VyOS como router neutro, con Digi.
Router VyOS con Digi
Limitaciones: el router de Digi sigue siendo necesario para el teléfono. Perderá UPnP y apertura de puertos, así que es conveniente tener un punto de acceso Wi-Fi por separado, y puertos ethernet suficientes en el router de VyOS o en un switch.
Equipos:
- ONT Digi:
ZTE ZXHN F601 - Router Digi:
ZTE ZXHN H3600P - Router VyOS:
Yanling YL-SKUL6-3865U ver 1.00
Versiones
- VyOS:
1.4-rolling-202205150217 - H3600P:
V9.0.9P2_DIGI
He probado esto con «Conexión Plus» (fuera de CG-NAT)
LAN
De momento tendremos que conectarnos con monitor y teclado o puerto serie.
Preparamos la parte del switch (bridge br0):
Lo he configurado para que utilice de eth2 a eth5
interfaces {
[...]
ethernet eth2 {
duplex auto
hw-id 00:e0:67:0b:7c:5c
offload {
gro
gso
sg
tso
}
speed auto
}
# Repetido para eth3, eth4 y eth5
Creamos la interfaz bridge, con IP 192.168.1.1
interfaces {
bridge br0 {
address 192.168.1.1/24
aging 300
hello-time 2
max-age 20
member {
interface eth2 {
}
interface eth3 {
}
interface eth4 {
}
interface eth5 {
}
}
priority 32768
}
Servidor DHCP
NOTA: name-server 192.168.1.1 no funcionará hasta que se configure DNS más abajo.
service {
dhcp-server {
shared-network-name dhcpexample {
authoritative
subnet 192.168.1.0/24 {
default-router 192.168.1.1
lease 86400
name-server 192.168.1.1
range 0 {
start 192.168.1.128
stop 192.168.1.254
}
}
}
}
SSH
Opcionalmente, podremos habilitar SSH para conectarnos desde nuestro PC para mayor comodidad. Al principio lo configuré temporalmente con contraseña para poder guardar mi clave pública. Después desactivé el login con contraseña. El resultado final con clave SSH es:
service {
ssh {
disable-password-authentication
port 22
}
system {
login {
user vyos {
authentication {
encrypted-password <encrypted_password>
plaintext-password ""
public-keys <user@host> {
key <key>
type ssh-rsa
}
}
}
}
WAN
Añadimos ahora eth0, la interfaz conectada al ONT de Digi. Utiliza VLAN 20
interfaces {
ethernet eth0 {
duplex auto
hw-id 00:e0:67:0b:7c:5a
offload {
gro
gso
sg
tso
}
speed auto
vif 20 {
description "PPPoE link interface"
}
}
DNS
Simplemente se hace forward a los DNS de Digi que vengan por eth0.20
service {
dns {
forwarding {
allow-from 192.168.0.0/16
dhcp eth0.20
listen-address 192.168.1.1
}
}
Interfaz PPPoE
Necesitamos las credenciales PPPoE, pidiéndoselas a Digi o, de manera alternativa, utilizando el PC como servidor pppoe para «engañar» al ONT (no cubro esto aquí, ver aquí y aquí):
interfaces {
pppoe pppoe0 {
authentication {
password ********
user XXXXXXXXX@digi
}
ip {
adjust-mss 1452
}
mtu 1492
source-interface eth0.20
}
MTU es 1492. Es también importante configurar MSS (1452), o de lo contrario Internet funcionará a medias, habrá sitios que conecten y otros no, páginas que no terminan de cargar, etc.
Asociamos la interfaz pppoe0 a la interfaz física eth0.20 (eth0 con VLAN 20 del paso anterior).
Verificar IP pública
Una vez hagamos commit, deberíamos ver en la interfaz pppoe0 la IPv4 pública:
vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ------------------------- ----------------- ------- ----- ----- --------------------
[...]
pppoe0 79.116.XXX.XXX/32 n/a default 1492 u/u
DNS del sistema
Esto es para el DNS del propio vyos (por ejemplo, para hacer ping con nombre DNS desde el propio router):
system {
name-server pppoe0
NAT para IPv4
nat {
source {
rule 100 {
outbound-interface pppoe0
translation {
address masquerade
}
}
}
}
Puede que queramos habilitar también UPnP para abrir puertos automáticamente (sólo funcionará con «Conexión Plus», fuera de CG-NAT):
service {
upnp {
listen br0
nat-pmp
wan-interface pppoe0
}
IPv6
ipv6: se utiliza DHCPv6-PD + SLAAC: la configuración de SLAAC es ipv6 address autoconf. DHCPv6-PD es para toda la interfaz br0, y tiene length 56 (prefijo /56 de Digi). Añadir lo siguiente a lo que ya teníamos en interfaces pppoe pppoe0:
interfaces {
pppoe pppoe0 {
# [...Lo que había antes...]
dhcpv6-options {
pd 0 {
interface br0 {
address 1
sla-id 0
}
length 56
}
}
ipv6 {
address {
autoconf
}
}
}
Necesitamos además router advertisements (esto es fuera de interfaces pppoe pppoe0, va en service router-advert.
service {
router-advert {
interface br0 {
link-mtu 1492
prefix ::/64 {
valid-lifetime 172800
}
}
}
Depurar problemas en IPv6
Deberíamos ver un log como éste, en el que Digi nos asigna
vyos@vyos:~$ journalctl -u dhcp6c@pppoe0 --since yesterday
[...]
