Cannot access LuCI interface | OpenWrt Docker Install (on Pi)

haradiscovery · August 30, 2022, 3:40pm

Hi all, I am new to OpenWrt, networking and Docker in general but I decided to give a shot at installing OpenWrt on Portainer. I mostly followed this tutorial https://youtu.be/o_mPt7pWRes, however after I try access the interface on http://192.168.1.65 (IP) the browser cannot load the page. If anyone has time to try recreate the error, you can follow the video above.

Here are the steps I took to configure OpenWrt (connecting via console in Portainer):

Changing the scripts to the correct IP
Troubleshooting DNS
Attempted running of LuCI

There is a wall of text coming up so if you would like to see my hypothesis, look at 3. (:

Changing the scripts to the correct IP

# cd /etc/config
# cat network (ip is initially 192.168.123.100)
# nano network

I changed:
option ipaddr from '192.168.123.100' to '192.168.1.65'
The gateway and dns to '192.168.0.1' which is my home router.

Note my home router is on 192.168.0.1 and my computer that runs docker is connected to an AP (192.168.1.1), my computer runs on (192.168.1.26)(checked with $ if config ) and the IP of OpenWrt is (192.168.1.65). Would it be correct to run the gateway/dns on 192.168.0.1?

/etc/config/network file

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.1.65'
        option gateway '192.168.0.1'
        option dns '192.168.0.1'

config interface 'vpn0'
        option ifname 'tun0'
        option proto 'none'

Then I re-ran the script with # /etc/init.d/network restart
and checked the /config/network file # ifconfig

eth1      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:41  
          inet addr:192.168.1.65  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:23871 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15479 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2592779 (2.4 MiB)  TX bytes:988269 (965.1 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:12491 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12491 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1012073 (988.3 KiB)  TX bytes:1012073 (988.3 KiB)

Troubleshooting DNS

Next I try ping devices on the network: itself(192.168.1.65), the AP (192.168.1.1), router (192.168.0.1), cloudflare (1.1.1.1). They all work but for some reason I cannot ping the host device (192.168.1.26), any ideas?

I also try opkg update and it fails, so does nslookup -query=a google.com
nslookup it is denied (is this a DHCP issue? If so what do I do to fix this?)

I initially had the gateway/dns on 192.168.1.1 but I changed it to 192.168.0.1, i'm unsure which is correct)

so I check
# nano /etc/resolv.conf and it is empty so I add...

nameserver 1.1.1.1

Now both commands work and now I can run both commands as well as # opkg install luci to make sure luCI is installed (even though this is not a snapshot).

Package luci (git-22.223.76261-af77cc5-1) installed in root is up to date.

Attempted Running of LuCI

Well you already know the result
The browser cannot load the page http://192.168.1.65 (IP).

I provided* the firewall configuration on OpenWrt, traceroute to 1.1.1.1, 192.168.1.1, 192.168.1.26 within openWRT and traceroute to 192.168.1.65 from my host computer if that will help.

I think the error is that the host computer cannot reach the OpenWrt container and vice versa looking at the traceroute (!H error) BUT can reach the router... any solutions?

I am also aware on my # cat /etc/config/network has only a lan... isn't there supposed to be a wan too?

Is it that my lan and wan are inproperly configured? The purpose of this install is to make OpenWrt my router so I have a nic for the WAN from the AP (192.168.1.1)(should I directly connect it to my home router instead and put it in modem mode?) and another nic for the LAN connected to a switch (that I have no idea how to configure...). Modem-Router-AP-(Router+Firewall?OpenWrt)-Switch is the topology. I am quite confused to how it works so if someone could give me some pointers and walk my through the process (such as a dm if possible - im quite available for these few days) I would appreciate it very much! I will post the solution if any ofc. I really want to get OpenWrt running so any advice will be very helpful.Thanks in advance :]

When troubleshooting DNS I can't remember but I think initially I could not even ping any other devices so on Portainer I enabled the bridge network too and I think I could ping. So now I have two networks running in OpenWRT, bridge and mymacvlan. In the tutorial, the person removed the bridge network before starting OpenWRT so I am a bit confused.

