Difference between revisions of "OpenWRT IPv6: Konfigurasi"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 1: | Line 1: | ||
==/etc/config/6relayd== | ==/etc/config/6relayd== | ||
| − | config server 'default' | + | config server 'default' |
| − | list network 'lan' | + | '''option master 'wan6'''' |
| + | list network 'lan' | ||
option rd 'server' | option rd 'server' | ||
option dhcpv6 'server' | option dhcpv6 'server' | ||
| Line 8: | Line 9: | ||
option management_level '1' | option management_level '1' | ||
option compat_ula '1' | option compat_ula '1' | ||
| − | + | '''option always_assume_default '1'''' | |
| − | + | '''option rewrite_dns_addr '2001:470:20::2'''' | |
| − | option | ||
| Line 16: | Line 16: | ||
config dnsmasq | config dnsmasq | ||
| − | |||
option boguspriv '1' | option boguspriv '1' | ||
| − | |||
option localise_queries '1' | option localise_queries '1' | ||
option rebind_protection '1' | option rebind_protection '1' | ||
| Line 25: | Line 23: | ||
option domain 'lan' | option domain 'lan' | ||
option expandhosts '1' | option expandhosts '1' | ||
| − | |||
option authoritative '1' | option authoritative '1' | ||
option readethers '1' | option readethers '1' | ||
option leasefile '/tmp/dhcp.leases' | option leasefile '/tmp/dhcp.leases' | ||
option resolvfile '/tmp/resolv.conf.auto' | option resolvfile '/tmp/resolv.conf.auto' | ||
| + | '''list server '74.82.42.42'''' | ||
| + | '''list server '2001:470:20::2'''' | ||
config dhcp 'lan' | config dhcp 'lan' | ||
option interface 'lan' | option interface 'lan' | ||
option start '100' | option start '100' | ||
| − | |||
option leasetime '12h' | option leasetime '12h' | ||
| + | option limit '50' | ||
option force '1' | option force '1' | ||
| Line 41: | Line 40: | ||
option interface 'wan' | option interface 'wan' | ||
option ignore '1' | option ignore '1' | ||
| + | |||
| + | |||
| Line 49: | Line 50: | ||
option interface 'lan' | option interface 'lan' | ||
option AdvSendAdvert '1' | option AdvSendAdvert '1' | ||
| + | option AdvManagedFlag '0' | ||
| + | option AdvOtherConfigFlag '0' | ||
list client '' | list client '' | ||
| − | option ignore '0' | + | '''option ignore '0'''' |
| − | |||
| − | |||
| − | |||
config prefix | config prefix | ||
option interface 'lan' | option interface 'lan' | ||
| + | list prefix '' | ||
option AdvOnLink '1' | option AdvOnLink '1' | ||
option AdvAutonomous '1' | option AdvAutonomous '1' | ||
| − | + | option Base6to4Interface 'wan6' | |
| − | option ignore '0' | + | '''option ignore '0'''' |
config route | config route | ||
option interface 'lan' | option interface 'lan' | ||
| − | list prefix ' | + | list prefix '' |
| − | option ignore '0' | + | '''option ignore '0'''' |
| + | option AdvRoutePreference 'medium' | ||
config rdnss | config rdnss | ||
option interface 'lan' | option interface 'lan' | ||
| − | list addr '2001:470: | + | '''option ignore '0'''' |
| − | + | '''list addr '2001:470:20::2'''' | |
config dnssl | config dnssl | ||
| − | option interface 'lan' | + | option interface 'lan' |
| − | + | list suffix '' | |
option ignore '1' | option ignore '1' | ||
| Line 80: | Line 82: | ||
==/etc/config/network== | ==/etc/config/network== | ||
| − | |||
config interface 'loopback' | config interface 'loopback' | ||
| Line 89: | Line 90: | ||
config globals 'globals' | config globals 'globals' | ||
| − | + | '''option ula_prefix '2001:470:36:ab6::2/64'''' | |
config interface 'lan' | config interface 'lan' | ||
| Line 96: | Line 97: | ||
option proto 'static' | option proto 'static' | ||
