- Or you could have simply renumbered LAN to 192.168.0.0/24 instead of creating LAN2
The LAN (192.168.0.1) interface is disabled, and I am using LAN2 (192.168.1.1)
- Also, it's not clear why you're using /28 (netmask 255.255.255.240), but I suggest setting it back at /24
I don't have many devices, so I limited the range and reserved the MAC address.
Please provide the output of:
ip -4 route
Let’s see the complete config of this OpenWrt router.
Also, are there any other routers/APs in your network currently?
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button (red circle; this works best in the 'Markdown' composer view in the blue oval):
Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
id say your windows (or apple or droid) isset to super-privacy mode changing MAC too often and using up 13 IPs available in that subnet.
Make bigger subnet/shorter leases.
Interesting - and very possible.
Assuming this is still current...
and this is also current...
The DHCP pool range is invalid for the network size defined.
But...
What specifically is this referring to? The computer? The router?
I don't see the 192.168.0.0/24 network anywhere in the config, so these addresses don't make any sense.
While this is possible, it wouldn't affect static IPs (outside the DHCP range) which is what the title of this thread describes as one of the issues. That said, if the OP is setting a static IP on a host that is within the DHCP pool, that would be problematic.
@RSHARM - please post the complete config as it is currently setup. There are inconsistencies even within this thread, so we need to see the latest.
A /28
Post No. 1. But [the OP says LAN 1 is disabled and] the network is now identical to WAN.
Hence I asked for ip -4 route to ensure LAN [1] is truly disabled.
Thanks... It looks like this is using the same bridge as the lan interface. IIRC, this was called out by someone in this thread, but not sure if it got fixed.
Sure would be nice if @RSHARM would post the latest config for us to see if they fixed things (or made them worse)
ip -4 route
/etc/config$ ip -4 route
default via 192.168.100.1 dev wan proto static src 192.168.100.2
*.*.*.* via 192.168.100.1 dev wan proto static
192.168.0.0/28 dev br-lan proto kernel scope link src 192.168.0.1
192.168.2.0/28 dev br-private proto kernel scope link src 192.168.2.1 linkdown
192.168.100.0/24 dev wan proto kernel scope link src 192.168.100.2
I am using real MAC, and random MACs are per SSID (aka not set to change daily)
[quote="RSHARM, post:17, topic:244865"]
I have to keep chaing stating IP eg - between192.168.0.2 and .3
[/quote]
What specifically is this referring to? The computer? The router?
I don't see the 192.168.0.0/24 network anywhere in the config, so these addresses don't make any sense.
LAN client, aka my computer
I don't see the 192.168.0.0/24 network anywhere in the config, so these addresses don't make any sense.
My WAN uses 192.168.1.1 or 192.168.100.1
LAN uses 192.168.0.1
Nothing is 192.168.0.0 what are you alking about ?
If a device has an address that is 192.168.0.1, it is part of the 192.168.0.0/< something > network...
Please post your complete configs.
/etc/config$ cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option steering_flows '128'
option ula_prefix 'fd00::/8'
config device
option name 'br-lan'
option type 'bridge'
option macaddr '00:00:00:00:00:00'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option delegate '0'
option auto '0'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option peerdns '0'
list dns '127.0.0.1'
option hostname ''
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option norelease '1'
option peerdns '0'
list dns '0::1'
option delegate '0'
config interface 'Wireguard'
option proto 'wireguard'
list addresses '10.2.0.2/32'
option private_key '='
list dns '127.0.0.1'
list dns '0::1'
config interface 'guest'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.240'
option device 'br-guest'
list dns '127.0.1.1'
option delegate '0'
option auto '0'
config interface 'private'
option proto 'static'
option ipaddr '192.168.2.1'
option device 'br-private'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option delegate '0'
config device
option type 'bridge'
option name 'br-guest'
option bridge_empty '1'
list ports 'lan4'
option macaddr '00:00:00:00:00:00'
config device
option type 'bridge'
option name 'br-private'
option bridge_empty '1'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config device
option type 'bridge'
option name 'br-server'
option bridge_empty '1'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config interface 'server'
option proto 'static'
