By changing ISPs, I have lost internet access unless the modem/ethernet cable bypass the LEDE firmware router.
The router's IP: 192.168.1.5
The modem's IP: 192.168.100.1
I know I need to put both devices to .100 but I don't know where to start as I have the VPN up and running. Is the VPN IP editable to .100 and still a VPN?
Dazed and confused.
Could be multiple things:
Assuming that the modem is in pass-through (or "bridged") mode, then your router's "WAN" IP should be set for DHCP (or as appropriate if you're using PPoE, VLAN, or the like, as specified by your ISP).
I'd first try determining how to get your modem into pass-through mode and to set your router's WAN interface for DHCP. If you're not immediately successful with that, I personally would use tcpdump from the tcpdump-mini package to watch the DHCP traffic
tcpdump -ni eth0 udp port 67 or udp port 68
where eth0 is whatever interface is being used for the WAN in your configuration.
No, you should not put the router as 192.168.100.x. That is just the address of the cable modem.
Your issue seems like a DHCP lease issue. Has your router acquired an actual WAN address (either IPv4 or IPv6)?
If it has not, have your tried enabling the broadcast flag on the WAN interfaces? Some cable companies require that it is enabled.
If that does not help, does your ISP require that you register using a certain MAC address? If so have you entered that MAC address in to the Client ID and Vendor Class field to send when requesting DHCP on the WAN interfaces?
jeff. I spoke to the Spectrum tech support and they say that this modem has no configurable settings as it is not a router and/or wifi device. Hence no "pass-through".
mj5030. The WAN does not have an address, at least at the Interfaces page. The DHCP and DNS page says that computer's IP is 192.168.1.185. Routes page shows active IPv4 routes as: 192.168.1.0/24 and IPv6 is disabled. I have seen no reference to settings for the "broadcast flag" you reference. The MAC address was not required for Spectrum (Los Angeles, Time Warner Cable formerly).
Well, if it's not a router, then it's pretty much got to be a bridge in pass-through mode. Then again, if Spectrum is as incompetent as much of Comcast (I've had some great physical-plant techs here as a notable exception), they may not even know.
Several DOCSIS modems I've owned "auto-switch" between router and pass-through mode. There aren't any settings accessible to the end user for that either, but there is some "magic" on how it selects the mode, as I recall.
I'd start looking at the DHCP exchange on the wire, either directly on the router with tcpdump or with wireshark running on your "desktop" and something along the lines of
desktop $ ssh you@your.router tcpdump -i eth0 -w - udp port 67 or udp port 68 | wireshark -k -i -
(runs tcpdump on the router, pipes the raw output to wireshark running on your local machine)
Installed Wireshark. Ran the string with and without sudo. WS returned: Couldn't run /usr/bin/dumpcap in child process: Permission denied
On which OS are you running wireshark? Did you get all the - in there that indicate that stdout and stdin are to be used for the packets? I wouldn't think that dumpcap would be needed as wireshark -k -i - should be reading from stdin, not a capture device.
Ubuntu 16.04. Yes, - is at end of line.
sudo ssh root@192.168.1.5 tcpdump -i eth0 -w - udp port 67 or udp port 68 | -k -i -
-k: command not found
ubuntu $ ssh root@192.168.1.5 tcpdump -i eth0 -w - udp port 67 or udp port 68 | wireshark -k -i -
No sudo needed for the ssh command. Most importantly you were missing wireshark on the target of the pipe
I'm lost.
mark@Lexington:~$ ssh root@192.168.1.5 tcpdump -i eth0 -w - udp port 67 or udp port 68 | wireshark -k -i -
void DBusMenuExporterPrivate::addAction(QAction*, int): Already tracking action "" under id 195
void DBusMenuExporterPrivate::addAction(QAction*, int): Already tracking action "" under id 196
Looks like something with the Ubuntu side of things. DBus can be fickle.
Can you start wireshark by itself (without starting capture) and get its GUI windows displayed?
If restarting your Ubunt box doesn't resolve it, you can just run tcpdump on the OpenWRT box in "verbose" mode. The display isn't anywhere near as nice, but you should still be able to see the DISCOVER, OFFER, REQUEST, ACK sequence.
tcpdump -nvi eth0 udp port 67 or udp port 68
A good reference on how DHCP works is
The "use broadcast flag" option is in LuCI under Network->Interfaces->WAN->Advanced Settings as well as the options to use a specified MAC Address when requesting DHCP for a WAN Address.
mark@Lexington:~$ tcpdump -nvi etho udp port 67
tcpdump: etho: SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: No such device
mark@Lexington:~$ tcpdump -nvi etho udp port 68
tcpdump: etho: SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: No such device
Wireshark starts in gui, but finds no enp6s0 the computer made/given name for the ethernet on this computer.
I'll get back to you about the broadcast flag. The network, or what's left of it has to have cabled manualy moved between devices.
My typo -- what was previously "etho" was intended to be eth0 which you will have to change to the specific name of the interface associated with your WAN address on our OpenWRT router. You should run tcpdump on the router to see it in the process of trying to get a DHCP lease, not on your Ubuntu box.
Trying: ssh root@192.168.1.5 tcpdump -i enp6s0 -w - udp port 67 or udp port 68 | wireshark -k -i -
returns a permissions error and then sends an Apport to the Ubuntu Team. Go Figure!
