I'm currently running OpenWRT v19.07.2 on a Linksys WRT3200ACM. I am having a problem getting my HP Officejet Pro 9015 to work consistently on the network. As far as I can tell, something is blocking AirPrint/Bonjour from working properly.
My network setup is very basic, no vlans, no vpns, single /24 network. Nothing unusual other than having SQM/QoS enabled and using pihole for my kids devices.
The problem I have is that AirPrint/Bonjour only works for a short period of time after I reboot the router. The printer is discoverable by my wife's iPhone and my MacBook for 15-60 minutes after I reboot the router. After some period if time, it disappears and I can no longer discover the printer until the next reboot.
I've worked through the wiki documentation and it didn't resolve the issue. I have IGMP snooping disabled on all the interfaces and avahi daemon installed. If I query the network for bonjour services I will see all the services (e.g. ssh) being offered by the OpenWRT router but I won't see the printer.
I need to get this fixed, this is starting to cause some marital tension
No. I can still connect to the printer on my Mac if I go direct to it's IP address. The iPhones on the other hand don't give you the option to do that, they have to find it via Bonjour.
This can be complicated as some printers offer wireless via infrastructure and ad hoc. If you see 2 printer addresses with a scan, usually one is ad hoc and the other infrastructure. DHCP renewal may also be a problem. Things to try:
Ensure the printer always get the same IP address either by static IP or MAC address reservation.
Increase lease time (not needed with static IP's)
NIC, if printer supports, instead of wireless connection.
I already assigned the printer a static IP address based on the MAC address. DHCP leases are set to 24 hours.
Also, if I disable the OpenWRT network and switch everything over to the Wifi device provided by AT&T everything works fine. This only happens on the OpenWRT network.
Do you have both devices running simultaneously?
How is the printer connected to your network -- wired or wireless? And to the AT&T router or the OpenWrt box?
How about the computers/mobile devices that you are trying to print from? How are they connected and to which router?
No I do not have both networks running simultaneously. I temporarily enabled the AT&T wifi and disabled the OpenWRT router to prove it was an issue with the network, not the printer.
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
I want to be clear as I know everybody is trying to help, but we are going down a path of questions that I've already worked through. I'm the person responsible for managing the network infrastructure of my company. I have a pretty solid foundation to build upon.
Everything is on the same wifi network. I can connect to the printer via ip address from every device. I can access it's administrative UI. I can print from it as long as the device allows me to specify the printer via IP 100% of the time.
I've run tcpdump while using Bonjour to search for network services. I can see the requests going out but I do not get responses from the printer (only from the router).
It seems as if the router is not relaying or is actively blocking bonjour packets however I cannot find anything in my traffic rules or network settings that would obviously impact this and I'm unsure how to further debug what OpenWRT is doing. I have found nothing useful in the logs either.
root@WRT3200ACM:/etc/config# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
option start '20'
option limit '180'
option ra_management '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option mac '00:26:AB:BB:69:C9'
option ip '10.10.1.15'
config host
option mac '8C:89:A5:32:E9:FC'
option ip '10.10.1.2'
config host
option mac '00:15:5d:00:0a:00'
option ip '10.10.1.3'
config host
option mac 'E8:B2:AC:C4:8A:90'
option ip '10.10.1.200'
config host
option mac '34:7C:25:48:5D:8B'
option ip '10.10.1.201'
config host
option dns '1'
option mac 'AC:CF:85:28:ED:BA'
option ip '10.10.1.203'
option name 'Nexus6P'
config host
option mac 'A4:D1:D2:6B:1C:A8'
option ip '10.10.1.202'
config host
option name 'roku'
option dns '1'
option mac 'C8:3A:6B:97:46:83'
option ip '10.10.1.204'
config host
option mac '88:E9:FE:84:99:11'
option name 'YogSothoth'
option ip '10.10.1.6'
config host
option mac 'E0:33:8E:B8:F8:14'
option name 'rosephone'
option dns '1'
option ip '10.10.1.7'
config domain
option name 'grafana.CENSORED.me'
option ip '10.10.1.3'
config domain
option name 'piholestrict.CENSORED.me'
option ip '10.10.1.4'
config domain
option name 'piholeopen.CENSORED.me'
option ip '10.10.1.5'
config host
option mac '3C:28:6D:21:B4:9D'
option name 'pixel3'
option dns '1'
option ip '10.10.1.8'
config host
option mac '48:D6:D5:05:F8:06'
option name 'chromecast'
option dns '1'
option ip '10.10.1.9'
config host
option mac 'b8:27:eb:af:18:c6'
option name 'raspberrypi'
option dns '1'
option ip '10.10.1.10'
config host
option mac '18:A6:F7:F6:33:1D'
option name 'repeater'
option dns '1'
option ip '10.10.1.11'
config host
option mac '1A:A6:F7:AF:18:C6'
option name 'raspberrypiext'
option dns '1'
option ip '10.10.1.12'
config host
option mac 'B8:27:EB:A9:57:BB'
option name 'pizero'
option dns '1'
option ip '10.10.1.13'
config host
option mac '1A:A6:F7:A9:57:BB'
option name 'pizeroext'
option dns '1'
option ip '10.10.1.14'
config host
option mac '38:22:E2:9C:71:DB'
option dns '1'
option ip '10.10.1.17'
option name 'hp.local'
Firewall configuration:
root@WRT3200ACM:/etc/config# cat /etc/config/firewall
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
option enabled '0'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
option enabled '0'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option enabled '0'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
option enabled '0'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config include
option path '/etc/firewall.user'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp'
option src_dport '22'
option dest_ip '10.10.1.3'
option dest_port '22'
option name '22'
config redirect
option target 'DNAT'
option src 'wan'
option dest 'lan'
option proto 'tcp'
option src_dport '443'
option dest_ip '10.10.1.3'
option dest_port '443'
option name '443'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
option family 'any'
option reload '1'
Does the printer remain active on the network in general (i.e. can you access it directly via IP, either for printing or for accessing the administration page)?
Yes the printer remains active. Right now I can print, scan, copy, and otherwise access it via the HTTP UI but cannot get any response when I send out a Bonjour query. If I reboot the OpenWRT router I will be able to discover it, for a couple minutes anyway, using Bonjour.
I asked because some of these printers drop off the network entirely for various reasons, including sometimes the wifi password having special characters.
Does the printer have an ethernet port and can you connect it directly (at least for testing purposes)?
Yes I can connect it but I'll have to move things around (printer and router are on different floors of the house). I can't do that right now but I'll try to find some time.
I hear what you are saying but I very much doubt the problem is the printer. I do not have these issues when I remove OpenWRT from the equation.
I also have an older Epson Workforce 845 printer that had the same problem. I moved it over to my mother-in-law's house where she has another AT&T router and Wifi network setup using that AT&T router and there are zero issues using the printer in her house.
I find it unlikely that two quality printers from different manufacturers would have the same issue if the printer was the source of the problem.
Some printers have very narrow parameters for WiFi to function properly. There are several threads over on the unifi forums where people had printers suddenly not working properly due to a change in the WiFi infrastructure or even just special characters in the password. I fought this battle with my dad’s system when i upgrades his network, too - a printer that had worked via WiFi for years suddenly had difficulty staying online. And forget about firmware updates for these printers - they are often unsupported just a short time after they are released