option ipaddr '192.168.4.1'
option device 'br-server'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option auto '0'
config device
option name 'wan'
option macaddr '00:00:00:00:00:00'
config device
option name 'eth0'
config interface 'wwan'
option proto 'dhcp'
option auto '0'
option disabled '1'
config device
config wireguard_Wireguard
option description 'Config Example'
option public_key '='
option private_key ''
list allowed_ips '0.0.0.0/0'
option persistent_keepalive '25'
option endpoint_host ''
option disabled '1'
config interface 'serverlocal'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option device 'br-serverlocal'
option auto '0'
config device
option type 'bridge'
option name 'br-serverlocal'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config wireguard_Wireguard
option description '.conf'
option public_key '+='
option private_key '/='
option persistent_keepalive '25'
option endpoint_host ''
list allowed_ips '0.0.0.0/0'
list allowed_ips '::/0'
option disabled '1'
config wireguard_Wireguard
option description '.conf'
option public_key '+='
option private_key '+'
option persistent_keepalive '25'
option endpoint_host ''
list allowed_ips '0.0.0.0/0'
option disabled '1'
config wireguard_Wireguard
option description '1.conf'
option public_key '='
option private_key '+='
option persistent_keepalive '25'
option endpoint_host ''
list allowed_ips '0.0.0.0/0'
list allowed_ips '::/0'
config interface 'lan2'
option proto 'static'
option device 'br-lan'
option ipaddr '192.168.0.1'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option delegate '0'
option ip6ifaceid '::1'
config interface 'free'
option proto 'static'
option ipaddr '192.168.98.1'
option netmask '255.255.255.240'
list dns '127.0.0.1'
option device 'br-free'
option delegate '0'
option auto '0'
config device
option type 'bridge'
option name 'br-free'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
option bridge_empty '1'
There are numerous problems already visible, but before I get into them, please post the other config files.
Incorrect.
The results of this command don't match what's seen in your configuration.
I don't know why they keep changing it
WAN isn't the only problem. Most of the networks in your configuration are missing from the route command.
Still waiting to see the other config files... will those be shared?
Well, I'm guessing that we're not going to see the rest of the config (dhcp, wireless, firewall) since it's been over an hour since network file was posted.
That said, the network file is a mess. It has a ton of issues and it's probably not worth trying to clean it up because it is more complex and time consuming to fix this than to start over from scratch. Combine that with the likely similar situation we'd find in the other files.
From what I can tell here, the problem is not due to any bug or singular misconfiguration, but rather a massively misconfigured setup that lacks clarity of the goals.
My suggestion, therefore, would be to completely reset to defaults and start over. It's probably best to start with a description of the goals and build one network at a time to reach the goals... ideally using the documentation in the OpenWrt wiki for proper implementation and then reviews here to spot and correct any issues before they are amplified by multiple overlapping errors.
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
list server '127.0.0.1#5453'
list server '0::1#5453'
list rebind_domain 'time.android.com'
option stripmac '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '25'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option force '1'
config dhcp 'lan2'
option interface 'lan2'
option start '100'
option limit '20'
option leasetime '12h'
option force '1'
option ra 'server'
option dhcpv6 'server'
list ntp '192.168.0.1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
option piofolder '/tmp/odhcpd-piofolder'
config dhcp 'private'
option interface 'private'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
config dhcp 'serverweb'
option interface 'server'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
config dhcp 'serverlocal'
option interface 'serverlocal'
option start '100'
option limit '150'
option leasetime '12h'
config host
option name 'Censored'
option ip '192.168.1.2'
list mac '00:00:00:00:00:00'
config host
option name 'Censored'
list mac '00:00:00:00:00:00'
option ip '192.168.1.3'
option leasetime 'infinite'
list tag 'Phone'
config host
option name 'Censored'
option ip '192.168.1.4'
list mac '00:00:00:00:00:00'
list tag 'Desktop'
option duid 'Censored'
config host
option name 'Censored'
option ip '192.168.1.5'
config host
option name 'Censored'
