The router connects to an FWA link (Fixed Wireless Access, what other country calls WISP-> Wireless Internet Service Provider) then it shares this link on the LAN side using NAT+DHCP on my local lan
(It was a 'not so easy' config : WPA2 Enterprise with WPA2 802.1X + certificate + PEAP Username & Password Credential)
My request is simple :
I need to close the WAN WiFi connection after 5 (or a custom value) minutes no traffic goes outside (a features some older ADSL modem/router calls "disconnect on timeout"); of course, I need that the router reconnects asap to WAN/Internet as soon as some DHCP Client tries to talk to an external IP address.
Even if you disconnect all clients, there's still traffic from the router itself which might be difficult to control, such as ARP, NDP, DHCP, DNS, NTP, etc.
I suppose that, from the router point of view, I can trigger
local service (DHCP lease time, DNS, NTP) to be sure that
the connection will not be kept up forever ...
Viceversa I can disable non-essential services (keeping only DHCP server on LAN side and DHCP client on WAN side) removing DNS and NTP ...
I don't know ARP and NDP but, again, I suppose that we can stop broadcast packets directed to the WAN interface
For PPPoE there is the "inactivity timeout" option, but I understand that this is not the case in your setup.
You could tweak how often the ntp will refresh, however the dhcp lease is controlled by the provider and your router will renew the lease every half lease time.
Not really, since there is a default gateway reachable over the wan interface, it will have to keep sending arp/ndp to keep it updated.
What is the reason behind this need though? I mean what will happen if you disconnect the wan after 5 minutes?
What is the reason behind this need though? I mean what will happen if you disconnect the wan after 5 minutes?
My WISP seems to disconnect/unauthenticate my link if unused, so I've to restart the router or the connection (disable/enable via /etc/init.d/network restart) to force link UP...
I can manage this without too much effort but my family not!
I can use this connection without any issue via Smartphone/Tablet/Notebook (double-boot Ubuntu 20.10 and Windows 10 20H2) but, of course, I can't share the link with my LAN (I don't want to use my notebook as a network bridge between the wifi and ethernet port)
WiFi seems to get disconnected and reconnected (or only re-authenticated) as soon as traffic doesn't pass through ...
Another option may be to monitor (with a continuous ping ?) the first hop and then when check /ping fails, restart the network interface.
#Check WAN connectivity
TRIES="0"
while [ "${TRIES}" -lt 5 ]
do
if ping -c 1 -w 3 "${NET_GW}" &> /dev/null
then exit 0
else let TRIES++
fi
done
#Restart network
/etc/init.d/network stop #hub-ctrl -h 0 -P 1 -p 0 # commented, originally used to disconnect the USB port used for tethering
sleep 1 #hub-ctrl -h 0 -P 1 -p 1 # commented, after 1 second reconnect the USB port ...
/etc/init.d/network start
EOF
GUI config web page @ http://[router-ip]/cgi-bin/luci/admin/services/watchcat
or vi /etc/config/system
config watchcat
option mode 'ping'
option forcedelay '30' # after 30sec, if soft-reboot doesn't works then hard-reboot
option period '15' # if no ping for 15 seconds then reboot
option pinghosts '192.168.64.1' # host to ping to check wan connection, it's my first hoop, multiple hosts allowed!
option pingperiod '1m' # ping check remote $pinghosts every 1 min
@vgaetera How can I monitor/log how many times watchcat triggers a reboot?
I saw that the package install this stuff: opkg files watchcat
Package watchcat (1-7) is installed on root and has the following files:
/etc/uci-defaults/50-watchcat
/lib/upgrade/keep.d/watchcat
/usr/bin/watchcat.sh
/etc/init.d/watchcat
and inside the check script /usr/bin/watchcat.sh, raw 62, there is some logging on ping lost:
logger -p daemon.info -t "watchcat[$$]" "no internet connectivity for $time_diff seconds. Reseting when reaching $period"
Change pinghost to 8.8.8.8 but nothing changed...
During connection loss, I can't ping the remote host (8.8.8.8) from both my notebook and an ssh terminal session on my ArcherC7 router
I think that watchcat isn't active, looking at crontab or at active process I can't find the monitoring process.
How did you understand that? The copyright year doesn't mean anything. What is the output of opkg find watchcat ?
Also change pingperiod 60 and period 300
I suppose this 'cause watchdog.sh files are quite different... (the master one has a reference to a 2020 copyright author)
Changed timeout to a longer one as suggested (check every 300seconds -> 5minutes, connection is lost if after 60 seconds there're no ping reply)
I've also executed some command:
root@ArcherC7:~# /etc/init.d/watchcat enable
root@ArcherC7:~# /etc/init.d/watchcat start
root@ArcherC7:~# /etc/init.d/watchcat status
Syntax: /etc/init.d/watchcat [command]
Available commands:
start Start the service
stop Stop the service
restart Restart the service
reload Reload configuration files (or restart if service does not implement reload)
enable Enable service autostart
disable Disable service autostart
It's vice versa, check every 60 seconds, reboot if there is no reply for 5 minutes.
Connect to the device and check the pings with tcpdump -i wlan0 icmp and host 8.8.8.8
Disconnect the access point and wait until you have five missed pings.
Let us know if the device doesn't reboot for further troubleshooting.