Networking

在樹莓派上以橋接模式在 Arch Linux 上配置無線接入點後,Pi Hole DNS 無法正常工作

  • January 12, 2019

我正在嘗試使用 Raspberry Pi 3 Model B(執行 arch linux)及其 WLAN 模組。

直到今天,我的整個網路都在上面執行 Pi Hole。Pi 站在我們手機 Wifi 接收非常差的地方,所以我決定將 Wifi AP 添加到 Pi。

現在奇怪的是 WLAN AP 工作正常(設置為橋接模式,如 @ https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md所述)但我不能做 DNS不再向 Pi 提出請求。

dig pi.home @192.168.1.150
; <<>> DiG 9.13.5 <<>> pi.home @192.168.1.150
;; global options: +cmd
;; connection timed out; no servers could be reached

更令人困惑的是,一旦我在 Chrome 中載入 Pi Hole Web 界面,DNS 就會再次工作。

我目前有以下配置。

Pi-Hole 的 DNS 伺服器監聽所有介面

網橋配置

cat /etc/netctl/bridge
Description="WAP Bridge"
Interface=br0
Connection=bridge
BindsToInterfaces=(eth0 wlan0)
IP=no
ExecUpPost="ip link set dev br0 address $(cat /sys/class/net/eth0/address); IP=dhcp; ip_set"
ExecDownPre="IP=dhcp"
SkipForwardingDelay=yes

iptables

cat /etc/iptables/iptables.rules
*nat
:PREROUTING ACCEPT [4:196]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [88:10291]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [31:4764]
-A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i wlan0 -o eth0 -j ACCEPT
COMMIT

如果配置

ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
       inet 192.168.1.150  netmask 255.255.255.0  broadcast 192.168.1.255
       inet6 xyxyxy  prefixlen 64  scopeid 0x20<link>
       ether xyxyxy  txqueuelen 1000  (Ethernet)
       RX packets 2537  bytes 468919 (457.9 KiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 267  bytes 60665 (59.2 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
       inet6 xyxyxy  prefixlen 64  scopeid 0x20<link>
       ether xyxyxy  txqueuelen 1000  (Ethernet)
       RX packets 2560  bytes 473036 (461.9 KiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 297  bytes 70500 (68.8 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
       inet 127.0.0.1  netmask 255.0.0.0
       inet6 ::1  prefixlen 128  scopeid 0x10<host>
       loop  txqueuelen 1000  (Local Loopback)
       RX packets 109  bytes 8338 (8.1 KiB)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 109  bytes 8338 (8.1 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
       inet6 xyxyxy  prefixlen 64  scopeid 0x20<link>
       ether xyxyxy  txqueuelen 1000  (Ethernet)
       RX packets 0  bytes 0 (0.0 B)
       RX errors 0  dropped 0  overruns 0  frame 0
       TX packets 2276  bytes 529781 (517.3 KiB)
       TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

IPv4 轉發

cat /etc/sysctl.d/ipv4forwarding.conf
net.ipv4.ip_forward = 1

/etc/dhcpd.conf 包含

[...]
denyinterfaces eth0
denyinterfaces wlan0

/etc/hotapd/hostapd.conf(如果需要)

cat /etc/hostapd/hostapd.conf
interface=wlan0
bridge=br0
driver=nl80211
ssid=<SSID>
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=<PASSWORD>
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

任何人的想法?這是否與 Pi Hole 的 DNS 設置中的“允許所有來源”有關?

解決方案是添加Gatewaybr0刪除 IPv4 轉發和所有iptables規則。

引用自:https://unix.stackexchange.com/questions/494039

相關問答

Arch-Linux

ping 顯示“名稱或服務未知”

  • September 22, 2021
檢視問答
Raspberry-Pi

Docker 容器 DNS 無法與 pihole 一起使用

  • May 21, 2021
檢視問答
Networking

Arch linux:spotify 卡在離線狀態

  • November 24, 2020
檢視問答
Arch-Linux

無法在 Arch ARM 上從 AUR 安裝 pi-hole

  • August 16, 2020
檢視問答
Networking

嘗試連接到靜態 IP 網路中的網關

  • April 26, 2017
檢視問答
Networking

無法解決主機錯誤

  • April 7, 2013
檢視問答