Jul 22 22:27:28 vyos systemd[1]: Starting dhcp6c@pppoe0.service - WIDE DHCPv6 client on pppoe0...
Jul 22 22:27:28 vyos dhcp6c[3163]: get_duid: extracted an existing DUID from /var/lib/dhcpv6/dhcp6c_duid: <DUID_CLIENTE_OMITIDO>
Jul 22 22:27:28 vyos dhcp6c[3163]: dhcp6_ctl_authinit: failed to open /run/dhcp6c/dhcp6c.pppoe0.sock: No such file or directory
Jul 22 22:27:28 vyos dhcp6c[3163]: client6_init: failed initialize control message authentication
Jul 22 22:27:28 vyos dhcp6c[3163]: client6_init: skip opening control port
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>comment [### Autogenerated by interface.py ###] (37)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>comment [# man https://www.unix.com/man-page/debian/5/dhcp6c.conf/] (57)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[interface] (9)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <5>[pppoe0] (6)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>begin of closure [{] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[send] (4)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[ia-pd] (5)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[0] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>comment [# prefix delegation #0] (22)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[script] (6)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>["/etc/wide-dhcpv6/dhcp6c.pppoe0.script"] (39)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of closure [}] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[id-assoc] (8)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <15>[pd] (2)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <15>[0] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <15>begin of closure [{] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[prefix] (6)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[::] (2)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[/] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[56] (2)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[infinity] (8)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[prefix-interface] (16)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <5>[br0] (3)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>begin of closure [{] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[sla-len] (7)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[8] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[sla-id] (6)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[0] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[ifid] (4)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>[1] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of closure [}] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of closure [}] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: cfdebug_print: <3>end of sentence [;] (1)
Jul 22 22:27:28 vyos dhcp6c[3163]: configure_pool: called
Jul 22 22:27:28 vyos dhcp6c[3163]: clear_poolconf: called
Jul 22 22:27:28 vyos dhcp6c[3165]: dhcp6_reset_timer: reset a timer on pppoe0, state=INIT, timeo=0, retrans=383
Jul 22 22:27:28 vyos systemd[1]: Started dhcp6c@pppoe0.service - WIDE DHCPv6 client on pppoe0.
Jul 22 22:27:28 vyos dhcp6c[3165]: client6_send: a new XID (d892e7) is generated
Jul 22 22:27:28 vyos dhcp6c[3165]: copy_option: set client ID (len 18)
Jul 22 22:27:28 vyos dhcp6c[3165]: copy_option: set elapsed time (len 2)
Jul 22 22:27:28 vyos dhcp6c[3165]: copyout_option: set IA_PD prefix
Jul 22 22:27:28 vyos dhcp6c[3165]: copyout_option: set IA_PD
Jul 22 22:27:28 vyos dhcp6c[3165]: client6_send: send solicit to ff02::1:2%pppoe0
Jul 22 22:27:28 vyos dhcp6c[3165]: dhcp6_reset_timer: reset a timer on pppoe0, state=SOLICIT, timeo=0, retrans=1088
Jul 22 22:27:28 vyos dhcp6c[3165]: client6_recv: receive advertise from fe80::1%pppoe0 on pppoe0
