ARP seems to get lost to cable modem

I have an Archer C7 v2 together with a cable modem and LEDE 17.01.4
The internet access works without issues over the DHCP wan connection.

I want to access the web interface of the modem on it's 192.168.100.1 IP and created a "modem" interface on the eth0 wan with an IP in the modem range (192.168.100.2) .
I've also added the "modem" interface to the WAN firewall zone.

Accessing the web interface of the modem doesn't work !
On the web interface of the modem I can see that arp seems to get lost. It shows the router IP 192.168.100.2 with INCOMPLETE status and a zero mac address.

The funny thing is that it starts to work if I change my LAN address of my router to 10.168.0.1/24 instead of 192.168.0.1/24

The arp table on the modem shows now the mac address of the router and I can access the web interface over the router. It still works for some time when I switch back my LAN address to 192.168.0.1 which could be due to caching the arp.

config interface 'lan'
        option type 'bridge'
        option ifname 'eth1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.0.1'

config interface 'wan'
        option ifname 'eth0'
        option proto 'dhcp'

config interface 'modem'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.100.2'
        option netmask '255.255.255.0'

/etc/config/firewall
  config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'modem wan wan6'

How can i debug this and find the reason why the ARP response from the route to the modem gets lost ?

Hi,

You do not need an interface configured for the modem.

If you remove the "modem" interface and keep the remainder of your settings, WAN should acquire an IP address in the modem's subnet via DHCP and you should be able to access http://192.168.100.1 from your computer no problem.

As is, the traffic gets lost because your router doesn't know which default gateway to send traffic in the 192.168.100.x network, or is configured to send it to an IP that doesn't forward to your modem.

LP,
Jure

WAN acquires my Internet IP and a gateway from my Provider if the Modem is Online via DHCP.
Without additional Interface the router would send the request to the Modem with a source IP of the Internet IP it got. The modem should drop that request due to a subnet mask.

Here is the current routing table

root@Archer-C7:~# ip route show
default via 5.xxx.xxx.1 dev eth0  src 5.xxx.xxx.63
5.xxx.xxx.0/22 dev eth0  src 5.xxx.xxx.63
5.xxx.xxx.1 dev eth0  src 5.xxx.xxx.63
10.20.30.0/24 via 10.20.30.2 dev tun0
10.20.30.2 dev tun0  src 10.20.30.1
192.168.0.0/24 dev br-lan  src 192.168.0.1
192.168.100.0/24 dev eth0  src 192.168.100.2

I'd try tcpdump looking for the pings (match ICMP type) myself. The "mini" package should be sufficient

My guess is that it is firewall rules.