DHCP Issue with 2 OpenWrt Routers

Installing and Using OpenWrt Network and Wireless Configuration
1

Hi guys,
I'm currently trying to setup my 2 OpenWRT Routers, the TP-Link WR1043ND and the TP-Link CPE 210.
The CPE210 is used as a client to connect to another Router and masquarade all the traffic from the LAN.
The WR1043ND is connected via Ethernet to the CPE210 and i bridged the LAN and Wifi interface, so that every device should be able to communicate inside the LAN.

The problem now is, that I want to use the CPE210 as the DHCP Server in the Lan, which is not working (Of course i disabled the DHCP Server for the WR1043ND).

I tried to describe the setup with this picture, maybe it helps understanding the situation.

setup
setup2304×1296 71.7 KB

When i try to connect now to the Wifi (of the WR1043ND) with my Smartphone/ Laptop it's always stuck when trying to obtain an IP address.

Here is what i found in the logs from the CPE210:

Wed Feb 19 17:39:22 2020 daemon.notice netifd: Network device 'eth0' link is down
Wed Feb 19 17:39:22 2020 kern.info kernel: [ 1776.984080] eth0: link down
Wed Feb 19 17:39:22 2020 kern.info kernel: [ 1776.989124] br-lan: port 1(eth0.1) entered disabled state
Wed Feb 19 17:39:22 2020 kern.info kernel: [ 1776.994939] br-lan: port 2(eth0.2) entered disabled state
Wed Feb 19 17:39:22 2020 daemon.err odhcp6c[3761]: Failed to send RS (Permission denied)
Wed Feb 19 17:39:22 2020 daemon.notice netifd: VLAN 'eth0.1' link is down
Wed Feb 19 17:39:22 2020 daemon.notice netifd: VLAN 'eth0.2' link is down
Wed Feb 19 17:39:22 2020 daemon.notice netifd: Interface 'wan' has link connectivity loss
Wed Feb 19 17:39:22 2020 daemon.notice netifd: Interface 'wan6' has link connectivity loss
Wed Feb 19 17:39:22 2020 daemon.err odhcp6c[3761]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:22 2020 daemon.notice netifd: wan (3760): udhcpc: received SIGTERM
Wed Feb 19 17:39:23 2020 daemon.notice netifd: bridge 'br-lan' link is down
Wed Feb 19 17:39:23 2020 daemon.notice netifd: Interface 'lan' has link connectivity loss
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Network device 'eth0' link is up
Wed Feb 19 17:39:27 2020 kern.info kernel: [ 1781.575026] eth0: link up (1000Mbps/Full duplex)
Wed Feb 19 17:39:27 2020 kern.info kernel: [ 1781.581116] br-lan: port 1(eth0.1) entered blocking state
Wed Feb 19 17:39:27 2020 kern.info kernel: [ 1781.586675] br-lan: port 1(eth0.1) entered forwarding state
Wed Feb 19 17:39:27 2020 kern.info kernel: [ 1781.592555] br-lan: port 2(eth0.2) entered blocking state
Wed Feb 19 17:39:27 2020 kern.info kernel: [ 1781.598082] br-lan: port 2(eth0.2) entered forwarding state
Wed Feb 19 17:39:27 2020 daemon.notice netifd: VLAN 'eth0.1' link is up
Wed Feb 19 17:39:27 2020 daemon.notice netifd: VLAN 'eth0.2' link is up
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Interface 'wan' has link connectivity
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Interface 'wan' is setting up now
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Interface 'wan6' has link connectivity
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Interface 'wan6' is setting up now
Wed Feb 19 17:39:27 2020 daemon.notice netifd: bridge 'br-lan' link is up
Wed Feb 19 17:39:27 2020 daemon.notice netifd: Interface 'lan' has link connectivity
Wed Feb 19 17:39:27 2020 daemon.notice netifd: wan (3876): udhcpc: started, v1.28.4
Wed Feb 19 17:39:27 2020 daemon.err odhcp6c[3878]: Failed to send RS (Permission denied)
Wed Feb 19 17:39:27 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:27 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:27 2020 daemon.notice netifd: wan (3876): udhcpc: sending discover
Wed Feb 19 17:39:28 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:28 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:29 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:30 2020 daemon.notice netifd: wan (3876): udhcpc: sending discover
Wed Feb 19 17:39:30 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:31 2020 daemon.err odhcp6c[3878]: Failed to send RS (Permission denied)
Wed Feb 19 17:39:31 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:33 2020 daemon.notice netifd: wan (3876): udhcpc: sending discover
Wed Feb 19 17:39:35 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:35 2020 daemon.err odhcp6c[3878]: Failed to send RS (Permission denied)
Wed Feb 19 17:39:35 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:39 2020 daemon.err odhcp6c[3878]: Failed to send RS (Permission denied)
Wed Feb 19 17:39:42 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:43 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:39:59 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:39:59 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:04 2020 daemon.notice netifd: Network device 'eth0' link is down