Jul 22 22:27:28 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option server ID, len 25
Jul 22 22:27:28 vyos dhcp6c[3165]: DUID: <DUID_SERVIDOR_OMITIDO>
Jul 22 22:27:28 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option client ID, len 18
Jul 22 22:27:28 vyos dhcp6c[3165]: DUID: <DUID_CLIENTE_OMITIDO>
Jul 22 22:27:28 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option IA_PD, len 41
Jul 22 22:27:28 vyos dhcp6c[3165]: IA_PD: ID=0, T1=0, T2=0
Jul 22 22:27:28 vyos dhcp6c[3165]: copyin_option: get DHCP option IA_PD prefix, len 25
Jul 22 22:27:28 vyos dhcp6c[3165]: copyin_option: IA_PD prefix: 2a0c:5a8X:XXXX:XXXX::/56 pltime=4294967295 vltime=4294967295
Jul 22 22:27:28 vyos dhcp6c[3165]: client6_recvadvert: server ID: <DUID_SERVIDOR_OMITIDO>, pref=-1
Jul 22 22:27:28 vyos dhcp6c[3165]: client6_recvadvert: reset timer for pppoe0 to 0.996034
Jul 22 22:27:29 vyos dhcp6c[3165]: select_server: picked a server (ID: <DUID_SERVIDOR_OMITIDO>)
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_send: a new XID (afb9ac) is generated
Jul 22 22:27:29 vyos dhcp6c[3165]: copy_option: set client ID (len 18)
Jul 22 22:27:29 vyos dhcp6c[3165]: copy_option: set server ID (len 25)
Jul 22 22:27:29 vyos dhcp6c[3165]: copy_option: set elapsed time (len 2)
Jul 22 22:27:29 vyos dhcp6c[3165]: copyout_option: set IA_PD prefix
Jul 22 22:27:29 vyos dhcp6c[3165]: copyout_option: set IA_PD
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_send: send request to ff02::1:2%pppoe0
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_reset_timer: reset a timer on pppoe0, state=REQUEST, timeo=0, retrans=977
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_recv: receive reply from fe80::1%pppoe0 on pppoe0
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option server ID, len 25
Jul 22 22:27:29 vyos dhcp6c[3165]: DUID: <DUID_SERVIDOR_OMITIDO>
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option client ID, len 18
Jul 22 22:27:29 vyos dhcp6c[3165]: DUID: <DUID_CLIENTE_OMITIDO>
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_get_options: get DHCP option IA_PD, len 41
Jul 22 22:27:29 vyos dhcp6c[3165]: IA_PD: ID=0, T1=0, T2=0
Jul 22 22:27:29 vyos dhcp6c[3165]: copyin_option: get DHCP option IA_PD prefix, len 25
Jul 22 22:27:29 vyos dhcp6c[3165]: copyin_option: IA_PD prefix: 2a0c:5a8X:XXXX:XXXX::/56 pltime=4294967295 vltime=4294967295
Jul 22 22:27:29 vyos dhcp6c[3165]: get_ia: make an IA: PD-0
Jul 22 22:27:29 vyos dhcp6c[3165]: update_prefix: create a prefix 2a0c:5a8X:XXXX:XXXX::/56 pltime=94918777241599, vltime=94918777241599
Jul 22 22:27:29 vyos dhcp6c[3165]: ifaddrconf: add an address 2a0c:5a8X:XXXX:XXXX::1/64 on br0
Jul 22 22:27:29 vyos dhcp6c[3165]: update_ia: T1(4294967295) and/or T2(4294967295) is locally determined
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_remove_event: removing an event on pppoe0, state=REQUEST
Jul 22 22:27:29 vyos dhcp6c[3165]: dhcp6_remove_event: removing server (ID: <DUID_SERVIDOR_OMITIDO>)
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_recvreply: executes /etc/wide-dhcpv6/dhcp6c.pppoe0.script
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_script: script "/etc/wide-dhcpv6/dhcp6c.pppoe0.script" terminated
Jul 22 22:27:29 vyos dhcp6c[3165]: client6_recvreply: got an expected reply, sleeping.
Al listar interfaces, veremos el /64 en br0, la interfaz donde hemos asignado el prefix delegation (no en pppoe0, donde sólo aparece la IPv4 pública).
vyos@vyos:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ------------------------- ----------------- ------- ----- ----- --------------------
br0 192.168.1.1/24 a2:6f:97:73:b0:30 default 1500 u/u
2a0c:5a8X:XXXX:XXXX::X/64
[...]
Si, por el contario, vemos esto:
vyos@vyos:~$ journalctl -u dhcp6c@pppoe0 --since yesterday
[...]
Jul 22 15:14:56 vyos dhcp6c[3155]: client6_send: send solicit to ff02::1:2%pppoe0
Jul 22 15:14:56 vyos dhcp6c[3155]: dhcp6_reset_timer: reset a timer on pppoe0, state=SOLICIT, timeo=0, retrans=1088
Jul 22 15:14:57 vyos dhcp6c[3155]: copy_option: set client ID (len 18)
Jul 22 15:14:57 vyos dhcp6c[3155]: copy_option: set elapsed time (len 2)
Jul 22 15:14:57 vyos dhcp6c[3155]: copyout_option: set IA_PD prefix
Jul 22 15:14:57 vyos dhcp6c[3155]: copyout_option: set IA_PD
Jul 22 15:14:57 vyos dhcp6c[3155]: client6_send: send solicit to ff02::1:2%pppoe0
Jul 22 15:14:57 vyos dhcp6c[3155]: dhcp6_reset_timer: reset a timer on pppoe0, state=SOLICIT, timeo=1, retrans=2151
Jul 22 15:15:00 vyos dhcp6c[3155]: copy_option: set client ID (len 18)
Jul 22 15:15:00 vyos dhcp6c[3155]: copy_option: set elapsed time (len 2)
Jul 22 15:15:00 vyos dhcp6c[3155]: copyout_option: set IA_PD prefix
Jul 22 15:15:00 vyos dhcp6c[3155]: copyout_option: set IA_PD
Jul 22 15:15:00 vyos dhcp6c[3155]: client6_send: send solicit to ff02::1:2%pppoe0
Jul 22 15:15:00 vyos dhcp6c[3155]: dhcp6_reset_timer: reset a timer on pppoe0, state=SOLICIT, timeo=2, retrans=4283
Jul 22 15:15:04 vyos dhcp6c[3155]: copy_option: set client ID (len 18)
Jul 22 15:15:04 vyos dhcp6c[3155]: copy_option: set elapsed time (len 2)
Jul 22 15:15:04 vyos dhcp6c[3155]: copyout_option: set IA_PD prefix
Jul 22 15:15:04 vyos dhcp6c[3155]: copyout_option: set IA_PD
Jul 22 15:15:04 vyos dhcp6c[3155]: client6_send: send solicit to ff02::1:2%pppoe0
Jul 22 15:15:04 vyos dhcp6c[3155]: dhcp6_reset_timer: reset a timer on pppoe0, state=SOLICIT, timeo=3, retrans=8905
Jul 22 15:15:13 vyos dhcp6c[3155]: copy_option: set client ID (len 18)
Jul 22 15:15:13 vyos dhcp6c[3155]: copy_option: set elapsed time (len 2)
Jul 22 15:15:13 vyos dhcp6c[3155]: copyout_option: set IA_PD prefix
Jul 22 15:15:13 vyos dhcp6c[3155]: copyout_option: set IA_PD
…quiere decir que el servidor DHCPv6 de Digi no está respondiendo. Me ha pasado varias veces al reiniciar el router. Tengo que reiniciar de nuevo pasa solucionarlo. Creo que simplemente a Digi se le va la pinza.
Teléfono fijo
ACTUALIZACIÓN: El teléfono ha estado meses funcionando sólo con el primer paso de abajo. Sin embargo, hace unos días, al reiniciar VyOS, dejó de funcionar. La luz «Phone» del router de Digi estaba apagada. Intenté reiniciar éste varias veces, sin éxito. Reseteándolo a fábrica y conectando temporalmente a la ONT se solucionó; sin embargo, tras otro reinicio VyOS falló nuevamente. ¿Remedio? Segundo paso adicional con VLAN 11 (ver abajo).
Primer paso: dar acceso a Internet al router de Digi
Habilitamos un servidor PPPoE «falso» para «engañar» al router de Digi. Conectamos el puerto eth1 de VyOS al WAN de Digi:
service {
pppoe-server {
access-concentrator fakedigi
authentication {
local-users {
username XXXXXXXXX@digi {
password ********
}
}
mode local
}
client-ip-pool {
start 10.0.1.200
stop 10.0.1.250
}
gateway-address 10.0.1.1
interface eth1 {
vlan-id 20
}
name-server 100.90.1.1
name-server 100.100.1.1
}
Captura de tráfico de eth1 al arranque del router de Digi con tráfico SIP:
vyos@vyos:~$ monitor traffic interface eth1
11:30:47.246050 IP6 fe80::2e0:67ff:fe0b:7c5b > ff02::16: HBH ICMP6, multicast listener report v2, 4 group record(s), length 88
11:30:47.248110 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
11:30:47.248133 IP6 fe80::2e0:67ff:fe0b:7c5b > ff02::16: HBH ICMP6, multicast listener report v2, 3 group record(s), length 68
11:30:47.344098 IP6 fe80::2e0:67ff:fe0b:7c5b > ff02::16: HBH ICMP6, multicast listener report v2, 4 group record(s), length 88
11:30:47.688095 IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
11:30:48.216099 IP6 fe80::2e0:67ff:fe0b:7c5b > ff02::16: HBH ICMP6, multicast listener report v2, 3 group record(s), length 68
11:30:48.804989 PPPoE [ses 0x28c0] LCP, Term-Request (0x05), id 7, length 18
11:30:48.805199 PPPoE [ses 0x28c0] LCP, Term-Ack (0x06), id 7, length 6
11:30:49.886263 PPPoE PADT [ses 0x28c0] [Generic-Error "RP-PPPoE: terminate"]
11:30:49.900331 PPPoE PADT [ses 0x28c0] [AC-Name "fakedigi"] [Service-Name]
11:30:50.126163 PPPoE PADI [Service-Name] [Host-Uniq 0x********]
11:30:50.126433 PPPoE PADO [AC-Name "fakedigi"] [Service-Name] [AC-Cookie 0x************************************************] [Host-Uniq 0x********]
11:30:50.126960 PPPoE PADR [Service-Name] [Host-Uniq 0x********] [AC-Cookie 0x************************************************]
11:30:50.127241 PPPoE PADS [ses 0x2900] [AC-Name "fakedigi"] [Service-Name] [Host-Uniq 0x********]
11:30:50.127689 PPPoE [ses 0x2900] LCP, Conf-Request (0x01), id 117, length 20
11:30:50.178446 PPPoE [ses 0x2900] LCP, Conf-Request (0x01), id 1, length 16
11:30:50.178610 PPPoE [ses 0x2900] LCP, Conf-Ack (0x02), id 1, length 16
11:30:53.127888 PPPoE [ses 0x2900] LCP, Conf-Request (0x01), id 117, length 20
11:30:53.128328 PPPoE [ses 0x2900] LCP, Conf-Request (0x01), id 1, length 16
11:30:53.128329 PPPoE [ses 0x2900] LCP, Conf-Ack (0x02), id 117, length 20
11:30:53.128479 PPPoE [ses 0x2900] LCP, Conf-Ack (0x02), id 1, length 16
11:30:55.525990 PPPoE [ses 0x2900] LCP, Echo-Request (0x09), id 0, length 10
11:30:55.526197 PPPoE [ses 0x2900] LCP, Echo-Reply (0x0a), id 0, length 10
11:30:55.527482 PPPoE [ses 0x2900] PAP, Auth-Req (0x01), id 1, Peer XXXXXXXXX@digi, Name ********
11:30:55.528212 PPPoE [ses 0x2900] PAP, Auth-ACK (0x02), id 1, Msg Authentication succeeded
11:30:55.534485 PPPoE [ses 0x2900] IPCP, Conf-Request (0x01), id 1, length 24
11:30:55.534616 PPPoE [ses 0x2900] IPCP, Conf-Request (0x01), id 240, length 12
11:30:55.534635 PPPoE [ses 0x2900] IPCP, Conf-Nack (0x03), id 1, length 24
11:30:55.535614 PPPoE [ses 0x2900] IP6CP, Conf-Request (0x01), id 1, length 16
11:30:55.535676 PPPoE [ses 0x2900] IPCP, Conf-Ack (0x02), id 240, length 12
11:30:55.535719 PPPoE [ses 0x2900] LCP, Prot-Reject (0x08), id 119, length 8
11:30:55.535726 PPPoE [ses 0x2900] IPCP, Conf-Request (0x01), id 2, length 24
11:30:55.535747 PPPoE [ses 0x2900] IPCP, Conf-Ack (0x02), id 2, length 24
11:30:55.538039 PPPoE [ses 0x2900] IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
11:30:55.888103 PPPoE [ses 0x2900] IP6 :: > ff02::16: HBH ICMP6, multicast listener report v2, 1 group record(s), length 28
11:30:55.908653 PPPoE [ses 0x2900] IP 10.0.1.214.53464 > 100.90.1.1.domain: 17935+ A? ims.digimobil.es. (34)
11:30:55.913369 PPPoE [ses 0x2900] IP 100.90.1.1.domain > 10.0.1.214.53464: 17935 1/0/0 A 10.30.5.69 (50)
11:30:55.916671 PPPoE [ses 0x2900] IP 10.0.1.214.44653 > 100.90.1.1.domain: 6411+ A? ntp.s.digimobil.es. (36)
11:30:55.916999 PPPoE [ses 0x2900] IP 10.0.1.214.47789 > 100.100.1.1.domain: 2564+ A? ntp.s.digimobil.es. (36)
11:30:55.921399 PPPoE [ses 0x2900] IP 100.90.1.1.domain > 10.0.1.214.44653: 6411 3/0/0 CNAME ntp.digimobil.es., A 188.26.208.20, A 188.26.208.19 (98)
11:30:55.921857 PPPoE [ses 0x2900] IP 100.100.1.1.domain > 10.0.1.214.47789: 2564 3/0/0 CNAME ntp.digimobil.es., A 188.26.208.19, A 188.26.208.20 (98)
11:30:55.923314 PPPoE [ses 0x2900] IP 10.0.1.214.36217 > static-188-26-208-20.digimobil.es.ntp: NTPv3, Client, length 48
11:30:55.923720 PPPoE [ses 0x2900] IP 10.0.1.214.36217 > static-188-26-208-19.digimobil.es.ntp: NTPv3, Client, length 48
11:30:55.927924 PPPoE [ses 0x2900] IP static-188-26-208-20.digimobil.es.ntp > 10.0.1.214.36217: NTPv3, Server, length 48
11:30:55.928376 PPPoE [ses 0x2900] IP static-188-26-208-19.digimobil.es.ntp > 10.0.1.214.36217: NTPv3, Server, length 48
11:30:55.928939 PPPoE [ses 0x2900] IP 10.0.1.214 > static-188-26-208-19.digimobil.es: ICMP 10.0.1.214 udp port 36217 unreachable, length 84
11:30:56.655010 PPPoE [ses 0x2900] IP 10.0.1.214.sip > 10.30.5.69.sip: SIP: REGISTER sip:ims.digimobil.es SIP/2.0
11:30:56.728538 PPPoE [ses 0x2900] IP 10.30.5.69.sip > 10.0.1.214.sip: SIP: SIP/2.0 401 Unauthorized
11:30:56.742996 PPPoE [ses 0x2900] IP 10.0.1.214.sip > 10.30.5.69.sip: SIP: REGISTER sip:ims.digimobil.es SIP/2.0
11:30:56.938324 PPPoE [ses 0x2900] IP 10.30.5.69.sip > 10.0.1.214.sip: SIP: SIP/2.0 200 OK
11:30:59.958312 PPPoE [ses 0x2900] IP 10.0.1.214.sip > 10.30.5.69.sip: SIP: REGISTER sip:ims.digimobil.es SIP/2.0
11:31:00.201612 PPPoE [ses 0x2900] IP 10.30.5.69.sip > 10.0.1.214.sip: SIP: SIP/2.0 401 Unauthorized
11:31:00.228547 PPPoE [ses 0x2900] IP 10.0.1.214.sip > 10.30.5.69.sip: SIP: REGISTER sip:ims.digimobil.es SIP/2.0
11:31:00.437538 PPPoE [ses 0x2900] IP 10.30.5.69.sip > 10.0.1.214.sip: SIP: SIP/2.0 200 OK
11:31:03.666490 PPPoE [ses 0x2900] IP 10.0.1.214.57134 > 100.90.1.1.domain: 49409+ A? tr069-1.s.digimobil.es. (40)
11:31:03.671366 PPPoE [ses 0x2900] IP 100.90.1.1.domain > 10.0.1.214.57134: 49409 1/0/0 A 188.26.208.7 (56)
11:31:03.691571 PPPoE [ses 0x2900] IP 10.0.1.214.54529 > static-188-26-208-7.digimobil.es.9191: Flags [S], seq 3140795027, win 29040, options [mss 1452,sackOK,TS val 4294942127 ecr 0,nop,wscale 5], length 0
11:31:03.696358 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.54529: Flags [S.], seq 3505044967, ack 3140795028, win 28960, options [mss 1460,sackOK,TS val 460359741 ecr 4294942127,nop,wscale 7], length 0
11:31:03.696905 PPPoE [ses 0x2900] IP 10.0.1.214.54529 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 1, win 908, options [nop,nop,TS val 4294942128 ecr 460359741], length 0
11:31:03.697225 PPPoE [ses 0x2900] IP 10.0.1.214.54529 > static-188-26-208-7.digimobil.es.9191: Flags [F.], seq 1, ack 1, win 908, options [nop,nop,TS val 4294942128 ecr 460359741], length 0
11:31:03.701848 PPPoE [ses 0x2900] IP 10.0.1.214.37931 > 100.90.1.1.domain: 44545+ A? tr069-stun-1.s.digimobil.es. (45)
11:31:03.702005 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.54529: Flags [F.], seq 1, ack 2, win 227, options [nop,nop,TS val 460359747 ecr 4294942128], length 0
11:31:03.702536 PPPoE [ses 0x2900] IP 10.0.1.214.54529 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 2, win 908, options [nop,nop,TS val 4294942128 ecr 460359747], length 0
11:31:03.706865 PPPoE [ses 0x2900] IP 100.90.1.1.domain > 10.0.1.214.37931: 44545 1/0/0 A 188.26.208.23 (61)
11:31:03.710860 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:03.722713 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [S], seq 169743802, win 29040, options [mss 1452,sackOK,TS val 4294942130 ecr 0,nop,wscale 5], length 0
11:31:03.727383 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [S.], seq 1042110377, ack 169743803, win 28960, options [mss 1460,sackOK,TS val 460359772 ecr 4294942130,nop,wscale 7], length 0
11:31:03.727910 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 1, win 908, options [nop,nop,TS val 4294942131 ecr 460359772], length 0
11:31:03.733424 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 1:240, ack 1, win 908, options [nop,nop,TS val 4294942131 ecr 460359772], length 239
11:31:03.738374 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 240, win 235, options [nop,nop,TS val 460359783 ecr 4294942131], length 0
11:31:03.739937 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], seq 1:1441, ack 240, win 235, options [nop,nop,TS val 460359785 ecr 4294942131], length 1440
11:31:03.739957 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 1441:2322, ack 240, win 235, options [nop,nop,TS val 460359785 ecr 4294942131], length 881
11:31:03.740499 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 1441, win 998, options [nop,nop,TS val 4294942132 ecr 460359785], length 0
11:31:03.740499 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 2322, win 1088, options [nop,nop,TS val 4294942132 ecr 460359785], length 0
11:31:03.801430 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 240:366, ack 2322, win 1088, options [nop,nop,TS val 4294942138 ecr 460359785], length 126
11:31:03.806738 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 2322:2564, ack 366, win 235, options [nop,nop,TS val 460359852 ecr 4294942138], length 242
11:31:03.807298 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 2564, win 1178, options [nop,nop,TS val 4294942139 ecr 460359852], length 0
11:31:03.845251 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:03.924852 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 366:577, ack 2564, win 1178, options [nop,nop,TS val 4294942150 ecr 460359852], length 211
11:31:03.925270 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], seq 577:2017, ack 2564, win 1178, options [nop,nop,TS val 4294942151 ecr 460359852], length 1440
11:31:03.925271 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 2017:3091, ack 2564, win 1178, options [nop,nop,TS val 4294942151 ecr 460359852], length 1074
11:31:03.929879 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 2017, win 266, options [nop,nop,TS val 460359975 ecr 4294942150], length 0
11:31:03.932394 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 2564:2959, ack 3091, win 289, options [nop,nop,TS val 460359977 ecr 4294942151], length 395
11:31:03.932913 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 2959, win 1268, options [nop,nop,TS val 4294942151 ecr 460359977], length 0
11:31:03.936417 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 3091:3623, ack 2959, win 1268, options [nop,nop,TS val 4294942152 ecr 460359977], length 532
11:31:03.936771 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], seq 3623:5063, ack 2959, win 1268, options [nop,nop,TS val 4294942152 ecr 460359977], length 1440
11:31:03.936771 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 5063:6137, ack 2959, win 1268, options [nop,nop,TS val 4294942152 ecr 460359977], length 1074
11:31:03.941375 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 6137, win 350, options [nop,nop,TS val 460359986 ecr 4294942152], length 0
11:31:04.043315 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 2959:3777, ack 6137, win 350, options [nop,nop,TS val 460360088 ecr 4294942152], length 818
11:31:04.055324 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:04.075085 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 3777, win 1358, options [nop,nop,TS val 4294942166 ecr 460360088], length 0
11:31:04.096239 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 6137:6689, ack 3777, win 1358, options [nop,nop,TS val 4294942168 ecr 460360088], length 552
11:31:04.107536 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], seq 3777:5217, ack 6689, win 373, options [nop,nop,TS val 460360153 ecr 4294942168], length 1440
11:31:04.107556 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 5217:5322, ack 6689, win 373, options [nop,nop,TS val 460360153 ecr 4294942168], length 105
11:31:04.108170 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 5217, win 1448, options [nop,nop,TS val 4294942169 ecr 460360153], length 0
11:31:04.108466 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 5322, win 1448, options [nop,nop,TS val 4294942169 ecr 460360153], length 0
11:31:04.164127 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 6689:7243, ack 5322, win 1448, options [nop,nop,TS val 4294942174 ecr 460360153], length 554
11:31:04.212481 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 7243, win 395, options [nop,nop,TS val 460360258 ecr 4294942174], length 0
11:31:04.262191 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 7243:7778, ack 5322, win 1448, options [nop,nop,TS val 4294942184 ecr 460360258], length 535
11:31:04.267171 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 7778, win 418, options [nop,nop,TS val 460360312 ecr 4294942184], length 0
11:31:04.269654 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [P.], seq 5322:5602, ack 7778, win 418, options [nop,nop,TS val 460360315 ecr 4294942184], length 280
11:31:04.270216 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 5602, win 1538, options [nop,nop,TS val 4294942185 ecr 460360315], length 0
11:31:04.270891 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [P.], seq 7778:7809, ack 5602, win 1538, options [nop,nop,TS val 4294942185 ecr 460360315], length 31
11:31:04.271182 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [F.], seq 7809, ack 5602, win 1538, options [nop,nop,TS val 4294942185 ecr 460360315], length 0
11:31:04.275695 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [F.], seq 5602, ack 7809, win 418, options [nop,nop,TS val 460360321 ecr 4294942185], length 0
11:31:04.276139 PPPoE [ses 0x2900] IP static-188-26-208-7.digimobil.es.9191 > 10.0.1.214.57841: Flags [.], ack 7810, win 418, options [nop,nop,TS val 460360321 ecr 4294942185], length 0
11:31:04.276264 PPPoE [ses 0x2900] IP 10.0.1.214.57841 > static-188-26-208-7.digimobil.es.9191: Flags [.], ack 5603, win 1538, options [nop,nop,TS val 4294942186 ecr 460360321], length 0
11:31:04.465288 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:05.276442 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:06.895284 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:08.515290 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
11:31:10.135308 PPPoE [ses 0x2900] IP 10.0.1.214.17767 > static-188-26-208-23.digimobil.es.3478: UDP, length 56
^C
779 packets captured
779 packets received by filter
0 packets dropped by kernel
Segundo paso: VLAN 11
Primer intento fallido
Al principio intenté asignar una red 192.168.254.0/24 sobre eth1 VLAN 11, con DHCP en una red 192.168.254.0/24. El router de Digi tomaba la dirección, pero el teléfono no registraba, a pesar de aparecer como «Conectado en la sección Internet -> Ethernet -> Estado de la conexión Ethernet»:
Capturando paquetes, vi que intentaba abrir un puerto a través de la NAT con STUN, pero no funcionaba (no llegaba a hacer REGISTER de SIP):
# Captura de eth0.20
10:46:36.365985 PPPoE [ses 0x6c0] IP 10.0.1.206.17767 > static-188-26-208-23.digimobil.es.stun: UDP, length 52
10:46:36.371044 PPPoE [ses 0x6c0] IP static-188-26-208-23.digimobil.es.stun > 10.0.1.206.17767: UDP, length 88
Mi solución es hacer un bridge entre un nuevo eth0 vif 11 y eth1 vif 11:
Bridge entre eth0.11 y eth1.11
Añadimos vif 11 a eth0 y eth1. No tienen dirección IP:
interfaces {
[...]
ethernet eth0 {
duplex auto
hw-id 00:e0:67:0b:7c:5a
offload {
gro
gso
sg
tso
}
speed auto
vif 11 {
description VoIP
}
vif 20 {
description "PPPoE link interface"
}
}
ethernet eth1 {
duplex auto
hw-id 00:e0:67:0b:7c:5b
offload {
gro
gso
sg
tso
}
speed auto
vif 11 {
}
}
Creamos un bridge br1 entre eth0.11 y eth1.11:
interfaces {
[...]
bridge br1 {
member {
interface eth0.11 {
}
interface eth1.11 {
}
}
}
El resultado en el router de Digi es éste:
Ya funcionaba el teléfono. Está conectado como si estuviese directamente cableado a la ONT, sin pasar por VyOS. Ha obtenido IP privada 10.X.X.X/29 a través del DHCP de Digi. ¡Mucho más fácil que mi primer intento fallido! Veamos una captura:
# Captura de eth1.11
12:10:56.526363 IP 10.30.5.69.sip > 10.237.XXX.XXX.sip: SIP: INVITE sip:+349XXXXXXXX@10.237.XXX.XXX:5060 SIP/2.0
12:10:56.531020 IP 10.237.XXX.XXX.sip > 10.30.5.69.sip: SIP: SIP/2.0 100 Trying
12:10:56.537854 IP 10.237.XXX.XXX.sip > 10.30.5.69.sip: SIP: SIP/2.0 180 Ringing
12:10:56.551179 IP 10.30.5.69.sip > 10.237.XXX.XXX.sip: SIP: PRACK sip:+349XXXXXXXX@10.237.XXX.XXX:5060 SIP/2.0
12:10:56.553552 IP 10.237.XXX.XXX.sip > 10.30.5.69.sip: SIP: SIP/2.0 200 OK
12:10:57.569614 ARP, Request who-has 10.237.145.135 tell 10.237.144.1, length 42
12:10:57.602826 IP 10.237.XXX.XXX.sip > 10.30.5.69.sip: SIP: SIP/2.0 200 OK
12:10:57.618991 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.638922 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.658929 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.678909 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.698920 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.715193 IP 10.30.5.69.sip > 10.237.XXX.XXX.sip: SIP: ACK sip:+349XXXXXXXX@10.237.XXX.XXX:5060 SIP/2.0
12:10:57.718950 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.728368 IP 10.30.5.69.25737 > 10.237.XXX.XXX.pxc-splr-ft: UDP, length 64
12:10:57.738936 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.758980 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.778952 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.798933 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
12:10:57.818912 IP 10.237.XXX.XXX.pxc-spvr-ft > 10.30.5.69.25736: UDP, length 32
Nótese que, al contrario que la captura anterior, no se está utilizando PPPoE. PPPoE sólo se emplea en eth0.20 -> pppoe0.
Curiosidades: reseteo a fábrica
Si reseteamos el router de Digi a fábrica, habrá que conectarlo temporalmente a la ONT porque no todavía tiene los datos de autenticación de PPPoE, primero intenta conectar con usuario digiuser@digi y contraseña 123456:
10:29:22.892754 PPPoE [ses 0x680] PAP, Auth-Req (0x01), id 1, Peer digiuser@digi, Name 123456
10:29:22.893028 PPPoE [ses 0x680] PAP, Auth-NACK (0x03), id 1, Msg Authentication failed
En esta fase de «provisionamiento» utiliza IEEE-1905.1 «AP autoconfiguration search»
¿Unificar red de VyOS con la del router de Digi?
Probé a conectar un cable del bridge de VyOS a la LAN del router de Digi para tener una red común entre ambos, cambiando antes la IP y desactivando DHCP en el router de Digi. Desafortunadamente, se desconectaba el teléfono. Desconozco por qué. Ahora mismo los tengo ambos en 192.168.1.0/24, pero son redes distintas. Por cierto, no me bastó con dejar la IP original 192.168.1.1 y reactivar DHCP, tuve que resetear el router de Digi y conectarlo temporalmente a la ONT para que volviese a conectar con VyOS.