Now my # ifconfig looks like this:

eth1      Link encap:Ethernet  HWaddr 02:42:C0:A8:01:41  
          inet addr:192.168.1.65  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:24929 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15664 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:2706334 (2.5 MiB)  TX bytes:996583 (973.2 KiB)

eth3      Link encap:Ethernet  HWaddr 02:42:AC:11:00:03  
          inet addr:172.17.0.3  Bcast:172.17.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:20 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1719 (1.6 KiB)  TX bytes:174 (174.0 B)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:12497 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12497 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:1012745 (989.0 KiB)  TX bytes:1012745 (989.0 KiB)

firewall configuration # nano /etc/config/firewall - though I have not touched it

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option flow_offloading '0'
        option flow_offloading_hw '0'
        option fullcone '0'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config include 'zerotier'
        option type 'script'
        option path '/etc/zerotier.start'
        option reload '1'

config include 'gowebdav'
        option type 'script'
        option path '/var/etc/gowebdav.include'
        option reload '1'

config include 'openclash'
        option type 'script'
        option path '/var/etc/openclash.include'
        option reload '1'

config include 'passwall'
        option type 'script'
        option path '/var/etc/passwall.include'
        option reload '1'

config include 'passwall_server'
        option type 'script'
        option path '/var/etc/passwall_server.include'
        option reload '1'

config include 'softethervpn'
        option type 'script'
        option path '/usr/share/softethervpn/firewall.include'
        option reload '1'

config include 'shadowsocksr'
        option type 'script'
        option path '/var/etc/shadowsocksr.include'
        option reload '1'

# traceroute 1.1.1.1 from OpenWrt

bash-5.1# traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 46 byte packets
 1  172.17.0.1 (172.17.0.1)  0.021 ms  0.016 ms  0.016 ms
 2  192.168.1.1 (192.168.1.1)  3.609 ms  3.446 ms  3.433 ms
 3  192.168.0.1 (192.168.0.1)  4.708 ms  4.403 ms  4.673 ms
 4  *  *  *
... :]
etc

# traceroute 192.168.1.1 to AP from OpenWrt

bash-5.1# traceroute 192.168.1.1
traceroute to 192.168.1.1 (192.168.1.1), 30 hops max, 46 byte packets
 1  192.168.1.1 (192.168.1.1)  2.955 ms  2.378 ms  3.402 ms

# traceroute 192.168.1.26 to Host Computer from OpenWrt

bash-5.1# traceroute 192.168.1.26
traceroute to 192.168.1.26 (192.168.1.26), 30 hops max, 46 byte packets
 1  b49ca3301e1e (192.168.1.65)  3092.207 ms !H  3119.375 ms !H  3119.656 ms !H

# traceroute 192.168.1.65 from Host Computer

$ traceroute 192.168.1.65
traceroute to 192.168.1.65 (192.168.1.65), 30 hops max, 60 byte packets
 1  hostpc (192.168.1.26)  3106.625 ms !H  3106.486 ms !H  3106.463 ms !H

!H meaning host/network/protocol being unreacahable

mk24 · August 30, 2022, 5:38pm

This will not work since the gateway has to be an IP that is reachable on the same subnet.
There are two main ways to incorporate an OpenWrt router into an existing network:

A LAN device. Here there is one interface, and it holds an IP on the existing LAN, and the gateway and usually the DNS are that LAN's main router.
A LAN->WAN router. Here there are two interfaces, the LAN one is a private network (with a distinct non-overlapping subnet from wan) and the WAN is part of the existing network as described above.

It looks like your final intended use case is a VPN client. Most of the instructions you will find for setting up a VPN client assume installation on a conventional lan->wan routing scenario. So I would suggest adding a wan network (named exactly 'wan' in lower case, since that name is already in the default firewall config) that joins your home network via a virtual adapter that is bridged on the VM host.

In a lan->wan installation you will need to open firewall ports to be able to log in from the wan side (your home network including the host PC). The ports are TCP 22 for ssh and TCP 80 and / or 443 for Luci.

haradiscovery · August 30, 2022, 7:00pm

Thank you for the comment, it helped me understand a lot! So... I was initially configuring my OpenWrt router as a LAN device. However my gateway (aka node,aka router) was invalid as it was in a different subnet (due to my AP and AP's do not have gateways) unlike in the tutorial where the person connected to 192.168.1.1 (which was a router not an AP and therefore had a gateway).

