本文主要解决以下问题:”404 page not found” & “链接被重置” & “找不到请求的主机”

以下方法只是从思路上进行简单介绍,部分安装设置步骤将不详细赘述。

条件:

1、支持DD-WRT mega版本的路由器,中国电信送的RG100E-AA即可,淘宝上50块人民币就能买到。
2、ipv6.he.net的免费账号

设置步骤:

步骤1:用DD-WRT的mega版本对路由器进行刷机

步骤2:登陆路由器,设置PPPoE账号并进行拨号尝试。若拨号失败,对路由器进行以下操作:
通过Telnet或者SSH2登陆路由器,确认WAN口能正常工作:

root@DD-WRT:~# nvram show | grep vlan.*ports
vlan0ports=1 2 3 4 5*
vlan1ports=0 5u
size: 23203 bytes (9565 left)

若vlan1ports=0 5u,则用下面的命令更改

root@DD-WRT:~# nvram set vlan1ports="0 5"
root@DD-WRT:~# nvram commit
root@DD-WRT:~# reboot

重启后,若

root@DD-WRT:~# nvram show | grep vlan.*ports
vlan0ports=1 2 3 4 5*
vlan1ports=0 5

则表示修改成功。
以上更改后,路由器上标识为WAN的口即是真实的WAN口。再尝试PPPoE拨号,即可成功。

步骤3:编辑路由器启动脚本,对蓝色字体部分进行按需设置

#v1.4 Feb 29, 2012
#***************************
#Settings start here
#***************************

#basic connection settings
SERVER_IP4_ADDR="输入HE.NET tunnel服务器IPv4地址"
CLIENT_IPV6_ADDR="输入tunnel客户端IPv6地址"
ROUTED_64_ADDR="enter ip here"

#account info to auto update endpoint
USERID="enter your hex user id. NOT text username,例如tb504432e2bc0a29.78331099"
PASSWD="your plain text password"
TUNNELID="your numeric tunnel id"

#####Optional/Advanced Settings######

#IPv6 OpenDNS IPv6 Resolver
ENABLE_OPENDNS_IPV6_DNS=1

#HE's endpoint verificiation server ip to add to whitelist
HE_VERIFY_SERVER_IP="66.220.2.74"

#WAN IP Source settings
#Set below to 1 to use  internal NVRAM wan address instead of fetching it from a site
USE_NVRAM_WAN_ADDR_INSTEAD=1
WAN_IP_SOURCE_ADDR="http://automation.whatismyip.com/n09230945.asp"

#logging settings (set to /dev/null for no logging)
STARTUP_SCRIPT_LOG_FILE="/tmp/ipv6.log"
CRON_STATUS_LOG_FILE="/tmp/lastHEUpdate.log"

#Enable this to generate a .wanup script to automatically update local tunnel endpoint address on wan change
ENABLE_WANUP_SCRIPT=1
WANUP_SCRIPT_FILE_PATH="/tmp/etc/config/tunnelUpdate.wanup"

#Generated files paths
CRON_JOB_FILE="/tmp/report.sh"
RADVD_CONFIG="/tmp/radvd.conf"

#***************************
#Settings end here
#***************************

echo "" >> $STARTUP_SCRIPT_LOG_FILE
echo "HE IPv6 Script started" >> $STARTUP_SCRIPT_LOG_FILE

insmod ipv6
sleep 10

#get a hash of the plaintext password
MD5PASSWD=`echo -n $PASSWD | md5sum | sed -e 's/  -//g'`
echo `date` >> $STARTUP_SCRIPT_LOG_FILE

#cut out the "/64" if user typed it in
ROUTED_64_ADDR=`echo $ROUTED_64_ADDR|cut -f1 -d/`
SERVER_IP4_ADDR=`echo $SERVER_IP4_ADDR|cut -f1 -d/`
CLIENT_IPV6_ADDR=`echo $CLIENT_IPV6_ADDR|cut -f1 -d/`
echo "User added addresses cleaned/checked" >> $STARTUP_SCRIPT_LOG_FILE

#get wan ip for our own use
if [ $USE_NVRAM_WAN_ADDR_INSTEAD -eq 1 ]
then
  echo "Fetching WAN IP from NVRAM" >> $STARTUP_SCRIPT_LOG_FILE
  WANIP=$(nvram get wan_ipaddr);
else
  echo "Fetching WAN IP from External Site: " $WAN_IP_SOURCE_ADDR >> $STARTUP_SCRIPT_LOG_FILE
  WANIP=`wget $WAN_IP_SOURCE_ADDR -O - 2>/dev/null`
fi

echo "External IP detected as:" $WANIP >> $STARTUP_SCRIPT_LOG_FILE
if [ -n $WANIP ]
then
echo "configuring tunnel" >> $STARTUP_SCRIPT_LOG_FILE

#update HE endpoint
#need to alllow wan ping or HE will not validate new endpoint
iptables -I INPUT 2 -s $HE_VERIFY_SERVER_IP -p icmp -j ACCEPT
echo -e wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ip=$WANIP&pass=$MD5PASSWD&apikey=$USERID&tid=$TUNNELID" -O $CRON_STATUS_LOG_FILE  >>$CRON_JOB_FILE
chmod +x $CRON_JOB_FILE
echo "Cron script created, sending endpoint update request to HE" >> $STARTUP_SCRIPT_LOG_FILE
etime=`date +%s`
wget -q "http://ipv4.tunnelbroker.net/ipv4_end.php?ip=$WANIP&pass=$MD5PASSWD&apikey=$USERID&tid=$TUNNELID" -O /tmp/wget.tmp.$etime
cat /tmp/wget.tmp.$etime >> $STARTUP_SCRIPT_LOG_FILE
echo "" >> $STARTUP_SCRIPT_LOG_FILE
rm /tmp/wget.tmp.$etime

