| 1 |
Thanks for the detailed reply - my response is inline: |
| 2 |
|
| 3 |
On 1/4/22 00:17, Grant Taylor wrote: |
| 4 |
> On 3/31/22 7:21 AM, William Kenworthy wrote: |
| 5 |
>> Hi, |
| 6 |
> |
| 7 |
> Hi, |
| 8 |
> |
| 9 |
>> I am trying to use a raspberry pi ... to create a routed link |
| 10 |
>> between two access points ... so I can access the monitoring port |
| 11 |
>> ... from homeassistant. |
| 12 |
> |
| 13 |
> I'm distilling this down to a Gentoo system participating in two two |
| 14 |
> LANs, both of which are connected as DHCP clients. -- Correct me if |
| 15 |
> I've distilled too much. -- And you want other systems on either LAN |
| 16 |
> to use this system as a communications path to systems on the opposing |
| 17 |
> LAN. |
| 18 |
> |
| 19 |
Correct, though I only need systems on the home network side (from at |
| 20 |
least two VLANs) to access through the rpi - this device, as well as |
| 21 |
some other "untrusted", cloud devices are on their own VLAN) - the |
| 22 |
inverter is an island and I need to access just that one port. |
| 23 |
|
| 24 |
|
| 25 |
>> Both AP's connect ok from the rpi but the routing is wrong - I can |
| 26 |
>> ping in both directions from the rpi, but only sometimes from devices |
| 27 |
>> further hops away - can openrc even do this? |
| 28 |
> |
| 29 |
> This seems like a classic routing issue. To me, it's not even an |
| 30 |
> OpenRC issue in any way other than how to add static routes /after/ |
| 31 |
> the network is brought up via DHCP. |
| 32 |
|
| 33 |
Agree - I would describe it as a two gateway and related routing issues |
| 34 |
with something resetting/re-configuring of the routing tables into a |
| 35 |
nonsensical state when I try and manually manipulate them. |
| 36 |
|
| 37 |
I did forget to mention I use ospfd (frr) to propagate routes (a |
| 38 |
complex, multi VLAN network) which works fine - its openrc setting the |
| 39 |
wrong routes on the rpi which then get propagated - thats not central to |
| 40 |
this issue though. |
| 41 |
|
| 42 |
|
| 43 |
> |
| 44 |
>> My experimenting so far is hit and miss. Trying to static route or |
| 45 |
>> override the default routes doesn't survive a network glitch, and |
| 46 |
>> half the time doesn't seem to "take" at all. |
| 47 |
> |
| 48 |
> Ya. At a higher level, this can be non-obvious how to do this as it's |
| 49 |
> niche routing configuration. |
| 50 |
> |
| 51 |
>> A working example I could adapt would be great! |
| 52 |
> |
| 53 |
> I don't have an example off hand. -- Seeing as I use static IPs on |
| 54 |
> almost all of my machines, I don't even know if OpenRC supports adding |
| 55 |
> a static route /after/ bringing an interface up with DHCP. |
| 56 |
|
| 57 |
It does, but its either set the network configuration manually which |
| 58 |
kept getting extra routes added - in particular the inverter sends the |
| 59 |
gateway which dhcpd adds then I have to delete ... and gets undone at |
| 60 |
the next network glitch (hostile wifi environment plus weak signal). |
| 61 |
|
| 62 |
|
| 63 |
> |
| 64 |
> I do know that the DHCP protocol supports adding additional options / |
| 65 |
> definitions / parameters (?term?) to specify -- what I've been |
| 66 |
> describing as -- static routes. That way DHCP clients will learn |
| 67 |
> about these additional routes and install them in their local routing |
| 68 |
> table. Though I don't know if you will have the necessary control over |
| 69 |
> /both/ DHCP servers that's needed to do this. |
| 70 |
|
| 71 |
Unfortunately, the inverter is a black box :( |
| 72 |
|
| 73 |
|
| 74 |
> |
| 75 |
> Presuming that you don't have control over /both/ DHCP servers (as |
| 76 |
> control over /both/ will be needed), I'm going to fall back and |
| 77 |
> suggest what I call the "Customer Interface Router". |
| 78 |
|
| 79 |
I cant control the inverter network. |
| 80 |
|
| 81 |
> |
| 82 |
> Specifically, set up port forwarding on the Pi such that when clients |
| 83 |
> on LAN1 connect to $PORT on the Pi, the traffic is DNATed to the |
| 84 |
> HomeAssistant on LAN2 /and/ the traffic is SNATed to the LAN2 |
| 85 |
> interface on the Pi. Thus every system on each LAN thinks that it's |
| 86 |
> talking to a directly attached system in the same LAN. There is no |
| 87 |
> need for routing in this case. |
| 88 |
|
| 89 |
I have not tried this as I thought it would also run into the two |
| 90 |
default gateway issue ... I'll try this next! |
| 91 |
|
| 92 |
|
| 93 |
> |
| 94 |
> I typically only use the C.I.R. when there are reasons that more |
| 95 |
> proper routing can't be configured. The C.I.R. is an abstraction |
| 96 |
> layer that allows either side to operate almost completely |
| 97 |
> independently of each other, save for IP conflicts between each |
| 98 |
> directly attached LAN. |
| 99 |
|
| 100 |
I have now been given api credentials but they don't say if it runs on |
| 101 |
the inverter or a remote site ... more reading! At this stage all I need |
| 102 |
is simple monitoring that I can process using software. |
| 103 |
|
| 104 |
Thanks, |
| 105 |
|
| 106 |
BillK |
| 107 |
|
| 108 |
|
| 109 |
> |
| 110 |
> |
| 111 |
> |
Archives