Therefore I have to configure OpenWrt as a LAN→WAN router, it should be ok to use 192.168.1.X subnet (no overlap) as there is no current gateway (OpenWrt will act as a gateway since it is a router) and my existing network is on (192.168.0.X).

The WAN will be the nic connected by the AP (192.168.1.1) it is ok to open these ports as they are not exposed to internet as it joins my home network as you mentioned. So now I have to create a wan network on Portainer.

I already have a network configured mymacvlan (it might be configured incorrectly as the gateway is 192.168.1.1, that is not a gateway but an AP, should it be 192.168.0.1?) which reaches out to the home network - the 'wan' right? . It uses the nic from my AP. Should I re-name this to wan or create a new one?

Running $ ip route on my host pc produces:

> default via 192.168.1.1 dev enp1s0u2 proto dhcp src 192.168.1.26 metric 100 
> 10.127.120.0/24 dev lxdbr0 proto kernel scope link src 10.127.120.1 linkdown 
> 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
> 192.168.1.0/24 dev enp1s0u2 proto kernel scope link src 192.168.1.26 metric 100 
> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

Running $ ip route on my OpenWrt Container produces:

> default via 172.17.0.1 dev eth3 
> 172.17.0.0/16 dev eth3 proto kernel scope link src 172.17.0.3 
> 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.65

eth1 being mymacvlan and eth3 being the bridge.

I will try figure some solutions and will be on for the rest of the day. If anyone knows how to deal with this please comment or send links to any guides (:

Idea 1
If I add a wan network that joins the home network, it is possible to do it over the ethernet connection to the AP on 192.168.1.1? 192.168.1.1 not the home network is it? It's on a different subnet. Is the only solution to bridge over wifi. The wan must join my home network and therefore show up (have an address) on my home router. My network looks like...

Home Router 192.168.0.1 — Access Point 192.168.1.1 — Host PC 192.168.1.26 — OpenWrt Container 192.168.1.65

...seen in my first post. The more I look at it, the more strange it is connecting to an AP over ethernet... I do not directly connect it over ethernet to my home router as I have no ethernet connection to this room. Maybe connecting over wifi (weakish connection) [or move the host pc next to the router...if I have to, for ethernet] and not using the AP is the fix? The Host PC will then be on the home network subnet 192.168.0.x whilst I create a new virtual network adapter that uses the subnet 192.168.1.x therefore making it LAN→WAN. Yeahh... this might have been the problem. Will try the fix and be back when fixed. Uh is my AP a gateway?? I will find this out first... Even if it is... it is quite a waste to put an AP in bridge mode.

Here are the steps I will take:

Setup the virtual network to run on 192.168.0.x (where there is actually a gateway) to the new subnet 192.168.1.x
Change firewall configuration and open ports.
...

Installing OpenWrt on a container adds an extra layer of complexity and my networking knowledge is quite basic. I appologise if anyone has to walk me through this but i'm determined to get this running!

haradiscovery · August 30, 2022, 10:32pm

damn I have no idea what I am doing... I changed the virtual network to use the 192.168.0.x subnet with the OpenWrt router on 192.168.0.65. It is directly connected to my home router yet I still cannot access LuCI. The option ip addr is set to 192.168.0.65 and the gateway/dns is set to 192.168.0.1, i've also changed the firewall configuration, opening ports 22,80,443.

Network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.0.65'
        option gateway '192.168.0.1'
        option dns '192.168.0.1'

config interface 'vpn0'
        option ifname 'tun0'
        option proto 'none'

