Since i am using my openwrt router, my desktop wont correctly download files from https. They sometimes immediately report the error that it cant read the "source file". sometimes the download starts, but stops after seconds with a failure. I can retry to download, and it will download a small portion again, failing again after seconds. Keeping this up, i can download a full file, but it's a lot of clicks....
The strange thing, is that if i change the download URL to http instead of https, the download completes normally without issues.
Now...everyone is probably wondering why i am asking this on the openwrt forum. It is because i just tried to tether my phone's 4g connection to the desktop PC, and there are no issues downloading over https. I also didn't have this issue before using Openwrt.
I normally use a wireguard connection, but also tested and have the issue when i disable the wireguard interface.
Of course i also tested other browsers. Edge, firefox and chrome all suffer from this issue. I already resetted firewall settings and network settings on the PC. Browsing, streaming etc work flawless. Speedtests show a solid connection. And again....http downloads work without issues either. https downloads from browsers are the issues.
The logs doesn't seem to show any information regarding errors. Strangely, my phone is unaffected and i can download anything without issues on there.
Can you try to boot a linux live distro on the desktop and try to download something over https?
Do you have other PC to test, maybe some friend's, since the phone seems to work fine?
i have a laptop i tested it with and downloads fine, although for some reason always claims internet is not available on the wifi network until i turn wifi off and on again.
I find it strange that this desktop pc has no problems downloading through my phone's tether, while through the openwrt router has problems.
okay let's have a look for something strange in the configuration.
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ip -6 addr ; ip -6 ro li tab all ; ip -6 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
inet REDACTED/24 brd REDACTED scope global wan
valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP ql en 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
15: surfshark: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKN OWN qlen 1000
inet 10.2.0.2/32 brd 255.255.255.255 scope global surfshark
valid_lft forever preferred_lft forever
default dev surfshark scope link
REDACTED/24 dev wan scope link src REDACTED
REDACTED via REDACTED dev wan
REDACTED via REDACTED dev wan
REDACTED via REDACTED dev wan
REDACTED/24 dev br-lan scope link src 192.168.1.1
REDACTED via REDACTED dev wan
local 10.2.0.2 dev surfshark table local scope host src 10.2.0.2
local REDACTED dev wan table local scope host src REDACTED
broadcast REDACTED dev wan table local scope link src REDACTED
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
local 192.168.1.1 dev br-lan table local scope host src 192.168.1.1
broadcast 192.168.1.255 dev br-lan table local scope link src 192.168.1.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
7: wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 REDACTED/64 scope link
valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 REDACTED/60 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 REDACTED/64 scope link
valid_lft forever preferred_lft forever
12: phy0-mesh0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 REDACTED/64 scope link
valid_lft forever preferred_lft forever
13: phy0-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 REDACTED/64 scope link
valid_lft forever preferred_lft forever
14: phy1-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 REDACTED/64 scope link
valid_lft forever preferred_lft forever
REDACTED/64 dev br-lan metric 1024
unreachable REDACTED/48 dev lo metric 2147483647
fe80::/64 dev br-lan metric 256
fe80::/64 dev phy0-ap0 metric 256
fe80::/64 dev phy1-ap0 metric 256
fe80::/64 dev wan metric 256
fe80::/64 dev phy0-mesh0 metric 256
local ::1 dev lo table local metric 0
anycast fd24:536a:b9a7:: dev br-lan table local metric 0
local fd24:536a:b9a7::1 dev br-lan table local metric 0
anycast fe80:: dev br-lan table local metric 0
anycast fe80:: dev phy0-ap0 table local metric 0
anycast fe80:: dev phy1-ap0 table local metric 0
anycast fe80:: dev wan table local metric 0
anycast fe80:: dev phy0-mesh0 table local metric 0
local REDACTED:a784 dev phy0-ap0 table local metric 0
local REDACTED:a782 dev wan table local metric 0
local REDACTED:a783 dev br-lan table local metric 0
local REDACTED:a784 dev phy0-mesh0 table local metric 0
local REDACTED:a785 dev phy1-ap0 table local metric 0
multicast ff00::/8 dev br-lan table local metric 256
multicast ff00::/8 dev phy0-ap0 table local metric 256
multicast ff00::/8 dev phy1-ap0 table local metric 256
multicast ff00::/8 dev wan table local metric 256
multicast ff00::/8 dev phy0-mesh0 table local metric 256
multicast ff00::/8 dev surfshark table local metric 256
0: from all lookup local
32766: from all lookup main
lrwxrwxrwx 1 root root 16 Mar 14 22:47 /etc/resolv.conf -> /tm p/resolv.conf
-rw-r--r-- 1 root root 47 Mar 17 06:37 /tmp/resolv.conf
-rw-r--r-- 1 root root 110 Mar 17 06:37 /tmp/resolv.conf.d/reso lv.conf.auto
/tmp/resolv.conf.d:
-rw-r--r-- 1 root root 110 Mar 17 06:37 resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error
==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface surfshark
nameserver 10.2.0.1
# Interface wan
nameserver REDACTED
nameserver REDACTED
First of all it is a snapshot, so it may have some issues, as they are not stable releases.