option netmask '255.255.255.0' | option netmask '255.255.255.0' | ||
| − | |||
option ipaddr '192.168.0.222' | option ipaddr '192.168.0.222' | ||
| − | option | + | '''option ip6assign '64'''' |
config interface 'wan' | config interface 'wan' | ||
| Line 107: | Line 107: | ||
config interface 'wan6' | config interface 'wan6' | ||
option ifname '@wan' | option ifname '@wan' | ||
| − | option proto ' | + | option proto '6in4' |
| + | option peeraddr '216.218.221.42' | ||
| + | option ip6addr '2001:470:35:ab6::2/64' | ||
| + | option tunnelid '208951' | ||
| + | option username 'tb51aa9310a105d0.19920640' | ||
| + | option password 'PASSWORDANDA' | ||
| + | option ip6prefix '2001:470:36:ab6::/64' | ||
config switch | config switch | ||
| Line 113: | Line 119: | ||
option reset '1' | option reset '1' | ||
option enable_vlan '1' | option enable_vlan '1' | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| Line 134: | Line 124: | ||
config system | config system | ||
| + | option hostname 'Linksys-WRT160NL' | ||
option zonename 'Asia/Jakarta' | option zonename 'Asia/Jakarta' | ||
option timezone 'WIT-7' | option timezone 'WIT-7' | ||
option conloglevel '8' | option conloglevel '8' | ||
option cronloglevel '8' | option cronloglevel '8' | ||
| − | |||
config timeserver 'ntp' | config timeserver 'ntp' | ||
| Line 161: | Line 151: | ||
list ht_capab 'SHORT-GI-40' | list ht_capab 'SHORT-GI-40' | ||
list ht_capab 'DSSS_CCK-40' | list ht_capab 'DSSS_CCK-40' | ||
| + | option disabled '0' | ||
| + | option channel '1' | ||
| + | option txpower '12' | ||
option country 'US' | option country 'US' | ||
| − | |||
| − | |||
config wifi-iface | config wifi-iface | ||
| Line 189: | Line 180: | ||
net.ipv4.tcp_dsack=1 | net.ipv4.tcp_dsack=1 | ||
| − | net.ipv6.conf.default.forwarding= | + | '''net.ipv6.conf.default.forwarding=2''' |
| − | net.ipv6.conf.all.forwarding= | + | '''net.ipv6.conf.all.forwarding=2''' |
net.netfilter.nf_conntrack_acct=1 | net.netfilter.nf_conntrack_acct=1 | ||
| Line 203: | Line 194: | ||
net.bridge.bridge-nf-call-ip6tables=0 | net.bridge.bridge-nf-call-ip6tables=0 | ||
net.bridge.bridge-nf-call-iptables=0 | net.bridge.bridge-nf-call-iptables=0 | ||
| + | |||
| + | |||
| + | ==/etc/config/firewall== | ||
| + | |||
| + | config defaults | ||
| + | option syn_flood '1' | ||
| + | option input 'ACCEPT' | ||
| + | option output 'ACCEPT' | ||
| + | option forward 'REJECT' | ||
| + | |||
| + | config zone | ||
| + | option name 'lan' | ||
| + | option input 'ACCEPT' | ||
| + | option output 'ACCEPT' | ||
| + | option forward 'REJECT' | ||
| + | option network 'lan MESH' | ||
| + | |||
| + | config zone | ||
| + | option name 'wan' | ||
| + | option input 'REJECT' | ||
| + | option output 'ACCEPT' | ||
| + | option forward 'REJECT' | ||
| + | option masq '1' | ||
| + | option mtu_fix '1' | ||
| + | option network 'wan wan6' | ||
| + | |||
| + | config forwarding | ||
| + | option src 'lan' | ||
| + | option dest 'wan' | ||
| + | |||
| + | config rule | ||
| + | option name 'Allow-DHCP-Renew' | ||
| + | option src 'wan' | ||
| + | option proto 'udp' | ||
| + | option dest_port '68' | ||
| + | option target 'ACCEPT' | ||
| + | option family 'ipv4' | ||
| + | |||
| + | config rule | ||
| + | option name 'Allow-Ping' | ||
| + | option src 'wan' | ||
| + | option proto 'icmp' | ||
| + | option icmp_type 'echo-request' | ||
| + | option family 'ipv4' | ||
| + | option target 'ACCEPT' | ||
| + | |||
| + | config rule | ||
| + | option name 'Allow-DHCPv6' | ||
| + | option src 'wan' | ||
| + | option proto 'udp' | ||
| + | option src_ip 'fe80::/10' | ||