Firewall

config rule
        option name 'ssh'
        option src 'wan'
        option dest_port '22'
        option proto 'tcp'
        option target 'ACCEPT'

config rule
        option name 'http'
        option src 'wan'
        option dest_port '80'
        option proto 'tcp'
        option target 'ACCEPT'

option rule
        option name 'https'
        option src 'wan'
        option dest_port '443'
        option proto 'tcp'
        option target 'ACCEPT'

ifconfig

br-lan    Link encap:Ethernet  HWaddr 02:42:C0:A8:00:41  
          inet addr:192.168.0.65  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1487 errors:0 dropped:0 overruns:0 frame:0
          TX packets:189 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:185381 (181.0 KiB)  TX bytes:18260 (17.8 KiB)

eth0      Link encap:Ethernet  HWaddr 02:42:C0:A8:00:41  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1583 errors:0 dropped:0 overruns:0 frame:0
          TX packets:230 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:219198 (214.0 KiB)  TX bytes:23838 (23.2 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:5 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:560 (560.0 B)  TX bytes:560 (560.0 B)

Maybe change br-lan name to wan? I am out of ideas.
When I ping it, it says destination host unreachable.

Do you have another router in your setup? Is it on the same subnet? You must use different subnets on the wan and lan, otherwise things break.

I only have wan (br-lan) right? coming in from the virtual network, i don't even know where the lan is.

mk24 · August 30, 2022, 10:53pm

haradiscovery:

> default via 192.168.1.1 dev enp1s0u2 proto dhcp src 192.168.1.26 metric 100 
> 10.127.120.0/24 dev lxdbr0 proto kernel scope link src 10.127.120.1 linkdown 
> 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
> 192.168.1.0/24 dev enp1s0u2 proto kernel scope link src 192.168.1.26 metric 100 
> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

From that, your home network (which the host PC is getting Internet from) is 192.168.1.0/24 with the [default] gateway 192.168.1.1. Apparently you have a mesh system which bridges wirelessly back to the other mesh point which is the main router for the house.

A basic concept to keep in mind is that the [default] gateway on a subnet is the next router in line towards the Internet. It is by convention, the device holding .1 on that subnet though it does not have to be.

Docker is running a 172.17.0.1/16 network and routing it to the host's Internet connection. This is basically a one-way connection. It may or may not work to open a web browser to this network.

When you connect OpenWrt to this network, the gateway will be 172.17.0.1, the Docker networking on your PC which is serving as a router.

I would suggest setting up a bridge on the port which is connected directly to the home network, so then your OpenWrt VM can hold a 192.168.1.X IP and bridge directly to the main router. But that is all in Docker and the host OS and out of the scope of this forum.

haradiscovery · August 30, 2022, 11:02pm

I finally understand what you mean by setting up a bridge connected to the a home network port. Yeah I have bridged aka used 'macvlan' to connect the ethernet NIC of my home network enp1s0u2 to 192.168.0.65 (host PC is directly connected to the router). I won't bother with the 192.168.1.x subnet for now. Everything will be on 192.168.0.x

The problem is that the OpenWrt is not visible to other devices on the same network & vice versa but it can somehow connect to the internet and is visible by the router.

Errr, I think I am connected over LAN. After all it is the same device and not over WiFi. My host PC is on ARMv7hl (lscpu) and is a Raspi4B. Might test with another device connected on LAN and see if I can ssh in.
https://forum.openwrt.org/t/cannot-ssh-in-to-openwrt-router-over-wifi/80819

The tutorial network diagram:
screenshot

It is strange, I do not know where I have deviated from the tutorial, if at all. Running with a 192.168.0.65 IP does not fix the issue. (you think docker running 172.17.0.1/16 is interfering between OpenWrt and the rest of my network ...so a bridge is a valid option) Indeed it is a very one way relationship ._. I will try sort this out and maybe consult the docker forums.

I agree it is more of a docker/networking issue maybe even due to the firewall and what I am trying to do is definately much more ambitious than a bare metal install. Maybe for the best now have run out of virtualization programs that can run OpenWrt. First I tried qemu and virt-manager (ofc qemu is bugged on ARM), then I tried kvm containers (the networking was too messy) and running docker is my final attempt. Very sad but I will give it a few more tries. I am glad that OpenWRT can run on ARM though unlike OPNsense Appreciate the help.

haradiscovery · August 30, 2022, 11:42pm

Hey this is cool, it is detected on my router.

