Hi, sorry to bother you, i have to configure the router for the ftth with this parameters:
VLan: 835(data)
VLan: 836(voice)
Protocol: PPPoE
PPPoE usr: benvenuto
PPPoE pwd: ospite
Encapsulation: LLC
NAT: enabled
COS data: 0 (IEEE 802.1 P)
COS voice: 5 (IEEE 802.1 P)
But I can't find the configuration for encapsulation, NAT and COS. Where can I find instruction for Openwrt 24.10.4?
do you have a voip phone to utilize "voice" service?
COS is ancient name for DSCP COS0 = CS0 COS5 = CS5
Configuration slightly depends on what device you have
ubus call system board
In general, start with focusing on your main target first (the data VLAN) - once you've set that up (fully), look into the VoIP case.
root@OpenWrt:~# ubus call system board
{
"kernel": "6.6.104",
"hostname": "OpenWrt",
"system": "ARMv8 Processor rev 0",
"model": "Bananapi BPI-R4",
"board_name": "bananapi,bpi-r4",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.3",
"revision": "r28872-daca7c049b",
"target": "mediatek/filogic",
"description": "OpenWrt 24.10.3 r28872-daca7c049b",
"builddate": "1758316778"
}
}
The configuration i have for network:
###################################
# LOOPBACK
###################################
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
###################################
# LAN BRIDGE (solo LAN1-LAN3 + WiFi)
###################################
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'eth1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
list dns '8.8.8.8'
###################################
# WAN - SFP+ fisico
###################################
config device
option name 'eth0'
option type 'device'
###################################
# VLAN 835 - INTERNET PPPoE
###################################
config device
option type '8021q'
option ifname 'eth0'
option vid '835'
option name 'wan.835'
config interface 'wan'
option device 'wan.835'
option proto 'pppoe'
option username 'benvenuto'
option password 'ospite'
option mtu '1492'
option ipv6 'auto'
option peerdns '0'
list dns '8.8.8.8'
list dns '1.1.1.1'
the configuration i have on firewall:
###################################
# DEFAULT POLICIES
###################################
config defaults
option syn_flood '1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
###################################
# ZONE LAN
###################################
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
###################################
# ZONE WAN
###################################
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
###################################
# FORWARDING LAN -> WAN
###################################
config forwarding
option src 'lan'
option dest 'wan'
###################################
# PERMIT ESSENTIAL WAN TRAFFIC
###################################
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option target 'ACCEPT'
option family 'ipv6'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
the error in the LuCi:
Protocol: PPPoE
RX: 0 B (0 Pkts.)
TX: 0 B (0 Pkts.)
Error: Unknown error (DEVICE_CLAIM_FAILED)
I tried to change configuration but nothing, i have a D-Link D100 directly connected to eth0
ethtool eth0
Settings for eth0:
Supported ports: [ MII ]
Supported link modes: 10000baseCR/Full
Supported pause frame use: Symmetric Receive-only
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10000baseCR/Full
Advertised pause frame use: Symmetric Receive-only
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Link partner advertised link modes: 10000baseCR/Full
Link partner advertised pause frame use: Symmetric
Link partner advertised auto-negotiation: No
Link partner advertised FEC modes: Not reported
Speed: 10000Mb/s
Duplex: Full
Port: MII
PHYAD: 0
Transceiver: internal
Auto-negotiation: on
Current message level: 0x000000ff (255)
drv probe link timer ifdown ifup rx_err tx_err
Link detected: yes
ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1504 qdisc mq state UP qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
ip link show wan.835
ip: can't find device 'wan.835'
Thank you in advance, I hope to solve the situation, I even buyed a media converter 2.5 G (the ISP claim 2.5G) and tried another modem (flint 2) without success
You have to run ethtool against physical ports, eg wan
wan.835 appears only after pppoe dials in.
ethtool wan
Settings for wan:
Supported ports: [ TP MII ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: Symmetric Receive-only
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: Symmetric Receive-only
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: Unknown!
Duplex: Unknown! (255)
Port: Twisted Pair
PHYAD: 0
Transceiver: external
Auto-negotiation: on
MDI-X: Unknown
Supports Wake-on: d
Wake-on: d
Link detected: no
ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST> mtu 1504 qdisc mq state DOWN qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq master br-lan state DOWN qlen 1000
link/ether 56:d4:88:03:50:3b brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 2e:0c:0e:84:17:73 brd ff:ff:ff:ff:ff:ff
5: wan@eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
6: lan1@eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noqueue master br-lan state DOWN qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
7: lan2@eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noqueue master br-lan state DOWN qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
8: lan3@eth0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noqueue master br-lan state DOWN qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
44: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 56:d4:88:03:50:3a brd ff:ff:ff:ff:ff:ff
48: phy0.0-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether 56:d4:88:03:50:3c brd ff:ff:ff:ff:ff:ff
49: phy0.1-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
link/ether 56:d4:88:03:50:4c brd ff:ff:ff:ff:ff:ff
eth0 is NOT sfp port, it is DSA master. you have to use wan as WAN backend (yeah, everything named same)
So now is better in this configuration?