list mac '00:00:00:00:00:00'
option ip '192.168.4.6'
config host
option name 'Censored'
option ip '192.168.1.6'
option mac '00:00:00:00:00:00'
list tag 'Adaptor'
config host
option name 'Censored'
option ip '192.168.1.7'
config host
option name 'Censored'
option ip '192.168.1.8'
config host
option name 'Censored'
option ip '192.168.1.9'
option mac '00:00:00:00:00:00'
option leasetime 'infinite'
list tag 'Phone'
config host
option name 'Censored'
option ip '192.168.1.10'
option leasetime 'infinite'
list tag 'Laptop'
config host
option name 'Censored'
option ip '192.168.1.11'
option leasetime 'infinite'
config host
option name 'Censored'
option leasetime 'infinite'
option ip '192.168.1.12'
list tag 'Phone'
config host
option name 'Censored'
option ip '192.168.1.13'
option leasetime 'infinite'
option mac '00:00:00:00:00:00'
list tag 'Phone'
config host
option name 'Censored'
option ip '192.168.1.14'
list mac '00:00:00:00:00:00'
option leasetime 'infinite'
config host
option name 'Censored'
option ip '192.168.1.15'
config host
option name 'Censored'
option ip '192.168.2.2'
list tag 'TV'
config host
option name 'Censored'
list mac '00:00:00:00:00:00'
option ip '192.168.2.3'
option leasetime 'infinite'
list tag 'Phone'
config host
option name 'Censored'
list mac '00:00:00:00:00:00'
option ip '192.168.2.4'
option leasetime 'infinite'
config host
option name 'Censored'
list mac '00:00:00:00:00:00'
option ip '192.168.2.5'
option leasetime 'infinite'
list tag 'Phone'
config host
list mac '00:00:00:00:00:00'
option ip '192.168.2.6'
option name 'Censored'
option leasetime 'infinite'
list tag 'Phone'
config ipset
list name '192.168.1.9-192.168.1.12'
list domain 'User.lan'
option table_family 'inet'
config ipset
list domain 'NotMine.local'
list name '192.168.1.8-192.168.1.12'
option table_family 'inet'
config ipset
list name '192.168.1.8'
list name '192.168.1.9'
list name '192.168.1.12'
list domain 'NotMineMobiles.lan'
option table_family 'inet'
config ipset
list domain 'facebook.com'
list name 'facebook.com'
option table_family 'inet'
config host
option name 'Censored'
config host
option name 'Censored'
/etc/config$ cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option steering_flows '128'
option ula_prefix 'fd00::/8'
config device
option name 'br-lan'
option type 'bridge'
option macaddr '00:00:00:00:00:00'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option delegate '0'
config interface 'lan2'
option proto 'static'
option device 'br-lan'
option ipaddr '192.168.0.1'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option delegate '0'
option ip6ifaceid '::1'
option auto '0'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option peerdns '0'
list dns '127.0.0.1'
option hostname 'Cisco'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option norelease '1'
option peerdns '0'
list dns '0::1'
option delegate '0'
config device
option name 'eth0'
config device
option name 'wan'
option macaddr '00:00:00:00:00:00'
config interface 'wwan'
option proto 'dhcp'
option auto '0'
option disabled '1'
config interface 'Wireguard'
option proto 'wireguard'
list addresses '10.2.0.2/32'
option private_key '='
list dns '127.0.0.1'
list dns '0::1'
config interface 'guest'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.240'
option device 'br-guest'
list dns '127.0.1.1'
option delegate '0'
option auto '0'
config interface 'private'
option proto 'static'
option ipaddr '192.168.2.1'
option device 'br-private'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option delegate '0'
config device
option type 'bridge'
option name 'br-guest'
option bridge_empty '1'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config device
option type 'bridge'
option name 'br-private'
option bridge_empty '1'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config device
option type 'bridge'
option name 'br-server'
option bridge_empty '1'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config interface 'server'
option proto 'static'
option ipaddr '192.168.4.1'
option device 'br-server'
option netmask '255.255.255.240'
list dns '127.0.0.1'
list dns '0::1'
option ip6ifaceid '::1'
option auto '0'
config device
config interface 'serverlocal'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option device 'br-serverlocal'
option auto '0'
config device
option type 'bridge'
option name 'br-serverlocal'
option macaddr '00:00:00:00:00:00'
option ipv6 '0'
config wireguard_Wireguard
option description ' '
option public_key '='
option private_key '+='
list allowed_ips '0.0.0.0/0'
option persistent_keepalive '25'
option endpoint_host ''
option disabled '1'
config wireguard_Wireguard
option description '.'
