmx.github.io/Jool/en/openwrt.html