| + | option src_port '547' | ||
| + | option dest_ip 'fe80::/10' | ||
| + | option dest_port '546' | ||
| + | option family 'ipv6' | ||
| + | option target 'ACCEPT' | ||
| + | |||
| + | config rule | ||
| + | option name 'Allow-ICMPv6-Input' | ||
| + | option src 'wan' | ||
| + | option proto 'icmp' | ||
| + | list icmp_type 'echo-request' | ||
| + | list icmp_type 'echo-reply' | ||
| + | list icmp_type 'destination-unreachable' | ||
| + | list icmp_type 'packet-too-big' | ||
| + | list icmp_type 'time-exceeded' | ||
| + | list icmp_type 'bad-header' | ||
| + | list icmp_type 'unknown-header-type' | ||
| + | list icmp_type 'router-solicitation' | ||
| + | list icmp_type 'neighbour-solicitation' | ||
| + | list icmp_type 'router-advertisement' | ||
| + | list icmp_type 'neighbour-advertisement' | ||
| + | option limit '1000/sec' | ||
| + | option family 'ipv6' | ||
| + | option target 'ACCEPT' | ||
| + | |||
| + | config rule | ||
| + | option name 'Allow-ICMPv6-Forward' | ||
| + | option src 'wan' | ||
| + | |||
| + | |||
| + | |||
==Pranala Menarik== | ==Pranala Menarik== | ||
Revision as of 14:37, 4 June 2013
/etc/config/6relayd
config server 'default' option master 'wan6' list network 'lan' option rd 'server' option dhcpv6 'server' option fallback_relay 'rd dhcpv6 ndp' option management_level '1' option compat_ula '1' option always_assume_default '1' option rewrite_dns_addr '2001:470:20::2'
/etc/config/dhcp
config dnsmasq option boguspriv '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' list server '74.82.42.42' list server '2001:470:20::2' config dhcp 'lan' option interface 'lan' option start '100' option leasetime '12h' option limit '50' option force '1' config dhcp 'wan' option interface 'wan' option ignore '1'
/etc/config/radvd
config interface option interface 'lan' option AdvSendAdvert '1' option AdvManagedFlag '0' option AdvOtherConfigFlag '0' list client option ignore '0' config prefix option interface 'lan' list prefix option AdvOnLink '1' option AdvAutonomous '1' option Base6to4Interface 'wan6' option ignore '0' config route option interface 'lan' list prefix option ignore '0' option AdvRoutePreference 'medium' config rdnss option interface 'lan' option ignore '0' list addr '2001:470:20::2' config dnssl option interface 'lan' list suffix option ignore '1'
/etc/config/network
config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' option ula_prefix '2001:470:36:ab6::2/64' config interface 'lan' option ifname 'eth0' option type 'bridge' option proto 'static' option netmask '255.255.255.0' option ipaddr '192.168.0.222' option ip6assign '64' config interface 'wan' option ifname 'eth1' option proto 'dhcp' option macaddr '00:1E:EC:97:4D:C2' config interface 'wan6' option ifname '@wan' option proto '6in4' option peeraddr '216.218.221.42' option ip6addr '2001:470:35:ab6::2/64' option tunnelid '208951' option username 'tb51aa9310a105d0.19920640' option password 'PASSWORDANDA' option ip6prefix '2001:470:36:ab6::/64' config switch option name 'switch0' option reset '1' option enable_vlan '1'
/etc/config/system
config system option hostname 'Linksys-WRT160NL' option zonename 'Asia/Jakarta' option timezone 'WIT-7' option conloglevel '8' option cronloglevel '8' config timeserver 'ntp' list server '0.openwrt.pool.ntp.org' list server '1.openwrt.pool.ntp.org' list server '2.openwrt.pool.ntp.org' list server '3.openwrt.pool.ntp.org' config led 'led_wlan' option name 'WLAN' option sysfs 'wrt160nl:blue:wlan' option trigger 'phy0tpt'
/etc/config/wireless
