Connectivity issues after client reboot

ephidrineon · April 28, 2021, 10:32am

Hi, I'm having the following problem. My router works fine, I can connect to the internet, DHCP works, DNS works, wireless works.
However, if I shut down or reboot my computer (Windows 10 Education), the NIC connected to my OpenWrt router says "No internet connection" or "Unidentified network". I get an APIPA address assigned. If I then disable and re-enable the network adapter in Windows, the OS detects an internet connection and traffic is routed through that NIC.

Configuration of Windows PC:
NIC 1: Connected to OpenWrt, static IP (outside DHCP range), Interface metric 1
NIC 2: USB NIC connected to other router, static IP, Interface metric 30 (traffic is router through this after a boot if OpenWrt is not detected as connected)

Configuration of OpenWrt:
DNS-Over-HTTPS Proxy as DNS resolver
WAN interface metric 5, VPN interface metric 0 (so I don't have to manually block traffic to WAN if connected to OpenVPN)
Custom FW zone for OpenVPN
Firewall rules to block Port 53 to WAN to prevent unencrypted DNS resolution

OpenWrt configuration:

root@OpenWrt:~# cat /etc/config/system /etc/config/firewall /etc/config/network /etc/config/wireless /etc/config/dhcp /etc/config/https-dns-proxy

config system
        option hostname 'OpenWrt'
        option timezone 'UTC'
        option ttylogin '0'
        option log_size '64'
        option urandom_seed '0'

config timeserver 'ntp'
        option enabled '1'
        option enable_server '0'
        list server '0.openwrt.pool.ntp.org'
        list server '1.openwrt.pool.ntp.org'
        list server '2.openwrt.pool.ntp.org'
        list server '3.openwrt.pool.ntp.org'


config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config zone
        option network 'vpn'
        option forward 'REJECT'
        option name 'vpn'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option input 'REJECT'

config forwarding
        option dest 'vpn'
        option src 'lan'

config forwarding
        option dest 'wan'
        option src 'lan'

config rule
        option src_port '53'
        option name 'Block-unencrypted-DNS'
        option dest 'wan'
        option target 'REJECT'
        option dest_port '53'
        list proto 'udp'
        option src '*'

config rule
        option src_port '53'
        option src '*'
        option name 'Block-unencrypted-DNS-VPN'
        option dest 'vpn'
        option target 'REJECT'
        option dest_port '53'
        list proto 'udp'

config rule
        option src_port '53'
        list proto 'udp'
        option name 'Block-unencrypted-DNS-resolution'
        option dest 'wan'
        option target 'REJECT'
        option dest_port '53'


config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fda4:b5ba:a255::/48'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ifname 'eth0 eth1 eth2 eth3 eth4'
        option ipaddr '172.16.10.1'

config interface 'wan'
        option ifname 'eth5'
        option proto 'dhcp'
        list dns '127.0.0.1'
        option peerdns '0'
        option metric '5'

config interface 'wan6'
        option ifname 'eth5'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'

config interface 'vpn'
        option ifname 'tun0'
        option proto 'none'
        option auto '0'


config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'pci0000:00/0000:00:1e.0/0000:01:0c.0'
        option htmode 'HT20'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option key '[redacted]'
        option ieee80211w '1'
        option ssid '[redacted]'
        option encryption 'psk2'
        option wpa_disable_eapol_key_retries '1'


config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option localservice '1'
        option noresolv '1'
        option doh_backup_noresolv '-1'
        list server '127.0.0.1#5054'
        list server '127.0.0.1#5053'
        list doh_backup_server '127.0.0.1#5054'
        list doh_backup_server '127.0.0.1#5053'
        option confdir '/tmp/dnsmasq.d'
        option domain 'local.[mydomain]'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        option ra_default '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'


config main 'config'
        option update_dnsmasq_config '*'
        list force_dns_port '53'
        list force_dns_port '853'
        option force_dns '0'

config https-dns-proxy
        option resolver_url 'https://cloudflare-dns.com/dns-query'
        option listen_addr '127.0.0.1'
        option listen_port '5054'
        option user 'nobody'
        option group 'nogroup'
        option bootstrap_dns '1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001'

config https-dns-proxy
        option listen_addr '127.0.0.1'
        option listen_port '5053'
        option user 'nobody'
        option group 'nogroup'
        option bootstrap_dns '9.9.9.9,149.112.112.9,2620:fe::fe,2620:fe::9'
        option resolver_url 'https://dns9.quad9.net/dns-query'