Will leave with some posts:
https://github.com/oofnikj/docker-openwrt

https://www.reddit.com/r/selfhosted/comments/p7qp8n/has_anyone_tried_running_openwrt_in_a_docker/

https://www.reddit.com/r/openwrt/comments/hrah2x/running_docker_containers_on_openwrt/

https://www.reddit.com/r/openwrt/comments/p7qple/has_anyone_tried_running_openwrt_in_a_docker/

Yup. Have OpenWRT running on docker on Amazon (EC2 free tier) for Wireguard and OpenVPN.

Network landscape for this is odd. The "WAN" is bound to VPS nic, you can open ports as needed through Docker. VPN side, is just like any other interface once setup.

As for speed, I am capable of hitting out the full speed of the VPS through Wireguard and OpenVPN (500mbit) with little overhead on CPU (has both AES-NI and AVX2). Not sure about 100gbe speeds, if the host can physically handle it, the overhead from Docker should be negligible.

As one of the posts mentioned, it adds complexity to the router is a component which should be kept simple (esp if it is your main one) but it is a nice proof of concept.

I will most likely do a bare metal OpenWrt install on an old computer with a NIC card. I think it is preferable as you can install docker on OpenWrt and run services e.g. pi-hole, etc... unlike OPNsense (which runs FreeBSD).

haradiscovery · August 31, 2022, 11:16am

OMG it works over LAN!!
The strange thing is that I OpenWrt does not work on my host PC (with the docker container) but it works on a separate PC where I typed in (http://192.168.0.65) even though everything is connected over ethernet!!!

Errr, I think I am connected over LAN. After all it is the same device and not over WiFi. My host PC is on ARMv7hl (lscpu) and is a Raspi4B. Might test with another device connected on LAN and see if I can ssh in.
Cannot ssh in to OpenWrt router over wifi?

This post was correct and you were in it (: it is a Raspi problem over WiFi. Turns I would have ran into the same problem even if I did ran it as my main OS.

I don't think my /etc/config/wireless is supposed to be empty...
I will try set it up with my LuCI interface on my other computer now ...and it does not even show up on LuCI.

Following this post: https://openwrt.org/docs/guide-quick-start/basic_wifi, first I need to enable Wireless on OpenWrt for it to show on LuCI.

In /etc/config/dhcp

Find the config dhcp 'lan' section and add the line option ignore '1' to this section. This will disable the DHCP server on the lan interface.

(It's already set on mine)

In /etc/config/network

Set the IP to an another address from the same subnet. For example 192.168.1.2. After rebooting the router, remember to access the console & config via the new IP address.

The youtube tutorial has already been through this.

In /etc/config/wireless

In the radio0 section, make sure that the wireless settings match the values in the access point.

Further down in the same file, modify the wifi-iface section to include the desired SSID to which to connect (the same one as on the access point) and ensure WDS is enabled by setting this value to 1.

The file is empty...
I will try follow: https://forum.openwrt.org/t/wireless-config-blank-after-running-wifi-config/36331/3to get it working.

Update:
opkg update does not work, I checked /etc/resolv.conf and the name server has reverted to 192.168.0.1. I will change it to 1.1.1.1 for now. Now opkg update works. opkg install kmod-rt2800-usb does not fill in cat /etc/config/wireless, neither does running wifi config... the post mentions something about wifi adapters ANND here lies the problem.

Raspi does not come standard with any wifi adapters so it is valid /etc/config/wireless is blank. If you were to add a usb wifi adapter, I would think to check dmesg, check for a compatible driver and install using opkg, if the file is still blank.

If anyone wishes to continue with adding a Wireless mode and has a usb wifi adapter and a configured /etc/config/wireless file , I would suggest reading this post to do so Cannot ssh in to OpenWrt router over wifi?

Solution

For now I will just configure OpenWrt on the LuCI interface over LAN as this was the main purpose of the post and I am glad to say I got it working! Been trying to virtualise OpenWrt for days now (on a Raspi!) the third attempt was the charm and I can finally sleep at night now. ARM really is a headache. In the end the solution was:

Have the gateway be on the same subnet as the OpenWrt router. (credits to mk24)
Connect another pc to the home network on LAN (ethernet) and use the LuCi interface in the browser there, as by default wifi is not enabled as mentioned: Cannot ssh in to OpenWrt router over wifi?

system · September 10, 2022, 11:16am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.