Wed Feb 19 17:40:04 2020 kern.info kernel: [ 1818.804089] eth0: link down
Wed Feb 19 17:40:04 2020 kern.info kernel: [ 1818.809145] br-lan: port 1(eth0.1) entered disabled state
Wed Feb 19 17:40:04 2020 kern.info kernel: [ 1818.814960] br-lan: port 2(eth0.2) entered disabled state
Wed Feb 19 17:40:04 2020 daemon.err odhcp6c[3878]: Failed to send RS (Permission denied)
Wed Feb 19 17:40:04 2020 daemon.notice netifd: VLAN 'eth0.1' link is down
Wed Feb 19 17:40:04 2020 daemon.notice netifd: VLAN 'eth0.2' link is down
Wed Feb 19 17:40:04 2020 daemon.notice netifd: Interface 'wan' has link connectivity loss
Wed Feb 19 17:40:04 2020 daemon.notice netifd: Interface 'wan6' has link connectivity loss
Wed Feb 19 17:40:04 2020 daemon.notice netifd: wan (3876): udhcpc: received SIGTERM
Wed Feb 19 17:40:05 2020 daemon.err odhcp6c[3878]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:05 2020 daemon.notice netifd: bridge 'br-lan' link is down
Wed Feb 19 17:40:05 2020 daemon.notice netifd: Interface 'lan' has link connectivity loss
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Network device 'eth0' link is up
Wed Feb 19 17:40:10 2020 kern.info kernel: [ 1824.926994] eth0: link up (1000Mbps/Full duplex)
Wed Feb 19 17:40:10 2020 kern.info kernel: [ 1824.933227] br-lan: port 1(eth0.1) entered blocking state
Wed Feb 19 17:40:10 2020 kern.info kernel: [ 1824.938794] br-lan: port 1(eth0.1) entered forwarding state
Wed Feb 19 17:40:10 2020 kern.info kernel: [ 1824.944699] br-lan: port 2(eth0.2) entered blocking state
Wed Feb 19 17:40:10 2020 kern.info kernel: [ 1824.950189] br-lan: port 2(eth0.2) entered forwarding state
Wed Feb 19 17:40:10 2020 daemon.notice netifd: VLAN 'eth0.1' link is up
Wed Feb 19 17:40:10 2020 daemon.notice netifd: VLAN 'eth0.2' link is up
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Interface 'wan' has link connectivity
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Interface 'wan' is setting up now
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Interface 'wan6' has link connectivity
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Interface 'wan6' is setting up now
Wed Feb 19 17:40:10 2020 daemon.notice netifd: bridge 'br-lan' link is up
Wed Feb 19 17:40:10 2020 daemon.notice netifd: Interface 'lan' has link connectivity
Wed Feb 19 17:40:10 2020 daemon.notice netifd: wan (3975): udhcpc: started, v1.28.4
Wed Feb 19 17:40:10 2020 daemon.err odhcp6c[3977]: Failed to send RS (Permission denied)
Wed Feb 19 17:40:10 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:11 2020 daemon.notice netifd: wan (3975): udhcpc: sending discover
Wed Feb 19 17:40:11 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:11 2020 daemon.warn odhcpd[904]: DHCPV6 REQUEST IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:12 2020 daemon.info dnsmasq[1553]: read /etc/hosts - 4 addresses
Wed Feb 19 17:40:12 2020 daemon.info dnsmasq[1553]: read /tmp/hosts/odhcpd - 1 addresses
Wed Feb 19 17:40:12 2020 daemon.info dnsmasq[1553]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Wed Feb 19 17:40:12 2020 daemon.info dnsmasq-dhcp[1553]: read /etc/ethers - 0 addresses
Wed Feb 19 17:40:12 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:12 2020 daemon.warn odhcpd[904]: DHCPV6 REQUEST IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:13 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:13 2020 daemon.info dnsmasq[1553]: read /etc/hosts - 4 addresses
Wed Feb 19 17:40:13 2020 daemon.info dnsmasq[1553]: read /tmp/hosts/odhcpd - 0 addresses
Wed Feb 19 17:40:13 2020 daemon.info dnsmasq[1553]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Wed Feb 19 17:40:13 2020 daemon.info dnsmasq-dhcp[1553]: read /etc/ethers - 0 addresses
Wed Feb 19 17:40:14 2020 daemon.notice netifd: wan (3975): udhcpc: sending discover
Wed Feb 19 17:40:14 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:14 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:14 2020 daemon.err odhcp6c[3977]: Failed to send RS (Permission denied)
Wed Feb 19 17:40:16 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:17 2020 daemon.notice netifd: wan (3975): udhcpc: sending discover
Wed Feb 19 17:40:18 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:18 2020 daemon.err odhcp6c[3977]: Failed to send RS (Permission denied)
Wed Feb 19 17:40:20 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:22 2020 daemon.err odhcp6c[3977]: Failed to send RS (Permission denied)
Wed Feb 19 17:40:27 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)
Wed Feb 19 17:40:28 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:44 2020 daemon.warn odhcpd[904]: DHCPV6 SOLICIT IA_NA from 0001000120fd68d1bcee7b112ce1 on br-lan: ok fdc4:43a1:617a::409/128
Wed Feb 19 17:40:45 2020 daemon.err odhcp6c[3977]: Failed to send DHCPV6 message to ff02::1:2 (Permission denied)

