A raspberry pi under OpenWRT (ROOter), eth0 connected to the WAN port of my Edgerouter (Router, 192.168.1.1)
An USB-LAN adapter installed on the Pi, eth1 with an IP on a different subnet as eth0. It's currently the management interface that allows me to access OpenWRT.
An M.2 LTE modem connected to the Pi, wwan0
What I want, is that Openwrt bridges the internet connection, in other words, that the Edgerouter on the other end gets the public internet IP.
Now, when I bridge eth0 and wwan0, but let the DHCP server on, on the LAN (eth0) interface, I have internet connectivity. The Edgerouter, of course gets a private IP address (192.168.3.1).
But when I turn the DHCP server off on LAN (eth0) interface, I loose the internet connectivity. The router doesn't get an IP, and more curiously, the LTE modem looses it's internet connectivity too.
So, what's wrong with the configuration??? I thought that if I disable the DHCP server, OpenWRT would bridge the internet connection. But it's not.
What have I done wrong?
When I bridge eth0 and wwan0, should I set it up on the eth0 interface configuration page, on the wwan0 configuration page, or both???
Make a new network bridge with proto unmanaged. The modem will only issue one public IP, so you don't want OpenWrt to take it. The unmanaged bridge does not have an IP address. It will pass the Edgerouter's DHCP request through to the modem.
If OpenWrt needs to access the Internet it has to do it the same as everyone else, NAT through the Edgerouter and then to the modem.
As an advanced topic, you could use VLANs at both ends to link WAN in and LAN out with one port and cable.
The modem and eth port must be only in that bridge. Then the other router will use it as its WAN. The Pi cannot be directly connected to the Internet, when you get to that point in the setup, it has to loop through the other router.
By convention, use only lowercase in interface names. (Luci shows them in all caps, which is confusing.)
This usually won't work. The wwan0 interface is not an ethernet interface, even if it might appear like one in some cases. That's an illusion created by the modem firmware and/or driver. But the illusion is not perfect and does not necessarily support clients with a mac address different from the fake wwan0 one.
Minipcie slots have USB 2.0 data lanes too, usually used by the modem cards.
I don't think this changes with M.2 (NGFF) modems either, as there is USB 2.0 and USB 3.0 mode in that interface, again usually used by the modems.
No, it's because the mobile network connection is on layer 3. If you want to see it as a layer 2 interface, then you have ot fake that. Which is what many modems and/or drivers do.
You need more than just a route. You need default routing in both directions, which means that you need rules based on ingress interface.
DHCP is of course optional. But it makes the setup more convenient by automatically forwarding the IP configuration from the modem to the client. This assumes that you create the necessary modem connection scripts to make a DHCP configuration every time the modem changes its address
I tried this on OpenWrt but was not able to get it to work. My config below. Any advice?
config interface 'wan'
option ifname 'eth1'
option proto 'static'
option ipaddr '0.0.0.0'
option netmask '0.0.0.0'
option gateway '10.68.168.226' # IP address given by the MNO
option dns '10.5.133.45 10.4.27.70' # DNS given by the MNO
Result: When I hook up a client device no DHCP is given to the client because the modem has already taken it - I get an error "this IP is already being used by another device".