Hardware configuration of OpenWrt router (built myself):
Advantech SYS-2USM02
AIMB-212 Board
Intel Atom D510 2C/4T
2GB RAM
8GB SSD
2x Intel PRO/1000 onboard NIC
1x Intel PRO/1000 PCI-X quad-port NIC
1x TP-Link Atheros Wifi PCI Card

Thanks, and a nice day to everyone!

trendy · April 28, 2021, 10:46am

Well this doesn't sound like an OpenWrt problem. Windows have static IP, but after reboot you are getting an APIPA address.
I would disable the second NIC on windows and try with one NIC only.

ephidrineon · April 28, 2021, 10:48am

I don't 100% remember if it was from trying DHCP to see if it's an addressing issue, but that'll be my next step, to see if it connects without the USB NIC.

ephidrineon · April 30, 2021, 11:58am

I just booted up my computer today, and even with the USB NIC disabled, the problem persists. I do not get assigned an APIPA address, rather the troubleshooting I've done looks like this:

Microsoft Windows [Version 10.0.19042.928]
(c) Microsoft Corporation. All rights reserved.

C:\Users\[redacted]>ping 172.16.10.1

Pinging 172.16.10.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 172.16.10.1:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Users\[redacted]>ipconfig

Windows IP Configuration


Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 172.16.10.20
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.10.1

Unknown adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter vEthernet (Default Switch):

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::3c5b:d849:4f9f:50a8%49
   IPv4 Address. . . . . . . . . . . : 172.29.0.1
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::a9c0:e3d9:d8e6:d1d7%56
   IPv4 Address. . . . . . . . . . . : 172.19.80.1
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :

Ethernet adapter VMware Network Adapter VMnet1:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::f106:8d24:c897:6f60%4
   Autoconfiguration IPv4 Address. . : 169.254.111.96
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :

Ethernet adapter VMware Network Adapter VMnet8:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::c5c6:fe5c:5493:6779%9
   Autoconfiguration IPv4 Address. . : 169.254.103.121
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :

Ethernet adapter VMware Network Adapter VMnet15:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::50e8:2628:d0d4:7965%6
   IPv4 Address. . . . . . . . . . . : 192.168.248.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

C:\Users\[redacted]>route PRINT
===========================================================================
Interface List
 12...(macaddr) ......Realtek PCIe GbE Family Controller
 10...(macaddr) ......TAP-Windows Adapter V9 for OpenVPN Connect
 49...(macaddr) ......Hyper-V Virtual Ethernet Adapter
 56...(macaddr)......Hyper-V Virtual Ethernet Adapter #2
  4...(macaddr) ......VMware Virtual Ethernet Adapter for VMnet1
  9...(macaddr) ......VMware Virtual Ethernet Adapter for VMnet8
  6...(macaddr) ......VMware Virtual Ethernet Adapter for VMnet15
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      172.16.10.1     172.16.10.20      2
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      169.254.0.0      255.255.0.0         On-link    169.254.111.96    291
      169.254.0.0      255.255.0.0         On-link   169.254.103.121    291
  169.254.103.121  255.255.255.255         On-link   169.254.103.121    291
   169.254.111.96  255.255.255.255         On-link    169.254.111.96    291
  169.254.255.255  255.255.255.255         On-link    169.254.111.96    291
  169.254.255.255  255.255.255.255         On-link   169.254.103.121    291
      172.16.10.0    255.255.255.0         On-link      172.16.10.20    257
     172.16.10.20  255.255.255.255         On-link      172.16.10.20    257
    172.16.10.255  255.255.255.255         On-link      172.16.10.20    257
      172.19.80.0    255.255.240.0         On-link       172.19.80.1    271
      172.19.80.1  255.255.255.255         On-link       172.19.80.1    271
    172.19.95.255  255.255.255.255         On-link       172.19.80.1    271
       172.29.0.0    255.255.240.0         On-link        172.29.0.1    271
       172.29.0.1  255.255.255.255         On-link        172.29.0.1    271
    172.29.15.255  255.255.255.255         On-link        172.29.0.1    271
    192.168.248.0    255.255.255.0         On-link     192.168.248.1    291
    192.168.248.1  255.255.255.255         On-link     192.168.248.1    291
  192.168.248.255  255.255.255.255         On-link     192.168.248.1    291
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      172.16.10.20    257
        224.0.0.0        240.0.0.0         On-link    169.254.111.96    291
        224.0.0.0        240.0.0.0         On-link     192.168.248.1    291
        224.0.0.0        240.0.0.0         On-link   169.254.103.121    291
        224.0.0.0        240.0.0.0         On-link        172.29.0.1    271
        224.0.0.0        240.0.0.0         On-link       172.19.80.1    271
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      172.16.10.20    257
  255.255.255.255  255.255.255.255         On-link    169.254.111.96    291
  255.255.255.255  255.255.255.255         On-link     192.168.248.1    291
  255.255.255.255  255.255.255.255         On-link   169.254.103.121    291
  255.255.255.255  255.255.255.255         On-link        172.29.0.1    271
  255.255.255.255  255.255.255.255         On-link       172.19.80.1    271
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      172.16.10.1       1
          0.0.0.0          0.0.0.0     169.78.112.1      30
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
  4    291 fe80::/64                On-link
  6    291 fe80::/64                On-link
  9    291 fe80::/64                On-link
 49    271 fe80::/64                On-link
 56    271 fe80::/64                On-link
 49    271 fe80::3c5b:d849:4f9f:50a8/128
                                    On-link
  6    291 fe80::50e8:2628:d0d4:7965/128
                                    On-link
 56    271 fe80::a9c0:e3d9:d8e6:d1d7/128
                                    On-link
  9    291 fe80::c5c6:fe5c:5493:6779/128
                                    On-link
  4    291 fe80::f106:8d24:c897:6f60/128
                                    On-link
  1    331 ff00::/8                 On-link
  4    291 ff00::/8                 On-link
  6    291 ff00::/8                 On-link
  9    291 ff00::/8                 On-link
 49    271 ff00::/8                 On-link
 56    271 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\[redacted]>