# The following commands are straight from HE's website
ip tunnel add he-ipv6 mode sit remote $SERVER_IP4_ADDR local $WANIP ttl 255
ip link set he-ipv6 up
ip addr add $CLIENT_IPV6_ADDR/64 dev he-ipv6
ip route add ::/0 dev he-ipv6
ip -f inet6 addr
TEMP_ADDR=`echo $ROUTED_64_ADDR'1'`

# These commands aren't on HE's website, but they're necessary for the tunnel to work
ip -6 addr add $TEMP_ADDR/64 dev br0
ip route add 2000::/3 dev he-ipv6

#Enable IPv6 forwarding
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

# make sure to accept proto-41
iptables -I INPUT 2 -p ipv6 -i vlan1 -j ACCEPT

#make sure to not NAT proto-41
iptables -t nat -A POSTROUTING --proto ! 41 -o eth0 -j MASQUERADE
echo "creating radvd conf" >> $STARTUP_SCRIPT_LOG_FILE

if [ $ENABLE_OPENDNS_IPV6_DNS -eq 1 ]
then
  echo "Open DNS ipv6 enabled" >> $STARTUP_SCRIPT_LOG_FILE
  echo "nameserver 2620:0:ccc::2" >> /tmp/resolv.dnsmasq
  echo "nameserver 2620:0:ccd::2" >> /tmp/resolv.dnsmasq
fi

#generate wanup script
if [ $ENABLE_WANUP_SCRIPT -eq 1 ]
then
	echo "WANUP script being generated" >> $STARTUP_SCRIPT_LOG_FILE
	dirname $WANUP_SCRIPT_FILE_PATH  | xargs mkdir
	echo 'echo "WANUP script triggered on `date`" >>' $STARTUP_SCRIPT_LOG_FILE > $WANUP_SCRIPT_FILE_PATH
	if [ $USE_NVRAM_WAN_ADDR_INSTEAD -eq 1 ]
	then
		echo -e 'WANIP=$(nvram get wan_ipaddr);' >> $WANUP_SCRIPT_FILE_PATH
	else
		echo -e 'WANIP=`wget $WAN_IP_SOURCE_ADDR -O - 2>/dev/null`' >> $WANUP_SCRIPT_FILE_PATH
	fi
	echo -e wget -q 'http://ipv4.tunnelbroker.net/ipv4_end.php?ip=$WANIP'"&pass=$MD5PASSWD&apikey=$USERID&tid=$TUNNELID"  >> $WANUP_SCRIPT_FILE_PATH
	echo 'ip tunnel change he-ipv6 local $WANIP'>>  $WANUP_SCRIPT_FILE_PATH
	chmod +x $WANUP_SCRIPT_FILE_PATH
fi

#creating radvd.conf
echo "#generated by startup script" > $RADVD_CONFIG
echo "interface br0 {" >> $RADVD_CONFIG
echo "AdvSendAdvert on;" >> $RADVD_CONFIG
echo "prefix "$ROUTED_64_ADDR"/64 {" >> $RADVD_CONFIG
echo "AdvOnLink on;" >> $RADVD_CONFIG
echo "AdvAutonomous on;" >> $RADVD_CONFIG
echo "AdvRouterAddr on;" >> $RADVD_CONFIG
echo "};" >> $RADVD_CONFIG
echo "};" >> $RADVD_CONFIG

echo "starting radvd" >> $STARTUP_SCRIPT_LOG_FILE
radvd -C $RADVD_CONFIG &
fi

步骤4:开启路由器的IPv6功能,Administration–>Management–>IPv6 Support–>全部enable,Radvd config文本框留空

步骤5:配置Service–>Service–>DNSMasq,DNSMasq的所有特性都enable,将需要避开DNS拦截的域名添加到Additional DNSMasq Options中, 格式:server=/域名/DNS服务器地址,一行一条。比如:

server=/youtube.com/2001:470:20::2
server=/facebook.com/2001:470:20::2
server=/google.com/2001:470:20::2

以上解决了上网的问题,如若家里装有IPTV,则还需要一台支持802.1q VLAN且VLAN编号无具体限制的可管理交换机,比如cisco 2940,并进行以下设置:
步骤6:设置cisco 2940
将连接外网宽带网线的接口设置为trunk模式

interface FastEthernet0/1
  description to-ISP
  switchport trunk allowed vlan 1,57
  switchport mode trunk
  no cdp enable
  spanning-tree portfast trunk

说明:以上VLAN 1为数据VLAN;vlan 57为IPTV对应的VLAN

设置连接宽带路由器的接口为VLAN 1

interface FastEthernet0/3
 description to-local-router
 switchport mode access
 switchport priority extend cos 4
 spanning-tree portfast

设置连接IPTV机顶盒的接口为VLAN 57

interface FastEthernet0/2
 description IPTV
 switchport access vlan 57
 switchport mode access
 switchport priority extend cos 5
 spanning-tree portfast

至此,所有设置完成。

发表评论

电子邮件地址不会被公开。 必填项已用*标注