Configure single IP for wifi client

LarryPowel · August 16, 2022, 8:38pm

I am playing around with wifi on a mini router and want to accomplish the following.
The main network interface is a wired LAN connection but I want one single wifi client to connect to the router.

I specifically do not want it to have Internet access through the router, I simply want it to be able to communicate interactively with the router.

At the moment, when I enable wifi, a wifi client can connect to the mini router but no IP is being handed over and I don't really know if in this situation, I have to enable the dhcp server.

While playing with this earlier, this happened automatically without my having to do anything, the client was given an IP.

Tue Aug 16 17:44:03 2022 daemon.notice netifd: Network device 'wlan0' link is up
Tue Aug 16 17:44:03 2022 daemon.notice netifd: Interface 'wwan' is enabled
Tue Aug 16 17:44:03 2022 daemon.notice netifd: Interface 'wwan' has link connectivity
Tue Aug 16 17:44:03 2022 daemon.notice netifd: Interface 'wwan' is setting up now
Tue Aug 16 17:44:03 2022 daemon.notice netifd: wwan (2929): udhcpc: started, v1.28.4
Tue Aug 16 17:44:03 2022 daemon.notice netifd: wwan (2929): udhcpc: sending discover
Tue Aug 16 17:44:06 2022 daemon.notice netifd: wwan (2929): udhcpc: sending discover
Tue Aug 16 17:44:09 2022 daemon.notice netifd: wwan (2929): udhcpc: sending discover

Since then, I did something that broke this as the udhcp service is no longer starting up.
Now when I connect a wifi client, I see the following;

daemon.info hostapd: wlan0: STA xxxxxxxxxxxxxxxxx IEEE 802.11: authenticated
daemon.info hostapd: wlan0: STA xxxxxxxxxxxxxxxxxx IEEE 802.11: associated (aid 1)
daemon.notice hostapd: wlan0: AP-STA-CONNECTED xxxxxxxxxxxxxxxxx
daemon.info hostapd: wlan0: STA xxxxxxxxxxxxxxxxx RADIUS: starting accounting session xxxxxxxxxxxxxxxx
daemon.info hostapd: wlan0: STA xxxxxxxxxxxxxxxxx WPA: pairwise key handshake completed (RSN)
daemon.notice hostapd: wlan0: AP-STA-DISCONNECTED xxxxxxxxxxxxxxxxx

Can anyone give me a lead on what I need to do? I can't find anything specific on the net.

frollic · August 16, 2022, 8:47pm

Don't connect any of the ethernet ports of the router to the rest of your network, and you should be able to communicate with it, unless your config attempts really broke something.

LarryPowel · August 16, 2022, 9:06pm

Hi, Thanks for your input.

I actually want the wired interface to have Internet access. I just don't want the wifi client to have Internet access and I don't need a full dhcp service if there is a way to give the single wifi client an IP.

The question really relates to dhcp and how I can give the wifi client an IP so it can communicate with the router only.

frollic · August 16, 2022, 9:09pm

Provide it with bogus gw and DNS IPs, or don't provide them at all (not sure It'll be accepted).

Or set static IP via dhcp, and block that IP from having wan access, in the firewall.

psherman · August 16, 2022, 9:18pm

You can also create a simple firewall rule that blocks access upstream for the wifi client (or entire network) on the mini router.

LarryPowel · August 16, 2022, 9:22pm

Yes, I know how to set up a dhcp server but that's not what I'm asking about :).

I should add that I'm trying to use as little of the resources as possible on the router too.
If I don't have to run a full dhcp server, that much better since I'm limited in memory sometimes.

Mainly, I'd like to understand what I might have changed that caused the udhcpc service to start when I first started playing with this and it's not run since. What could I have changed?

The only thing I did was to configure the wifi, nothing else. That's why I'm curious why the service no longer runs when I start the ap.

psherman · August 16, 2022, 9:24pm

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

frollic · August 16, 2022, 9:27pm

We're no mind readers, hopefully we'll know once you've posted your config.

If you don't want to run any dhcp server, use a static IP, configured on the client device.