trendy · April 30, 2021, 12:13pm

Install tcpdump on OpenWrt opkg update; opkg install tcpdump
Next time you face this issue run this command: tcpdump host 172.16.10.20 and post here the output.

ephidrineon · April 30, 2021, 1:04pm

Alright, just installed it. I'll be away for a couple of hours, after that I'll run the command and boot the PC to capture the input.

ephidrineon · April 30, 2021, 5:33pm

tcpdump data is in.

Explanatory: "DERDOMINATOR" is my machine's hostname. [my.local.domain] is something I redacted, I set it to local.[a domain which I actually own].

This is the tcpdump no. 1, I started this one and then hit the power button on the computer:
(too long, see https://pastebin.com/YRPiXDA4)

This one, I started, then disabled and enabled the network adapter, giving me a successful connection:
(too long, see: https://pastebin.com/42SRyrYT)

Edit: I just checked the system log and found that dnsmasq crashed. Could this be related/might I have an incorrectly configured dnsmasq?

eth1 = port that I plugged my laptop into (from which I captured the tcpdump)
eth4 = port which my desktop is plugged into

Fri Apr 30 17:06:24 2021 daemon.notice netifd: Network device 'eth1' link is up
Fri Apr 30 17:06:25 2021 daemon.warn dnsmasq[5190]: Ignoring query from non-local network
Fri Apr 30 17:06:27 2021 daemon.info dnsmasq[5190]: read /etc/hosts - 4 addresses
Fri Apr 30 17:06:27 2021 daemon.info dnsmasq[5190]: read /tmp/hosts/odhcpd - 0 addresses
Fri Apr 30 17:06:27 2021 daemon.info dnsmasq[5190]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Fri Apr 30 17:06:27 2021 daemon.info dnsmasq-dhcp[5190]: read /etc/ethers - 0 addresses
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq-dhcp[5190]: DHCPDISCOVER(br-lan) 172.16.10.212 [LAPTOP MACADDR]
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq-dhcp[5190]: DHCPOFFER(br-lan) 172.16.10.212 [LAPTOP MACADDR]
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq[5190]: read /etc/hosts - 4 addresses
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq[5190]: read /tmp/hosts/odhcpd - 1 addresses
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq[5190]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq-dhcp[5190]: read /etc/ethers - 0 addresses
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq-dhcp[5190]: DHCPREQUEST(br-lan) 172.16.10.212 [LAPTOP MACADDR]
Fri Apr 30 17:06:32 2021 daemon.info dnsmasq-dhcp[5190]: DHCPACK(br-lan) 172.16.10.212 [LAPTOP MACADDR] FABIAN-X250
Fri Apr 30 17:06:34 2021 daemon.info dnsmasq-dhcp[5190]: DHCPREQUEST(br-lan) 172.16.10.212 [LAPTOP MACADDR]
Fri Apr 30 17:06:34 2021 daemon.info dnsmasq-dhcp[5190]: DHCPACK(br-lan) 172.16.10.212 [LAPTOP MACADDR] FABIAN-X250
Fri Apr 30 17:06:42 2021 kern.info kernel: [76246.880265] dns listen[3189]: segfault at 7efd494448b4 ip 00007efd48c47a61 sp 00007efd48c06850 error 4 in libpcap.so.1[7efd48c44000+19000]
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: configfile: stat (/etc/collectd/conf.d) failed: No such file or directory
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "iwinfo" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "memory" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "cpu" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "load" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "rrdtool" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: rrdtool plugin: RRASingle = true: creating only AVERAGE RRAs