config wifi-device 'radio0' option type 'mac80211' option hwmode '11ng' option path 'platform/ath9k' option htmode 'HT20' list ht_capab 'SHORT-GI-40' list ht_capab 'DSSS_CCK-40' option disabled '0' option channel '1' option txpower '12' option country 'US' config wifi-iface option device 'radio0' option encryption 'none' option ssid 'MESH' option mode 'adhoc' option bssid '02:CA:FF:EE:BA:BE' option network 'MESH'
/etc/sysctl.conf
kernel.panic=3 net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1 net.ipv4.ip_forward=1 net.ipv4.icmp_echo_ignore_broadcasts=1 net.ipv4.icmp_ignore_bogus_error_responses=1 net.ipv4.tcp_ecn=0 net.ipv4.tcp_fin_timeout=30 net.ipv4.tcp_keepalive_time=120 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_timestamps=1 net.ipv4.tcp_sack=1 net.ipv4.tcp_dsack=1 net.ipv6.conf.default.forwarding=2 net.ipv6.conf.all.forwarding=2 net.netfilter.nf_conntrack_acct=1 net.netfilter.nf_conntrack_checksum=0 net.netfilter.nf_conntrack_max=16384 net.netfilter.nf_conntrack_tcp_timeout_established=3600 net.netfilter.nf_conntrack_udp_timeout=60 net.netfilter.nf_conntrack_udp_timeout_stream=180 # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=0 net.bridge.bridge-nf-call-ip6tables=0 net.bridge.bridge-nf-call-iptables=0
/etc/config/firewall
config defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' option network 'lan MESH' config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wan6' config forwarding option src 'lan' option dest 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fe80::/10' option src_port '547' option dest_ip 'fe80::/10' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan'
Pranala Menarik
- OpenWRT
- OpenWRT: Download Firmware yang sudah jadi
- OpenWRT: Source Repository Download
- OpenWRT: Melihat Daftar Package
Build Firmware
- OpenWRT: Build Firmware
- OpenWRT: Build Firmware Download Source Pendukung
- OpenWRT: Build Firmware Buffalo WZRHPG450H
- OpenWRT: Build Firmware Buffalo WZRHPG300N
- OpenWRT: Build Firmware Buffalo WZRHPG300NH2
- Buffalo
- Buffalo: WZRHPG450H Cara Recovery
- Buffalo: WZRHPG450H OpenWRT mengaktifkan setelah di flash
- Buffalo: WZRHPG450H Membuat Firmware OpenWRT Sendiri COOL
- Buffalo: WZRHPG450H OpenWRT instalasi aplikasi Pendukung OLSRD
- OpenWRT: Build Firmware Ubiquiti NanoStation2
- OpenWRT: Build Firmware Mikrotik RB433
- OpenWRT: Build Firmware Linksys WRT160NL
- OpenWRT: Build Firmware Linksys WRT54GL
IPv6
- OpenWRT: IPv6
- OpenWRT IPv6: Build Firmware Linksys WRT160NL
- OpenWRT IPv6: Build Firmware Linksys WRT160NL Tanpa WebGUI
- OpenWRT IPv6: Setup tunnel ke tunnelbroker
- OpenWRT IPv6: Konfigurasi
Flash Firmware
- OpenWRT: Flash Linksys WRT54GL
- OpenWRT: Flash Linksys WRT160NL
- OpenWRT: Flash Buffalo WZRHP450H
- OpenWRT: Flash Buffalo WZRHP300N
- OpenWRT: Flash UBNT NanoStation2
- OpenWRT: Flash UBNT NanoStation M2
- OpenWRT: Flash UBNT NanoStation Loco M2
Misc
- OpenWRT: Setup WiFi
- OpenWRT: Setup PPTP VPN Server
- OpenWRT: Setup OLSR di UBNT via CLI
- OpenWRT: Mikrotik RB433
- OpenWRT: Setup OLSR Sederhana
- OLSR - di OpenWRT
- OpenWRT: 3G modem
- OpenWRT: Build Firmware dengan 3G Modem Support
- OpenWRT: Setup Firewall
- OpenWRT: Konfigurasi UBNT NanoStation2 tanpa WebGUI
UBNT
- UBNT
- UBNT: Teknik Recovery
- UBNT: Upload Firmware
- UBNT: Rebuild Firmware
- UBNT: firmware dengan OLSR
- UBNT: openwrt
- UBNT: olsr dengan openwrt
- UBNT: olsr dengan kamikaze openwrt
- UBNT: olsr dengan backfire openwrt RECOMMENDED
- UBNT: UniFi
- UBNT: UniFi Konfigurasi Awal
- UBNT: UniFi Manajemen HotSpot
- UBNT: OLSR Pembuatan Firmware
- UBNT: OLSR Konfigurasi
- OLSR - di UBNT
- OLSR - di Ubuntu
- OpenWRT