WIP: vlan experimentation
This commit is contained in:
parent
fd6077c476
commit
55ce0f0be1
4 changed files with 101 additions and 62 deletions
|
|
@ -146,20 +146,20 @@ in {
|
|||
systemd.network = {
|
||||
wait-online.anyInterface = true;
|
||||
netdevs = {
|
||||
# Create the VLANs
|
||||
"00-vlan-100" = {
|
||||
Name = "vlan100";
|
||||
Kind = "vlan";
|
||||
};
|
||||
|
||||
# Create the bridge interfaces
|
||||
# Create the bridge interface
|
||||
"20-br-lan" = {
|
||||
netdevConfig = {
|
||||
Kind = "bridge";
|
||||
Name = "br-lan";
|
||||
VLANFiltering = true;
|
||||
DefaultPVID = 10;
|
||||
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
[Bridge]
|
||||
STP=true
|
||||
VLANFiltering=yes
|
||||
DefaultPVID=none
|
||||
'';
|
||||
};
|
||||
};
|
||||
networks = {
|
||||
|
|
@ -239,7 +239,8 @@ in {
|
|||
services.hostapd = {
|
||||
enable = true;
|
||||
radios = let
|
||||
mkBssid = i: "34:56:ce:0f:ed:4${builtins.toString i}";
|
||||
mkBssid = i: # generated with https://miniwebtool.com/mac-address-generator/
|
||||
"34:56:ce:0f:ed:4${builtins.toString i}";
|
||||
in {
|
||||
wlan0 = {
|
||||
band = "2g";
|
||||
|
|
@ -259,13 +260,15 @@ in {
|
|||
# saePasswordsFile = config.sops.secrets.wifiPassword.path;
|
||||
saePasswords = [
|
||||
{
|
||||
password = "justtestingwifi";
|
||||
# vlanid = 100;
|
||||
password = "normalnormal";
|
||||
}
|
||||
{
|
||||
password = "vlanvlan";
|
||||
vlanid = 1;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# generated with https://miniwebtool.com/mac-address-generator/
|
||||
bssid = mkBssid 0;
|
||||
settings = {
|
||||
bridge = "br-lan";
|
||||
|
|
@ -279,20 +282,33 @@ in {
|
|||
# saePasswordsFile = config.sops.secrets.wifiPassword.path;
|
||||
saePasswords = [
|
||||
{
|
||||
password = "justtestingwifi";
|
||||
# vlanid = 100;
|
||||
password = "normalnormal";
|
||||
}
|
||||
{
|
||||
password = "vlanvlan";
|
||||
vlanid = 1;
|
||||
}
|
||||
];
|
||||
wpaPskFile = pkgs.writeText "pskfile" ''
|
||||
00:00:00:00:00:00 justtestingwifi
|
||||
# vlanid=100 00:00:00:00:00:00 justtestingwifi-vlan
|
||||
wpaPskFile = pkgs.writeText "wpa_psk" ''
|
||||
00:00:00:00:00:00 normalnormal
|
||||
vlanid=1 00:00:00:00:00:00 vlanvlan
|
||||
'';
|
||||
};
|
||||
|
||||
# generated with https://miniwebtool.com/mac-address-generator/
|
||||
bssid = mkBssid 1;
|
||||
settings = {
|
||||
bridge = "br-lan";
|
||||
|
||||
# resources on vlan tagging
|
||||
# https://wireless.wiki.kernel.org/en/users/Documentation/hostapd#dynamic_vlan_tagging
|
||||
# https://forum.openwrt.org/t/individual-per-passphrase-wifi-vlans-using-wpa-psk-file-no-radius-required/161696/4
|
||||
|
||||
vlan_tagged_interface = "br-lan";
|
||||
vlan_bridge = "br-vlan";
|
||||
dynamic_vlan = 1;
|
||||
vlan_file = builtins.toString (pkgs.writeText "hostapd.vlan" ''
|
||||
* wlan0-1.#
|
||||
'');
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -314,6 +330,7 @@ in {
|
|||
# };
|
||||
};
|
||||
};
|
||||
|
||||
# wlan1 = {
|
||||
# band = "5g";
|
||||
# # channels with 160 MHz width in Poland: 36, 52, 100 i 116
|
||||
|
|
@ -416,9 +433,15 @@ in {
|
|||
bogus-priv = true;
|
||||
no-resolv = true;
|
||||
|
||||
dhcp-range = ["br-lan,192.168.10.50,192.168.10.254,24h"];
|
||||
interface = "br-lan";
|
||||
dhcp-host = "192.168.10.1";
|
||||
dhcp-range = [
|
||||
# "br-lan,192.168.10.50,192.168.10.100,24h"
|
||||
"192.168.10.50,192.168.10.100,24h"
|
||||
];
|
||||
|
||||
# interface = "br-lan";
|
||||
# bind-interfaces = true;
|
||||
|
||||
# dhcp-host = "192.168.10.1";
|
||||
|
||||
# local domains
|
||||
local = "/lan/";
|
||||
|
|
@ -491,7 +514,6 @@ in {
|
|||
system.stateVersion = "23.05";
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_bpir3;
|
||||
# boot.kernelPackages = bpir3.packages.aarch64-linux.linuxPackages_bpir3;
|
||||
# We exclude a number of modules included in the default list. A non-insignificant amount do
|
||||
# not apply to embedded hardware like this, so simply skip the defaults.
|
||||
#
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue