The Synology model used here is DS418Play. According to actual measurements, the network speed in PPPoE NET4 mode can only reach 100Mbps ~ 300Mbps, so I would like to explain it here.Soft routing also requires performance!Never become like the authorclown.
Network equipment structure diagram
The following are network device structure diagrams before and after using soft routing.
graph TD
LT{{联通 1Gbps}} -- 1Gbps --- C[路由器]
DX{{电信 300Mbps}} -- 1Gbps --- A[路由器]
YD{{移动 4G}} -- 4G --- B[路由器]
A[路由器] -- 100Mbps --- B[路由器]
B[路由器] -- WiFi --- WiFiA([WiFi 2.4Ghz])
A[路由器] -- 1Gbps --- C[路由器]
B[路由器] -- 100Mbps --- C[路由器]
C[路由器] -- 1Gbps --- 主电脑
C[路由器] -- 1Gbps --- 交换机
交换机 -- 1Gbps --- 群晖
群晖 -- 1Gbps --- 主电脑
交换机 -- 100Mbps --- 花生壳
交换机 -- 1Gbps --- 电脑A
交换机 -- 1Gbps --- 电脑B
交换机 -- 100Mbps --- D[路由器]
D[路由器] -- 100Mbps --- E[路由器]
D[路由器] -- WiFi --- WiFiB([WiFi 2.4Ghz])
E[路由器] -- WiFi --- WiFiC([WiFi 2.4Ghz/5GHz])
subgraph 接入
LT{{联通 1Gbps}}
DX{{电信 300Mbps}}
YD{{移动 4G}}
end
subgraph 机房
A[路由器]
B[路由器]
C[路由器]
群晖
主电脑
交换机
花生壳
end
subgraph 客厅
电脑A
电脑B
D[路由器]
E[路由器]
end
subgraph AP
WiFiA([WiFi 2.4Ghz])
WiFiB([WiFi 2.4Ghz])
WiFiC([WiFi 2.4Ghz/5GHz])
end
graph TD
LT{{联通 1Gbps}} -- 1Gbps --- A[交换机]
DX{{电信 300Mbps}} -- 1Gbps --- A[交换机]
YD{{移动 4G}} -- 4G --- B[路由器]
B[路由器] -- 100Mbps --- A[交换机]
A[交换机] -- 1Gbps --- C[交换机]
A[交换机] -- 1Gbps --- D[路由器]
C[交换机] -- 1Gbps --- E[路由器]
D[路由器] -- WiFi --- WiFiB([WiFi 2.4Ghz])
E[路由器] -- WiFi --- WiFiC([WiFi 2.4Ghz/5GHz])
C[交换机] -- 1Gbps --- 电脑A
C[交换机] -- 1Gbps --- 电脑B
A[交换机] -- 100Mbps --- 花生壳
A[交换机] -- 1Gbps --- 主电脑
A[交换机] -- 1Gbps --- 主电脑
A[交换机] -- 1Gbps --- 群晖
A[交换机] -- 1Gbps --- 群晖
subgraph 接入
LT{{联通 1Gbps}}
DX{{电信 300Mbps}}
YD{{移动 4G}}
end
subgraph 机房
A[交换机]
B[路由器]
D[路由器]
群晖
主电脑
花生壳
end
subgraph 客厅
C[交换机]
电脑A
电脑B
E[路由器]
end
subgraph AP
WiFiB([WiFi 2.4Ghz])
WiFiC([WiFi 2.4Ghz/5GHz])
end
Basic principles of single-arm soft routing
The author has very little understanding of the network structure, and there may be conceptual errors in the following principles.
A router is a device that connects two or more networks. The following takes a 1 WAN 3 LAN router as an example.
graph TD
A[WAN] --- 路由器
路由器 --- B[LAN]
路由器 --- C[LAN]
路由器 --- D[LAN]
The router belongs to two networks at the same time, namely the wide area network of the WAN port and the local area network of the LAN port. The router can access both networks, and at the same time, the two networks are isolated from each other and do not affect each other. In the single-arm soft routing solution, the core is a switch, and the soft routing is connected to the switch through a single network cable.
graph TD
A[WAN] --- 交换机
B[LAN] --- 交换机
C[LAN] --- 交换机
D[LAN] --- 交换机
交换机 --- 软路由By default, the devices connected to the same switch belong to the same network, and the data of WAN and LAN will affect each other, so two virtual networks must be divided through VLAN, corresponding to the WAN port of the WAN port and the LAN port of the LAN port, so that you can Isolate the two networks and allow soft routes to access them.Why do the router's WAN and LAN need to be isolated?
graph TD
A[WAN] --- AP[网口] --- AS[交换机 VLAN-A]
B[LAN] --- BP[网口] --- BS[交换机 VLAN-B]
C[LAN] --- CP[网口] --- BS[交换机 VLAN-B]
D[LAN] --- DP[网口] --- BS[交换机 VLAN-B]
AS[交换机 VLAN-A] --- SP[网口]
BS[交换机 VLAN-B] --- SP[网口]
SP[网口] -.- RP[网口]
RP[网口] --- AVS[虚拟交换机 VLAN-A]
RP[网口] --- BVS[虚拟交换机 VLAN-B]
AVS[虚拟交换机 VLAN-A] --- AVP[虚拟网口] --- 软路由系统
BVS[虚拟交换机 VLAN-B] --- BVP[虚拟网口] --- 软路由系统
subgraph 交换机
AP[网口]
BP[网口]
CP[网口]
DP[网口]
AS[交换机 VLAN-A]
BS[交换机 VLAN-B]
SP[网口]
end
subgraph 宿主机
RP[网口]
AVS[虚拟交换机 VLAN-A]
BVS[虚拟交换机 VLAN-B]
subgraph 软路由虚拟机
AVP[虚拟网口]
BVP[虚拟网口]
软路由系统
end
endAs shown in the figure, VLAN can divide a switch into multiple switches. The network cables represented by the dotted lines transmit data of different VLANs at the same time. Then by setting VLANs on the physical switch and the host virtual switch respectively, the soft routing system can be implemented for WAN and LAN access is available.
Configure single-arm soft routing
In this case, my requirement is to implement a 3 WAN - multi-LAN routing system on one arm.
Among them, Synology DS418Play is used as the soft routing core and is implemented with the 16-port switch TL-SG2016K.
Note that a network managed switch with VLAN function is required here.
graph TD
WAN1 --- AP[网口 16] --- AS[VLAN 16]
WAN2 --- BP[网口 15] --- BS[VLAN 15]
WAN3 --- CP[网口 14] --- CS[VLAN 14]
LANs --- DP[网口 1-13] --- DS[VLAN 1]
AS[VLAN 16] --- EP[网口 1]
BS[VLAN 15] --- EP[网口 1]
CS[VLAN 14] --- EP[网口 1]
DS[VLAN 1] --- EP[网口 1]
AS[VLAN 16] --- FP[网口 2]
BS[VLAN 15] --- FP[网口 2]
CS[VLAN 14] --- FP[网口 2]
DS[VLAN 1] --- FP[网口 2]
EP[网口 1] -.- NP[网口 1]
FP[网口 2] -.- MP[网口 2]
NP[网口 1] --- DVS[虚拟交换机 VLAN 1]
MP[网口 2] --- AVS[虚拟交换机 VLAN 16]
MP[网口 2] --- BVS[虚拟交换机 VLAN 15]
MP[网口 2] --- CVS[虚拟交换机 VLAN 14]
AVS[虚拟交换机 VLAN 16] --- AVP[虚拟网口 WAN1] --- 软路由系统
BVS[虚拟交换机 VLAN 15] --- BVP[虚拟网口 WAN2] --- 软路由系统
CVS[虚拟交换机 VLAN 14] --- CVP[虚拟网口 WAN3] --- 软路由系统
DVS[虚拟交换机 VLAN 1] --- DVP[虚拟网口 LANs] --- 软路由系统
NP[网口 1] --- Host
MP[网口 2] --- Host
subgraph 交换机 TL-SG2016K
AP[网口 16]
BP[网口 15]
CP[网口 14]
DP[网口 1-13]
AS[VLAN 16]
BS[VLAN 15]
CS[VLAN 14]
DS[VLAN 1]
EP[网口 1]
FP[网口 2]
end
subgraph 群晖 DS418Play
Host
NP[网口 1]
MP[网口 2]
AVS[虚拟交换机 VLAN 16]
BVS[虚拟交换机 VLAN 15]
CVS[虚拟交换机 VLAN 14]
DVS[虚拟交换机 VLAN 1]
subgraph 软路由虚拟机 iKuai
AVP[虚拟网口 WAN1]
BVP[虚拟网口 WAN2]
CVP[虚拟网口 WAN3]
DVP[虚拟网口 LANs]
软路由系统
end
endThe basic idea is as shown in the figure above. Because DS418Play has a dual network port configuration, I initially thought about link aggregation to get faster speeds, but gave up when I found that the switch did not support dynamic link aggregation.Everyone must be optimistic about the configuration when buying something.
First, you need to set the VLAN of the switch, connect the computer to the switch, and be sure to connect it to the interface that will belong to VLAN 1 in the future (such as ports 1-13 in this example), because the switch may only allow devices connected to VLAN 1 to log in to the switch. If other interfaces are connected, the connection may be disconnected halfway through the settings, causing unnecessary trouble. As shown in the figure, the default management VLAN is 1.
Then go to the 802.1Q VLAN configuration page. This page is used to configure the VLAN division of different ports and port types. The port types are divided into Untagged and Tagged. Our computers and routers generally send Untagged data without special settings, that is, data without VLAN tags, so the interfaces connected to the computer and WAN must be set to Untagged. As a soft router, Synology needs to know which VLAN the data belongs to, so it needs to set the port to Tagged. Just divide each WAN and all LAN ports into different VLANs as needed and set the port type.
Finally, go to the 802.1Q VLAN PVID configuration page. PVID is used to identify the untagged data received by the port. When the port receives untagged data, the switch will label the data with the VLAN tag corresponding to the PVID of the port, mainly for Untagged port. Just set each port to the VLAN it belongs to as required.
At this point, the VLAN setting of the switch is completed. Connect the network cable connecting the WAN and Synology to set up the Synology virtual machine. Download first iKuai firmware IMG hard disk image version, if the reserved memory is less than 4GB, it is recommended to download the 32-bit version, and import it into Synology VMM after the download is completed.
Then configure the VMM virtual switch, paying attention to setting the VLAN ID of each switch to correspond to the physical switch.
Finally, import the virtual machine from the hard disk image.
Set the CPU RAM, etc. It is recommended that the RAM be at least 1G and set the virtual machine priority to high.
When setting up the hard disk, select the hard disk image file you just imported.
Setting up the network actually means setting up the virtual network card. Pay attention to the order of settings, which will correspond to that in iKuai later.
Set automatic startup. It is recommended to set automatic startup to Yes to prevent Synology from experiencing problems such as network paralysis and loss of connection after restarting due to failures.
Start the virtual machine and enter it. Bind the four network cards through the command line menu. Note that the order corresponds to the virtual network card just set.
The following is to enter iKuai's Web management interface to configure soft routing. By default, iKuai does not enable DHCP, so after connecting the computer to the LAN port of the switch, manually configure a static IP (192.168.1.X) before logging in to iKuai. After logging in to iKuai, configure the DHCP server first, as shown in the figure.
This will allow you to change your computer's static IP back to a dynamic IP. In particular, when configuring the network settings of the Synology host, enable VLAN support.
Finally, configure the WAN port PPPoE dial-up and other Internet settings are completed!