Will not work, without sudo:
mark@Lexington:~$ sudo tcpdump -nvi enp6s0 udp port 67 or udp port 68
tcpdump: listening on enp6s0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:12:39.879579 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 331)
142.254.182.113.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 303, hops 1, xid 0x26d32c52, Flags [Broadcast]
Client-IP 76.90.225.237
Your-IP 76.90.225.237
Gateway-IP 142.254.182.113
Client-Ethernet-Address 90:94:e4:c9:c0:3d
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 142.254.182.113
Lease-Time Option 51, length 4: 62443
Subnet-Mask Option 1, length 4: 255.255.240.0
Default-Gateway Option 3, length 4: 76.90.224.1
Domain-Name-Server Option 6, length 8: 69.134.148.68,69.134.148.4
Domain-Name Option 15, length 6: "rr.com"
BR Option 28, length 4: 255.255.255.255
Hostname Option 12, length 8: "DIR-605L"
Setting B'cst Flag seems to not matter.
As a matter of simplicity for a solution, would it be easier to do a LEDE hard reset back to 192.168.1.1 and start over?
OK, I'm, still not sure what host you're running tcpdump on, as enp6s0 is a Ubuntu-esque device name. I'm assuming that this is your Ubuntu machine connected to the modem, and hoping that you don't have faster service than 10 mbps. I'm really not sure how you have this connected as either you're sending "DIR-605L" as the hostname, or your ISP is returning that to you.
What you're seeing there appears to be a DHCP offer of 76.90.225.237/20 (255.255.240.0) with a consistent default router of 76.90.224.1 from a DHCP server at 142.254.182.113 (which is "just fine" as there's probably a relay involved).
You'd want to check for something similar when you try with OpenWRT connected to your modem.
enp6s0 is the name that Ubuntu has assigned to the ethernet port of the computer. DIR-605L a mystery to me, too.
mark@Lexington:~$ sudo tcpdump -nvi enp6s0 udp port 67
[sudo] password for mark:
tcpdump: listening on enp6s0, link-type EN10MB (Ethernet), capture size 262144 bytes
mark@Lexington:~$ sudo tcpdump -nvi enp6s0 udp port 68
tcpdump: listening on enp6s0, link-type EN10MB (Ethernet), capture size 262144 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel
mark@Lexington:~$ sudo tcpdump -nvi enp6s0 udp port 68 or udp port 67
tcpdump: listening on enp6s0, link-type EN10MB (Ethernet), capture size 262144 bytes
0 packets captured
0 packets received by filter
0 packets dropped by kernel
I'm pretty sure the user running Wireshark must be root or a member of group 'wireshark' to enter capture mode. I believe non privileged users may run Wireshark to view captured files, but not actively monitor interfaces.
Also, can you, if you have not already, install 'tcpdump' on the router:
Then try running the command directly on the router:
tcpdump -i eth0 -w - udp port 67 or udp port 68
While the modem is connected to the WAN port of the router. Then restart the modem. Please post the output of that.
Also, the command that gave you an error should look more like:
ssh root@192.168.1.5 tcpdump -i eth0 -w - udp port 67 or udp port 68 | sudo wireshark -k -i -
The router is launching the command 'tcpdump' via SSH, through the Ubuntu terminal. So eth0 would be the WAN port of the interface, not enp6s0. Then we are piping that terminal output in to Wireshark on the Ubuntu box. However, since -k is invoked to enter capture mode immediately we need to add 'sudo' to run it as a privileged user.
Connecting the router to the 'puter I was able to ssh. tcpdump is installed already. Running the tcmdump returned:
root@c7main:~# ssh root@192.168.1.5 tcpdump -i eth0 -w - udp port 67 or udp port 68 | sudo wireshark -k -i -
\tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
I had to ctrl-c to break out of it.
Next, I tried to follow your words by connecting the modem to the WAN port. I've never used wireshark before, so running it from a terminal under sudo, it opened and I saved a file of I-don't-know-what. The ws saved file with the ws file extension cannot be uploaded. I did save a text file and it repeats a frame by frame iteration, starting as:
No. Time Source Destination Protocol Length Info
1 0.000000000 192.168.1.185 192.168.1.5 DNS 89 Standard query 0xdcb2 A push.services.mozilla.com.lan
Frame 1: 89 bytes on wire (712 bits), 89 bytes captured (712 bits) on interface 0
Ethernet II, Src: Micro-St_63:b1:bf (4c:cc:6a:63:b1:bf), Dst: Tp-LinkT_71:8f:5e (ec:08:6b:71:8f:5e)
Internet Protocol Version 4, Src: 192.168.1.185, Dst: 192.168.1.5
User Datagram Protocol, Src Port: 35355, Dst Port: 53
Domain Name System (query)
OK -- something's getting lost along the way
You need to see what DHCP is doing between your router and your ISP's DHCP server(s).
The most straightforward way to do this is to run tcpdump on the router itself. You do that by ssh-ing into the router and running
tcpdump -vni eth0 udp port 67 or udp port 68
where you may need replace eth0 with the proper interface on your router.
All the stuff with ssh and wireshark is more advanced, allowing you a "nicer" look at the results. My apologies for leading you down that path -- it requires a knowledge of how ssh and shells work and interact.