I don't know how to configure it using uci, but setting up something similar to this should work (I just tried tried it right now):
root@OpenWrt:~# ip link add link eth0 name eth0.9 type vlan id 9
root@OpenWrt:~# brctl addbr br-foo
root@OpenWrt:~# brctl addif br-foo eth0.9
root@OpenWrt:~# ip link set eth0.9 up
root@OpenWrt:~# ip link set br-foo up
root@OpenWrt:~# swconfig dev switch0 vlan 9 set ports '4t 5t'
root@OpenWrt:~# swconfig dev switch0 set apply 1
root@OpenWrt:~# mmcli -m 0 --simple-connect=apn=telenor.smart,ip-type=ipv4v6
root@OpenWrt:~# mmcli -b 1
--------------------------------
General | dbus path: /org/freedesktop/ModemManager1/Bearer/1
| type: default
--------------------------------
Status | connected: yes
| suspended: no
| interface: wwan0
| ip timeout: 20
--------------------------------
Properties | apn: telenor.smart
| roaming: allowed
| ip type: ipv4v6
--------------------------------
IPv4 configuration | method: static
| address: 10.195.138.65
| prefix: 30
| gateway: 10.195.138.66
| dns: 193.213.112.4, 130.67.15.198
| mtu: 1500
--------------------------------
IPv6 configuration | method: static
| address: 2a02:2121:28a:b893:bc8e:ed5d:115c:426a
| prefix: 64
| gateway: 2a02:2121:28a:b893:3cd1:8fe3:11c0:ef4c
| dns: 2001:4600:4:fff::52, 2001:4600:4:1fff::52
| mtu: 1540
root@OpenWrt:~# ip link set wwan0 up
root@OpenWrt:~# ip route add 10.195.138.64/30 dev br-foo
root@OpenWrt:~# ip route add 2a02:2121:28a:b893::/64 dev br-foo
root@OpenWrt:~# ip route add default dev wwan0 table 9
root@OpenWrt:~# ip -6 route add default dev wwan0 table 9
root@OpenWrt:~# ip rule add iif br-foo lookup 9 pref 10000
root@OpenWrt:~# ip -6 rule add iif br-foo lookup 9 pref 10000
root@OpenWrt:~# sysctl net.ipv4.conf.br-foo.proxy_arp=1
root@OpenWrt:~# sysctl net.ipv4.conf.br-foo.proxy_arp_pvlan=1
root@OpenWrt:~# iptables -I FORWARD -i br-foo -j ACCEPT
root@OpenWrt:~# iptables -I FORWARD -i wwan0 -j ACCEPT
root@OpenWrt:~# iptables -t nat -I POSTROUTING -o wwan0 -j ACCEPT
Note that you obviously should have saner firewall rules. And that this is missing the dhcp server config. Which really should be trivial, except that there doesn't seem to be a way to use dnsmasq for this since it makes too many assumptions. And you can of course don't have to configure vlan 9 for your inside interface. That was just for my test. The inside interface could be anything. But it will only support one IPv4 client.
I also found a solution on a German forum from someone who actually modified dnsmaq (actually dhcp.c file), in order to make the bridge work (I don't really know how).
I see. So if I understand your idea from earlier, and please correct me if I am wrong, the strategy to get this "pseudo bridging" to work is to create a new bridge which will be able to address non-local hosts (I presume because it will be using the regular Linux networking driver then it is capable of doing proxy_arp), and that this new bridge interface will have the route to the network held by the wwan0 interface.
I am trying to do it just using eth1 for simplification in a proof of concept. I set a default route via wwan0 (which appears to be connected according to ModemManager). but I am unable to get any packets out to any non-local network at all, so I am feeling very confused at the moment.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 wwan0
120.157.29.40 0.0.0.0 255.255.255.252 U 0 0 0 eth1
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
root@OpenWrt:~# ip -c route
default dev wwan0 scope link
120.157.29.40/30 dev eth1 scope link
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
root@OpenWrt:~# mmcli -b 0
------------------------------------
General | dbus path: /org/freedesktop/ModemManager1/Bearer/0
| type: default
------------------------------------
Status | connected: yes
| suspended: no
| interface: wwan0
| ip timeout: 20
------------------------------------
Properties | apn: telstra.extranet
| roaming: allowed
------------------------------------
IPv4 configuration | method: static
| address: 120.157.29.41
| prefix: 30
| gateway: 120.157.29.42
| dns: 10.4.149.70, 10.4.130.164
| mtu: 1500
------------------------------------
Statistics | duration: 2070
| bytes rx: 7807
| bytes tx: 1440
| attempts: 1
| total-duration: 2070
| total-bytes rx: 7807
| total-bytes tx: 1440