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "interface" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "uptime" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "dns" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: plugin_load: plugin "sensors" successfully loaded.
Fri Apr 30 17:06:48 2021 daemon.err collectd[9078]: Initialization complete, entering read-loop.
Fri Apr 30 17:07:06 2021 authpriv.info dropbear[9090]: Child connection from 172.16.10.212:58794
Fri Apr 30 17:07:06 2021 authpriv.notice dropbear[9090]: Password auth succeeded for 'root' from 172.16.10.212:58794
Fri Apr 30 17:08:02 2021 kern.info kernel: [76326.170143] e1000e: eth4 NIC Link is Down
Fri Apr 30 17:08:02 2021 kern.info kernel: [76326.178496] br-lan: port 5(eth4) entered disabled state
Fri Apr 30 17:08:02 2021 daemon.notice netifd: Network device 'eth4' link is down
Fri Apr 30 17:08:04 2021 kern.info kernel: [76328.910906] e1000e: eth4 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Fri Apr 30 17:08:04 2021 kern.info kernel: [76328.922832] br-lan: port 5(eth4) entered blocking state
Fri Apr 30 17:08:04 2021 kern.info kernel: [76328.932282] br-lan: port 5(eth4) entered forwarding state
Fri Apr 30 17:08:04 2021 daemon.notice netifd: Network device 'eth4' link is up
Fri Apr 30 17:09:40 2021 kern.info kernel: [76424.530147] e1000e: eth4 NIC Link is Down
Fri Apr 30 17:09:40 2021 kern.info kernel: [76424.538426] br-lan: port 5(eth4) entered disabled state
Fri Apr 30 17:09:40 2021 daemon.notice netifd: Network device 'eth4' link is down
Fri Apr 30 17:09:45 2021 kern.info kernel: [76429.471043] e1000e: eth4 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx
Fri Apr 30 17:09:45 2021 kern.info kernel: [76429.484057] br-lan: port 5(eth4) entered blocking state
Fri Apr 30 17:09:45 2021 kern.info kernel: [76429.493540] br-lan: port 5(eth4) entered forwarding state
Fri Apr 30 17:09:45 2021 daemon.notice netifd: Network device 'eth4' link is up
Fri Apr 30 17:12:25 2021 authpriv.info dropbear[9107]: Child connection from 172.16.10.20:1875
Fri Apr 30 17:12:25 2021 authpriv.notice dropbear[9107]: Password auth succeeded for 'root' from 172.16.10.20:1875

vgaetera · April 30, 2021, 7:09pm

You'd best remove that to avoid race conditions for sysntpd and https-dns-proxy.

When the issue happens, collect the diagnostics and post it to pastebin.com:

logread -e dnsmasq; head -v -n -0 /tmp/etc/dnsmasq.*; uci show dhcp; \
netstat -l -n -p | grep -e dnsmasq; pgrep -f -a dnsmasq

ephidrineon · May 1, 2021, 12:26am

I just disabled the custom DNS for WAN, it shouldn't resolve to those nameservers anyway since I'm running DNS-HTTPS-Proxy with dnsmasq.

The log command yielded the following: https://pastebin.com/qibXyPCH

vgaetera · May 1, 2021, 12:38am

According to your diagnostics, Dnsmasq is running and serving DHCP as usual.
There're successful DHCPREQUEST and DHCPACK messages for other clients.
Perhaps the issue is client/hardware-specific and unrelated to OpenWrt?

flygarn12 · May 1, 2021, 8:31am

One thing I notice when you say you have Static IP on the Win10 education (that is a very slim budget Windows installation function wise, even slimmer that Home version).
Have you set the Static IP in the OpenWRT or in Windows?