option public_key '/='
option private_key '+='
option endpoint_host ''
list allowed_ips '0.0.0.0/0'
option persistent_keepalive '25'
config wifi-device 'radio0'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option band '2g'
option cell_density '1'
option country 'US'
option htmode 'HT40'
option channel '6'
option txpower '20'
option ldpc '0'
config wifi-device 'radio1'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option band '5g'
option cell_density '3'
option country 'US'
option channel '100'
option htmode 'VHT80'
option txpower '21'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'SSID'
option key 'Censored'
option encryption 'sae-mixed'
option wpa_disable_eapol_key_retries '1'
option macaddr '00:00:00'
option ocv '0'
option isolate '1'
option ieee80211w '1'
option ifname 'Censored'
option disassoc_low_ack '0'
config wifi-iface 'Wifi_Main_2Ghz'
option device 'radio0'
option network 'lan2'
option mode 'ap'
option ssid 'SSID'
option ifname 'Censored'
option key 'Censored'
option encryption 'sae-mixed'
option wpa_disable_eapol_key_retries '1'
option macaddr '00:00:00'
option ocv '0'
option isolate '1'
option ieee80211w '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option wpa_disable_eapol_key_retries '1'
option network 'lan'
option ssid 'SSID'
option key 'Censored'
option encryption 'sae-mixed'
option macaddr '00:00:00'
option ieee80211w '2'
option isolate '1'
option ocv '1'
option ifname 'Censored'
config wifi-iface 'Wifi_Min_5Ghz'
option device 'radio1'
option mode 'ap'
option wpa_disable_eapol_key_retries '1'
option network 'lan2'
option ifname 'Censored'
option ssid 'SSID'
option key 'Censored'
option encryption 'sae-mixed'
option macaddr '00:00:00'
option ieee80211w '1'
option ocv '0'
option isolate '1'
option disabled '1'
list maclist 'Censored'
list maclist 'Censored'
list maclist 'Censored'
config wifi-iface 'WifiPrivate2Ghz'
option device 'radio0'
option mode 'ap'
option wpa_disable_eapol_key_retries '1'
option ifname 'Censored'
option key 'Censored'\''/3Yv('
option ssid 'SSID'
option encryption 'sae-mixed'
option network 'private'
option macaddr '00:00:00'
option ocv '0'
list maclist 'Censored'
list maclist 'Censored'
list maclist 'Censored'
list maclist 'Censored'
option skip_inactivity_poll '1'
option disabled '1'
config wifi-iface 'WifiPrivate5Ghz'
option device 'radio1'
option mode 'ap'
option encryption 'sae-mixed'
option wpa_disable_eapol_key_retries '1'
option ifname 'Censored'
option key 'Censored'
option ssid 'SSID'
option network 'private'
option macaddr '00:00:00'
option ieee80211w '1'
option ocv '0'
list maclist 'Censored'
option disabled '1'
config wifi-iface 'WifiGuest'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'sae-mixed'
option isolate '1'
option ifname 'Censored'
option macaddr '00:00:00'
option key 'Censored'
option ieee80211w '1'
option wpa_disable_eapol_key_retries '1'
option network 'Guest guest'
option ocv '0'
option disabled '1'
config wifi-iface 'WifiServer'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'sae-mixed'
option macaddr '00:00:00'
option key 'Censored'
option network 'server'
option isolate '1'
option ifname 'Censored'
option ocv '0'
option disabled '1'
config wifi-iface 'WifiClient'
option device 'radio0'
option mode 'sta'
option network 'wwan'
option ssid 'SSID'
option encryption 'sae'
option key 'Censored'
option macaddr '00:00:00'
option ocv '0'
option disabled '1'
option ifname 'Censored'
config wifi-iface 'monitor'
option device 'radio1'
option mode 'monitor'
option network 'lan'
option ifname 'Censored'
option macaddr '00:00:00'
option ssid 'SSID'
option disabled '1'
config wifi-iface 'mesh'
option device 'radio0'
option mode 'mesh'
option mesh_fwding '1'
option mesh_rssi_threshold '0'
option key 'Censored'
option encryption 'none'
option mesh_id '80211s'
option macaddr '00:00:00'
option disabled '1'
config wifi-iface 'adhoc'
option device 'radio0'
option mode 'adhoc'
option ssid 'SSID'
option macaddr '00:00:00'
option ifname 'Censored'
option encryption 'none'
option key 'Censored'
option disabled '1'
config wifi-iface 'wifinet12'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'sae-mixed'
option ifname 'Censored'
option macaddr '00:00:00'
option key 'Censored'\'''
option ocv '0'
config wifi-iface 'wifinet15'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'sae-mixed'
option macaddr '00:00:00'
option key 'Censored'
option ocv '0'
option ifname 'Censored'
config wifi-iface 'wifinet17'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'psk2'
option macaddr '00:00:00'
option key 'Censored'
option ifname 'Censored'
config wifi-iface 'wifinet21'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'owe'
option macaddr '00:00:00'
option key 'Censored'
option ocv '2'
config wifi-iface 'wifinet23'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option encryption 'psk2'
option macaddr '00:00:00'
option key 'Censored'
config wifi-iface 'wifinet24'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'\''s wifi'
option encryption 'psk2'
option macaddr '00:00:00'
option key 'Censored'