Downloads from linux hosts hanging through Raspberry Pi 4B

I've been using OpenWrt on a Raspberry Pi 4 for a while now without issue, up until yesterday. I had just started working on setting up a TrueNAS server and found that I couldn't finish any download from the FreeBSD download server. The download would just hang at a random percentage, no error. I tried from my laptop on the same network and it did the same thing through Firefox, just froze at a random percentage. Topics on TrueNAS forum suggested it was a routing issue with their servers, so I just banged my head against it and after several restarts, I got the files downloaded.

Today I'm trying to download Linux Mint ISO files and it's doing the same thing. I even tried files from downloads.openwrt.org and they hang as well. I try through Firefox, wget, everything just stops without error. They'll just sit like they're downloading, but make no progress. Just for giggles, I bypassed the Raspberry Pi and plugged directly into my Verizon box, all downloads worked without issue. So it's definitely something up with my install of OpenWRT.

The really strange thing is it only seems to happen when I'm working with Unix like stuff. FreeBSD, OpenWRT, or Linux Mint. Downloading a Windows ISO from Microsoft, drivers from NVidia, Youtube videos, genaric web browsing all work fine. I can even simultaneously play a Youtube video and download the Windows 10 ISO both uninterrupted while a Linux ISO download works for a bit then hangs.

I am using OpenWrt 22.03.5 on a Raspberry Pi 4B with 2G RAM and 26G free on primary storage. I can't find anything useful in any log files, but I may not know exactly what log files to look in. I've tried the basic; rebooting. I've checked that it wasn't overheating (though that would cause issues for all large downloads). I've uninstalled adblock just in case. I've recently reloaded it from scratch, so there shouldn't be any old interfaces or configurations leftover.

I am completely lost as this shouldn't be happening as far as I can tell. Any assistance would be greatly appreciated as I really don't want to use Verizon as my primary router.

Check that the mtu is set correctly and mss clamping being enabled for wan.

2 Likes

The MTU size is set to 1500 for the two interfaces and the bridge. I tried changing it, but no change with the downloads.

mss clamping is enabled for wan>restricted, but not enabled for lan>wan. I enabled it to test, but no change (so I disabled it again).

Does this mean you configured the WAN zone to access another firewall zone called "Restricted"?

Perhaps you should provide your network and firewall configs, as this is not a default setting.

  • What is your ISP bandwidth?
  • Do you mean an ONT, or a ISP-provided router?
    • If router, ensure both LAN networks aren't numbered 192.168.1.0/24

"Reject" is the word it uses, I wasn't looking at the screen when I typed it. It's under the firewall zones. The path from WAN to anywhere is going to be rejected by default. And that is the default configuration.

My ISP provides "up to" 300Mbps down and 20Mbps up. I usually get around 100-200Mbps down and a solid 20 up.

My internal network is 192.168.2.0/24 with the Verizon router (and the WAN side of OpenWRT) using 192.168.1.0/24.

1 Like

Well, let's see your configuration.

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

network:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd59:5322:7a91::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.2.1'

config interface 'WAN'
	option proto 'dhcp'
	option device 'eth1'

wireless:

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'platform/soc/fe300000.mmcnr/mmc_host/mmc1/mmc1:0001/mmc1:0001:1'
	option channel '36'
	option band '5g'
	option htmode 'VHT80'
	option cell_density '0'

dhcp:

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option localservice '1'
	option ednspacket_max '1232'
	list server '8.8.8.8'
	list server '8.8.4.4'
	option domain 'republic'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

firewall:

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'
	list network 'wan6'
	list network 'WAN'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

Due to a seemingly corrupt microSD card I had to do a clean install on a new SD card, so this is about as basic as it gets. I haven't even put in my port forwarding yet.

I have tested, and the problem still persists.

What model are you using for your WAN USB adapter?

Well this may seem like an obvious thing to say, but from this comment alone, I'd say you likely have a hardware problem and not a software problem. Do you have any other Raspberry Pi boards. I happen to have 3, so I'd be inclined to switch places with a couple of them.

asix-ax88179

I do have kmod-usb-net-asix-ax88179 version 5.10.176-1 installed. It's been a long day at work, but when I get the energy I'm gonna try flipping the adapters around so that's the LAN and the internal is the WAN. See if that helps.

I do have one other Pi. Switched it out and am still having the problem.

At this point I'm thinking this is just a weird instance of my tech support super powers. Usually I can make a computer work just by walking into the room (or break it if it was working).

This probably rules out a hardware issue with your pi, but there is a slim possibility it is a power supply problem. Are you using an adequate power supply?

We have seen some instances where the USB adapter itself is the problem. Either some oddity in the driver/chipset, or a power related issue where the Pi cannot provide enough power for the adapter. Can you plug it in to a powered USB hub? And/or do you have another USB ethernet dongle you can use? Or a managed switch (more on that later if you do).

1 Like

Back in the beginnings of RPi4 with OpenWrt, that adapter had a lot of issues and complaints. It may be better now, but I would consider it the prime suspect for now.

It seems this is the case this time. But really, this is a weird problem.

Try changing your beacon interval to 50 ms.

Have a read. Could this be the problem?

I've only been running my Pi Router a few days now. I just had to hard reboot my router an hour ago. I just suddenly couldn't connect to the internet. It's the first time in 3 or 4 days for me and I don't really do "big" downloads, but I do stream videos mostly. I may also lower my beacon interval if it happens again.

Oh, and I don't have any other routers in my system. My Pi Router is my primary router.

This is a great question. I'm using the CanaKit Power Supply providing 3.5 amps to Raspberry Pi. If you are using inadequate power supply, you can expect random problems. It may work for light duty work, but as soon as you require power delivery for a sustained time, is when it will fail.

Agreed. I don't have a spare USB adapter, but I did try switching the lan and wan. So the USB adapter is now the LAN. So far everything is now working. I tested a download that hasn't worked for a week and it worked first try. The FreeNAS plugins are downloading now.

So it would seem that the asix-ax88179 adapter still has issues.

Thank you everyone for all the help. Still don't know why it wasn't affecting the even larger Windows downloads, but maybe Microsoft uses a different type of file server protocol.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.