###################################
# LOOPBACK
###################################
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd23:a222:4f1c::/48'
option packet_steering '1'
###################################
# LAN BRIDGE
###################################
config device
option name 'br-lan'
option type 'bridge'
list ports 'data'
list ports 'eth1'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'voice'
# WAN RIMOSSO DA QUI
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
list dns '8.8.8.8'
###################################
# WAN - DISPOSITIVO FISICO
###################################
config device
option name 'wan'
option maccaddr '56:D4:88:03:50:3A'
###################################
# VLAN 835 – WINDTRE INTERNET PPPoE
###################################
config device
option type '8021q'
option ifname 'wan'
option vid '835'
option name 'wan.835'
config interface 'wan'
option device 'wan.835'
option proto 'pppoe'
option username 'benvenuto'
option password 'ospite'
option ipv6 'auto'
option peerdns '0'
list dns '8.8.8.8'
list dns '1.1.1.1'
###################################
# VLAN 836 – WINDTRE VOCE (DHCP)
###################################
config device
option type '8021q'
option ifname 'wan'
option vid '836'
option name 'wan.836'
config interface 'voice'
option device 'wan.836'
option proto 'dhcp'
###################################
# WAN6 (IPv6 via PPP)
###################################
config interface 'wan6'
option proto 'dhcpv6'
option device 'wan'
option reqaddress 'try'
option reqprefix 'auto'
###################################
# WWAN (WiFi WAN – opzionale)
###################################
config interface 'wwan'
option proto 'dhcp'
and the firewall:
#######################################
# DEFAULTS
#######################################
config defaults
option syn_flood '1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
#######################################
# LAN ZONE
#######################################
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
# RIMOSSO 'wan' QUI (ERRORE GRAVE)
#######################################
# WAN ZONE
#######################################
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
list network 'wwan'
list network 'voice' # se usi la VLAN 836 per VoIP
#######################################
# FORWARDING LAN → WAN
#######################################
config forwarding
option src 'lan'
option dest 'wan'
#######################################
# RULES STANDARD OPENWRT
#######################################
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
but even then i have 0 packet rx or tx from wan...
Try to connect from luci. It kind of gives some logs back if something does not work out.
Hi, I reinstalled the default configuration and use the wan.835 (VLAN) as interface for ppoe wan as in the image, but no connection at all...
the systemlog is the same:
Tue Nov 25 22:18:17 2025 daemon.warn pppd[18069]: Timeout waiting for PADO packets
Tue Nov 25 22:18:18 2025 daemon.err pppd[18069]: Unable to complete PPPoE Discovery phase 1
Tue Nov 25 22:18:18 2025 daemon.info pppd[18069]: Exit.
Tue Nov 25 22:18:18 2025 daemon.notice netifd: Interface 'wan' is now down
Tue Nov 25 22:18:18 2025 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 25 22:18:18 2025 daemon.info pppd[18349]: Plugin pppoe.so loaded.
Tue Nov 25 22:18:18 2025 daemon.info pppd[18349]: PPPoE plugin from pppd 2.5.1
Tue Nov 25 22:18:18 2025 daemon.notice pppd[18349]: pppd 2.5.1 started by root, uid 0
Tue Nov 25 22:18:19 2025 daemon.warn odhcpd[2291]: No default route present, setting ra_lifetime to 0!
Tue Nov 25 22:18:19 2025 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Tue Nov 25 22:18:19 2025 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 4 names
Tue Nov 25 22:18:19 2025 daemon.info dnsmasq[1]: read /tmp/hosts/odhcpd - 0 names
Tue Nov 25 22:18:19 2025 daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
Tue Nov 25 22:18:53 2025 daemon.warn pppd[18349]: Timeout waiting for PADO packets
Tue Nov 25 22:18:53 2025 daemon.err pppd[18349]: Unable to complete PPPoE Discovery phase 1
Tue Nov 25 22:18:53 2025 daemon.info pppd[18349]: Exit.
Tue Nov 25 22:18:53 2025 daemon.notice netifd: Interface 'wan' is now down
Tue Nov 25 22:18:53 2025 daemon.notice netifd: Interface 'wan' is setting up now
Tue Nov 25 22:18:53 2025 daemon.info pppd[18629]: Plugin pppoe.so loaded.
Tue Nov 25 22:18:53 2025 daemon.info pppd[18629]: PPPoE plugin from pppd 2.5.1
Tue Nov 25 22:18:53 2025 daemon.notice pppd[18629]: pppd 2.5.1 started by root, uid 0
Tue Nov 25 22:18:54 2025 daemon.warn odhcpd[2291]: No default route present, setting ra_lifetime to 0!
Tue Nov 25 22:18:54 2025 daemon.info dnsmasq[1]: read /etc/hosts - 12 names
Tue Nov 25 22:18:54 2025 daemon.info dnsmasq[1]: read /tmp/hosts/dhcp.cfg01411c - 4 names
Tue Nov 25 22:18:54 2025 daemon.info dnsmasq[1]: read /tmp/hosts/odhcpd - 0 names
Tue Nov 25 22:18:54 2025 daemon.info dnsmasq-dhcp[1]: read /etc/ethers - 0 addresses
br-wan what is that?
is it 2 WAN interfaces on the device.
One way - remove current WAN from br-wan
Other way - configure vlan on br-wan and tag it on used WAN port.
And it is a bug in that devices with 2 designated wan ports (like sfp and eth) should be catching same.