You could try have Automatic assign address in Win10 and set the Static IP in the DHCP server for that MAC. Then the router have total control over the IP addresses.

ephidrineon · May 1, 2021, 10:52am

I set the static IP in Windows, but also tried to assign a static lease in OpenWrt and have Windows pull it using DHCP to no avail.

Win 10 Education is basically Win 10 Enterprise/Pro, it just doesn't have the "value added software" that Win 10 Pro comes with.

Perhaps the issue is client/hardware-specific and unrelated to OpenWrt?

I'm pretty sure that's not the case. It did work fine in pfSense and in that same OpenWrt install for a couple of weeks, I switched to OpenWrt because of the superior wireless performance and the software features.

In vain, I ran Windows network diagnostics with a rather interesting output:

Windows Network Diagnostics
Issues found
The default gateway is not available / Not fixed
Investigate router or broadband modem issues / Failed
Reset the "Ethernet" adapter / Completed
An Ethernet cable is not properly plugged in or might be broken / Not fixed
Plug an Ethernet cable into the network adapter "Ethernet" / Failed

Issues found
The default gateway is not available / Not fixed
The default gateway is a device that connects a local network or computer to
the Internet. A broadband modem or router is usually the default gateway.
Investigate router or broadband modem issues / Failed
If you're connected to a hotspot or domain network, contact the network
administrator. 
Otherwise: 
1. Unplug or turn off the device. 
2. After all the lights on the device are off, wait at least 10 seconds. 
3. Turn the device on or plug it back into the power outlet. To restart a router or modem that has a built-in
battery, press and quickly release the Reset button.
Reset the "Ethernet" adapter / Completed
This can sometimes resolve an intermittent problem.

Network Diagnostics Log
File Name: 2979F427-A912-464D-A193-68FA7F439440.Repair.1.etl
An Ethernet cable is not properly plugged in or might be broken / Not fixed
Plug an Ethernet cable into the network adapter "Ethernet" / Failed
An Ethernet cable looks like a telephone cable but with larger connectors on
the ends. Plug this cable into the opening on the back or side of the computer.
Make sure the other end of the cable is plugged into the router. If that does
not help, try using a different cable.

Detection details
Diagnostics Information (Network Adapter)
Details about network adapter diagnosis:
Network adapter Ethernet driver information:
Description . . . . . . . . . . : Realtek PCIe GbE Family Controller
Manufacturer . . . . . . . . . : Realtek
Provider . . . . . . . . . . . : Microsoft
Version . . . . . . . . . . . : 9.1.410.2015
Inf File Name . . . . . . . . . : C:\Windows\INF\rt640x64.inf
Inf File Date . . . . . . . . . : Saturday, 7 December 2019 09:07:54
Section Name . . . . . . . . . : RTL8168Series.ndi
Hardware ID . . . . . . . . . . : pci\ven_10ec&dev_8168&rev_11
Instance Status Flags . . . . . : 0x180200a
Device Manager Status Code . . : 0
IfType . . . . . . . . . . . . : 6
Physical Media Type . . . . . . : 14

Network Diagnostics Log
File Name: 2979F427-A912-464D-A193-68FA7F439440.Diagnose.0.etl
Other Networking Configuration and Logs
File Name: NetworkConfiguration.cab
Collection information
Computer Name: DERDOMINATOR
Windows Version: 10.0
Architecture: x64
Time: Saturday, May 1, 2021 12:39:25 PM
Publisher details
Windows Network Diagnostics
Detects problems with network connectivity.
Package Version: 4.0
Publisher: Microsoft Windows

This starts to look more and more like stubborn Windows.

I've tested the Ethernet cable I'm currently using with a cable tester, all passes. I will now try to update the network card driver with the latest drivers from my motherboard manufacturer. Somewhere lies an issue and I want to find where.

Update: After updating to the latest Realtek driver, I shut down the computer, waited a moment and booted back up, and am immediately connected. I'll see if it works after the computer has been turned off for a couple of hours and report back.

trendy · May 1, 2021, 11:52am

No issues here. The win10 is asking for the mac of the router and gets the reply many times. The rest is multicast queries. I didn't see any ping.

In this one the win10 initiated some connections, which didn't happen in the previous capture.

ephidrineon · May 2, 2021, 10:14am

I have it fixed. After I updated the drivers of my onboard NIC, I just booted up the machine and was immediately connected.

Thanks everyone!

system · May 12, 2021, 10:14am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.