I don't understand why it's always complaining about DHCPv6 which i'm not even trying to use. I would be fine if IPv4 is working.
Any ideas?

2

the permission denied stuff is extremely suspicious. my advice is download the latest release and flash it without keeping settings, then set up the WWAN client interface. everything else should work out of the box.

also make sure you have set up the dumb AP to be dumb... turn off DHCP server etc.

3

@4Style,

Did you disable outbound traffic on your OpenWrt?

4

@lleachii Honestly, i don't know. Where do i have to check it? At the CPE210 or WR1043ND?

@dlakelan Yeah this would be my last idea, but my configuration worked a few weeks ago, so i thought maybe you guys can help me finding the issue.

5

Huh...You don't know if you edited a firewall?

  • First, you check on the device giving TX permission denied in the log (which would make this unrelated to OpenWrt)
  • Next, you also make sure you don't have a DROP rule on your OpenWrt firewalls - since they're LAN devices only

Did you make any changes to the default configs other than:

  • connecting to WiFi on one device on the CPE210?

What does this mean?

The LAN is already bridged to the LAN ports and WiFis by default.

I would simply:

  • Disable DHCP
  • Static address the WR1043ND in the same LAN subnet as the CPE210 (e.g. 192.168.x.2)
  • Plug a cable into a LAN port to the LAN port of the CPE210

In this situation -without more detailed configs, the remaining LAN ports and WiFi should get DHCP and connectivity from the CPE210.

6

I'm sorry, I mixed up with that bridge thing. You are correct the WLAN and LAN were already bridged by default.
I did exactly what you described in your steps, gave the WR1043ND the IP 192.168.1.2 and the CPE 192.168.1.1, disabled DHCP for the WR1043ND and connected them both.

The device where I got the logs from is the CPE210, i also installed Travelmate, WPAD instead of WPAD Mini (to connect to an WPS-EAP wifi), and disabled the IPV6 because it's not used.
The firewall on the CPE should be as open as possible, but i have to check the settings on the WR1043ND yet, maybe there is the mistake.

Imgur
Imgur

7

Maybe just reset to defaults. I'd have no clue why eth0.1 (LAN) and eth0.2 (WAN) are together; and no clue what interface you photographed. That is very wrong.

8

The picture is from the LAN Interface of the CPE210
The CPE210 has 2 lan ports, but by default only one was assigned to the LAN zone if i remember correctly.
So i added the second one also to the LAN interface.
But nevermind, i will continue to try a fews around but if nothing helps i will have to reset it i guess.

9

Disconnect the WR1043 and set it aside for now. Get the CPE210 working to serve your laptop wired.

And yes you should start there with a default configuration. Put the second Ethernet vlan in lan but more importantly remove it from wan. Set up a wifi client to the AP you are using as the source of Internet and attach it to wan. wan must not be a bridge and it must contain only the wifi client. Set up the client manually do not use the "Join network" button in LuCI.

Then make sure the IP you get from the ISP is not in the 192.168.1.0 range. If it is, you need to change lan to something else.

1 Like
10

:man_facepalming:

Like the Wifi, the LAN ports should be bound to VLAN1 (eth0.1/LAN) by default by too.

I agree with @mk24, start with the CPE210.

11

All right guys thank you, i will see what i can do and check if the second ethernet vlan is not in the wan zone.
I'm obviously not an expert in this whole VLAN thing, so i guess i will have to to a bit of research.

12

all you need to do is change the second ports VLAN assignment, not bridge the two VLANs.

1 Like
13

Yes, this definitly did the trick, but i had to reset the router before. Internet is working now :smiley:
Thank you all very much :slight_smile:

One last question tho: How should i configure the firewall on the CPE210?
I guess from LAN-> WAN everything should be allowed right? + Masquerading
And from WAN->LAN and what is about the Input, Output, Forward section?

14

For the normal usage the firewall works out of the box, if you reset the router then just use the default firewall until you have a specific reason to change it.

3 Likes
15

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.