DHCP is not working when bridge interface is created

shujau · June 21, 2021, 10:59pm

DHCP on OpenWrt stopped working when I created a bridge connection on the same physical interface. I am using OpenWrt release 19.07.4 on OrangePI Zero LTS . Here is my configuration

/etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.1.254'
        option netmask '255.255.255.0'
        option ipv6 'off'

config interface 'brg'
        option proto 'static'
        option ifname 'eth0'
        option type 'bridge'
        option netmask '255.255.255.0'
        option ipaddr '192.168.200.254'
        option gateway '192.168.200.1'
        list dns '8.8.8.8'

/etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'disabled'
        option dhcpv4 'server'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'

If I remove the Bridge interface DHCP works fine.
Appreciate any help.

trendy · June 22, 2021, 11:28am

Add the bridge on lan interface.
On brg interface remove the bridge and use ifname @lan
https://openwrt.org/docs/guide-user/network/network_interface_alias

shujau · June 22, 2021, 6:14pm

Thanks Trendy.
When I changed the configuration, as you have mentioned, interface is not available with the command ifconfig.

mk24 · June 22, 2021, 6:19pm

How are you expecting this to work? When a DHCP request arrives on eth0, should it be issued a 192.168.1.X IP from the lan pool or a 192.168.200.X from the brg pool?

Generally you should not have a physical interface in more than one network.

trendy · June 22, 2021, 7:07pm

I am not sure what you expected to happen, but what you are doing is IP alias, which is adding another IP on an interface.
Can you post the output of ip -4 addr ?

mk24 · June 22, 2021, 7:56pm

The bridge is the interface. The bridge holds the IP address(es), and all the ports in the bridge use it (more completely, packets destined for the kernel on any of the ports will be layer 2 switched to the kernel port of the bridge, which has the IP address). Physical ports once attached to a bridge lose most of their identity with the kernel-- they can't have their own IP address.

@shujau, what is the use case? What network situation are you trying to implement-- apparently a situation where one port needs to do two things?

shujau · June 23, 2021, 2:00am

Thanks for the reply MK24.
It seems that my design is not sensible. Let me explain the use case.

I have operator1 who use a PPPoE connection from the fiber ONT for the broadband internet. I have managed to bridge the connection on the ONT and terminate the PPPoE session on OpenWrt. So I have two interfaces on the OpenWrt, one PPPoE interface and the second ethernet interface for LAN and I have option to apply the firewall rules and traffic control (https://tldp.org/HOWTO/Traffic-Control-HOWTO/intro.html) and manage the bandwidth used by the clients on LAN.

Now I switched to operator2 who uses IPoE connection, and I am trying to understand how this can be done. This works if I use a 2 ethernet port device like Orange PI R1, one to terminate the IPoE connection and the other for LAN. I am trying to achieve this with a single port device. Appreciate if you can advise a suggestion.

mk24 · June 23, 2021, 3:27am

This can work but you need to have a "managed" Ethernet switch which can parse VLAN tags and send the packets into different networks. The situation is called a "one armed router" or "router on a stick" due to the single cable handling multiple networks through VLAN tags.

To invoke VLAN tagging on an OpenWrt CPU Ethernet port, just use the notation eth0.N where N is a unique number for each network, and configure the switch with the same numbers.

shujau · June 23, 2021, 9:26am

Yeah, I know about "router on a stick". In my case I want to reduce the device, even the ports in the device. The fiber ONT which I have doesn't support VLAN tagging. Otherwise this would have been very easy for me.