LarryPowel · August 16, 2022, 9:28pm

Come now, no need to get rude. I didn't ask you to read my mind. I'm sharing all of the details I have.

LarryPowel · August 16, 2022, 9:36pm

$ ubus call system board
{
        "kernel": "4.14.95",
        "hostname": "none",
        "system": "MediaTek MT7628AN ver:1 eco:2",
        "model": "GL-MT300N-V2",
        "board_name": "gl-mt300n-v2",
        "release": {
                "distribution": "OpenWrt",
                "version": "18.06.2",
                "revision": "r7676-cddd7b4c77",
                "target": "ramips\/mt76x8",
                "description": "OpenWrt 18.06.2 r7676-cddd7b4c77"
        }
}
$ cat /etc/config/network
config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'wan'
        option ifname 'eth0.1 eth0.2'
        option force_link '1'
        option type 'bridge'
        option proto 'dhcp'
        option metric '20'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0 6t'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '1 2 3 4 6t'

config interface 'wwan'
        option proto 'dhcp'
        option metric '10'

$ cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/10300000.wmac'
        option htmode 'HT20'
        option disabled '0'
        option country 'US'

config wifi-iface
        option device 'radio0'
        option network 'wwan'
        option mode 'ap'
        option ssid 'none'
        option key '123456789'
        option encryption 'psk2'

$ cat /etc/config/dhcp

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

$ cat /etc/config/firewall
cat: can't open '/etc/config/firewall': No such file or directory

I don't use a firewall on these routers. They are on the LAN only.

mk24 · August 16, 2022, 9:46pm

wwan being a dhcp client that isn't attached to any other network means it will never acquire an IP address to be usable. Set it as static IP with an IP subnet that none of your other networks have.

If you stop the firewall, all the networks are able to forward to each other by default. So you don't want that. The firewall process only runs once to set up rule tables in the kernel.

psherman · August 16, 2022, 9:46pm

there is no lan interface in your network.
your upstream connection (wwan) is set incorrectly.
The DHCP file is incomplete, there is no firewall.

Not sue what you did, but you need to reset to defaults.

And while you are at it, upgrade to 21.02.3 since that is the current version. 18.06 is obsolete and unsupported and has security vulnerabilities.

LarryPowel · August 16, 2022, 9:50pm

I do have LAN access via br-wan.

$ ifconfig
br-wan    Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          inet addr:192.168.1.140  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::9683:c4ff:fe1b:9fc4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:149956 errors:0 dropped:0 overruns:0 frame:0
          TX packets:167339 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:28908886 (27.5 MiB)  TX bytes:14618429 (13.9 MiB)

eth0      Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          inet6 addr: fe80::9683:c4ff:fe1b:9fc4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:154001 errors:0 dropped:0 overruns:0 frame:0
          TX packets:204517 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:31891446 (30.4 MiB)  TX bytes:18532314 (17.6 MiB)
          Interrupt:5

eth0.1    Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:37139 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:3091838 (2.9 MiB)

eth0.2    Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:150579 errors:0 dropped:584 overruns:0 frame:0
          TX packets:167364 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:28941182 (27.5 MiB)  TX bytes:14620079 (13.9 MiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:26870 errors:0 dropped:0 overruns:0 frame:0
          TX packets:26870 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2505671 (2.3 MiB)  TX bytes:2505671 (2.3 MiB)

wlan0     Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          inet6 addr: fe80::9683:c4ff:fe1b:9fc4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1325 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1334 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:268351 (262.0 KiB)  TX bytes:294041 (287.1 KiB)

LarryPowel · August 16, 2022, 9:57pm

wwan being a dhcp client that isn't attached to any other network means it will never
acquire an IP address to be usable.

Ah, yes, it's set to dhcp in the network file.

Set it as static IP with an IP subnet that none of your other networks have.

Ok, I'll give that a try.

If you stop the firewall, all the networks are able to forward to each other by default.
So you don't want that. The firewall process only runs once to set up rule tables in the kernel.

There is actually no firewall installed on these devices as they are LAN clients only.