Second there have been some modifications from the default configuration. The fastest and easiest way to verify is to take a configuration backup and reset to defaults. This can work for you immediately as you are using dhcp on wan.
thanks. So create a backup, then do a factory reset? then restore backup after testing?
I think that the configuration backup does not automatically install packages, right? So i need to check what i need to fully "restore".
So, today i came on the simple but brilliant idea to connect my vodafone wan router(thats set as bridge) directly to my pc. and downloads over https work fine, no issues.
But when i connect my pc to the dynalink openwrt router thats connected to the vodafone wan router, https downloads keep failing.
Weird, since i tested my laptop and my phone have no issues. Yet there is something related to openwrt that causes my normal PC not to download over HTTPS.
I tried to do a factory reset, and now i cannot install wireguard anymore....Getting the error that the kernel is incompatible.
During testing with the clean factory reset, the download failed once after around half a minute instead of seconds. i clicked retry, and then it worked for a solid 5 minutes until i decided to start putting back the settings i have, since i do want 802.11s mesh and wireguard functionality. Those are the only features i have installed and want.
But yeah now i am stuck restoring.
EDIT: Had to do a firmware upgrade, that solved the issue with the kernel being outdated. I have now all settings set back to how they were, and downloading over https seem to work. (even after a reboot)
But i know that after resetting the whole router it was failing once as i said before, so i guess i'l have to wait and see.
Maybe there is some weird bug that makes this issue become worse, the longer the router has gone without a reset. Time will tell, but i have been downloading now for 10 minutes without issues.
EDIT: well it's definitely no longer seconds, but the issue still comes back. But it can be more then 10 minutes without trouble now, before the download fails.
Sometimes this type of issue can be related to MTU issues. What type of internet service do you have, and what is the connection protocol (for the main router: DHCP, PPPoE, Static)?
At this point you might gain some more information by disabling the wireguard tunnel and running a tcpdump to capture the download traffic and inspect the TCP state machine transitions.
Knowing whether one of the hosts is simply not replying or perhaps sending a RST or a FIN in the middle of the download might help in diagnosing whether it's server or client resetting the connection
Err...I'm not sure! I have a vodafone station, as the device is called, and is setup to bridge mode, so it pushes traffic further and back into the internet. no wlan or anything else is enabled on it.
the vodafone provider has dynamic IP's, so they change often.
I have some more results though. I tried downloading through the vodafone box directly, now waiting 10 minutes, and the download failed (didnt see exactly when, but between 5 and 10 minutes), so the issue is ALSO when evading the openwrt router and connecting directly to the vodafone bridge.
I then tried to connect the pc once again to my phone, and use my phone's internet access to download the same file. it ran for 1 hour and 10 minutes until i decided it is stable enough and cancelled the download myself.
I have no idea how to solve this, but i suppose we cant blame openwrt anymore.
Even though it's weird how the issue is now less severe. i can download for sometimes minutes when the download fails, and the phone's 4g connection tethered to be pc remains flawless. before i resetted the openwrt router, i had this issue after mere seconds, not more then 5 seconds until the download fails.
Very odd issue...