I think you gave me the lead I needed. I'll give that a try.
I'm doing everything from the command line as these also don't have any luci stuff installed on them.

LarryPowel · August 16, 2022, 10:12pm

Actually, I've kind of gotten past my question here.

The reason I said 'what did I change' is because the only things I changed was adding the hostapd package and using a handful of uci commands to change things like country, encryption and password.

After adding hostapd, the wifi client was able to get a dhcp IP from the router.
After changing the encryption and adding a password is when udhcp stopped.

Does adding the hostapd package change something related to udhcp?

I actually need the router to provide a small dhcp pool. The clients are esp32 devices. Those devices don't need access to the Internet, just the router which has LAN access.

Sorry but some of this is new to me so having a difficult time explaining myself perhaps.

psherman · August 16, 2022, 10:54pm

your wifi is setup as AP -- this means it broadcasts an SSID and other devices will connect to it.

If you want that interface to get an address via DHCP, there must be an upstream wifi network with a DHCP server, and this device must be configured as a wifi client ('sta' mode). Your SSID and password on this unit must match the SSID and password of the upstream wifi network.

EDIT: If, on the other hand, this device is supposed to be a DHCP server for connected devices, you need to define an address in the network interface. Currently you have wan and wwan set to get their addresses via DHCP (i.e. from an upstream DHCP server), and there is no LAN at all. The device will not have an address unless it is connected to an upstream network.

It's not really clear what you are trying to do with this router -- it is certainly not configured in a way that would be expected to work.

LarryPowel · August 16, 2022, 11:15pm

your wifi is setup as AP -- this means it broadcasts an SSID and other devices will connect to it.

Correct.

If you want that interface to get an address via DHCP, there must be an upstream

I do not want an upstream DHCP IP. It was pointed out that I accidentally left the interface using DHCP but that's now static.

If, on the other hand, this device is supposed to be a DHCP server for connected devices, you
need to define an address in the network interface. Currently you have wan and wwan set to
get their addresses via DHCP (i.e. from an upstream DHCP server), and there is no LAN at all.

Yes, I fixed that. Now the wifi interface has a static IP in a network not being used.

I'm not sure why you say there is no LAN. There is a LAN, it's wired and both wired interfaces can get a DHCP IP. However, that's not what I'm after.

br-wan    Link encap:Ethernet  HWaddr 94:83:C4:1B:9F:C4
          inet addr:192.168.1.140  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::9683:c4ff:fe1b:9fc4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:22642 errors:0 dropped:0 overruns:0 frame:0
          TX packets:25453 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4297624 (4.0 MiB)  TX bytes:2185483 (2.0 MiB)

The device will not have an address unless it is connected to an upstream network.

It's not really clear what you are trying to do with this router -- it is certainly not configured in a
way that would be expected to work.

I'll explain it again then.

I have DHCP IP's being assigned to the wired interfaces so let's forget about those.
I had wifi configured wrong because I overlooked a couple of things but it's fine now.
The wifi now has its own static IP.

All I am wanting is to have DHCP IPs offered to wifi clients connecting to this router now.
My question was originally about udhcp showing up then no longer showing up after making very minor changes to wifi only.

Not sure why that is not clear? I'm also not sure how to explain it any other way but happy to try if you tell me which parts you do understand :).

psherman · August 16, 2022, 11:19pm

I'm saying that because you've got your interface defined as br-wan.

It can work the same way, of course, but it is just bad form.

If you simply reset your router to defaults, that will get you what you want with no further configuration needs except to enable wifi (and provide an SSID and password).

But to explain the reason it's not working: you don't have a DHCP server configured, so it cannot provide any DHCP addresses to the client devices.

Is there a reason you don't want to reset to defaults? that is the fastest way to fix your issues.

LarryPowel · August 16, 2022, 11:22pm

The question is long lost.
At this point, I just need to configure a DHCP server for the wifi clients.
That's not an issue, I'll do that but the question was really about the udhcp service.

Anyhow, thanks for the help everyone.

psherman · August 16, 2022, 11:23pm

The udhcp service isn't running because you don't have any defined DHCP servers. it presumably exits out when there is nothing for it to do.