Dumb AP Guide needs to be updated and OPKG not working

Hello OpenWRT folks!

I have two things need help me with.

  1. The dumb AP guide needs to be updated.

Firstly, once the router becomes dumb (e.g. with ip 192.168.1.2) or a slave to another router (e.g. with 192.168.1.1). There’s a need to update uhttpd listener.

Secondly , the guide also needs a section for the regeneration of certs for https access of LuCI. Currently, the certificate out of the box is for 192.168.1.1 or at least I am led to believe based on this guide https://openwrt.org/docs/guide-user/luci/getting_rid_of_luci_https_certificate_warnings that one of the parameters to (re)generate certificates is the IP address.

  1. Internet for the router itself is missing
    and therefore Opkg not working. So even though I have the guide to regenerate a certificate, I cannot proceed as it needs additional packages. I have a feeling I am close to figuring this out and only one elusive setting remains. Take note clients that connect to the dumb AP have internet. It's only the Internet for the routers needs are not working :cry:

Hope you guys can help me.

Sincerely,

Vince

  1. By default the uhttpd listens to all addresses (0.0.0.0/0). Also https is not enabled by default and there are no certificates.
  2. It is mentioned in a couple of places in the guide that you need to configure the gateway and dns.
    Step 3 says "Set DNS and gateway to point into your main router to enable internet access for the dumb AP itself "
3 Likes

Hi!

Apparently it doesn't listen to all. Co'z when I added 192.168.1.2 in the uhttpd config it became accessible. Though I know that the 0.0.0.0 is supposed to signify that is should listen to all addresses.

The only thing not working is https and found in the guide in cert regeneration that it needs IP address.

I have read the Dumb AP guide. I know that you need to do stuff related DNS and DHCP.

Don't get me wrong, I mean I may have misunderstood the guide but definitely I have read it.

I actually decided to make a case here in the forum since there are more than a couple of unresolved cases with similar problem like this:

Maybe what needed to be done was to restart the uhttpd to bind to the new address.
If you change the listen addresses to 0/0 and restart the server won't it work?

Some time ago I shared my notes on this:

1 Like

and this one for wireless links: https://gist.github.com/braian87b/8a524a8ad74a36407a8f481e9d16a5c9

Wow! Cool ... will look into this. :slight_smile: Thanks Brian :slight_smile:

Hi Trendy!

Was able to get internet to the router and therefore luci-ssl. Apparently unticking the DHCP in the wireless properties doesn't quite cut it. So needed to disable as described in the DumbAP guide.

However, I have a new problem, since i now two OpenWRT routers. Accessing LuCI via hostname https://openwrt.lan cannot work anymore. Is there a way to change the Openwrt.lan to Openwrt-1900.lan?

I checked the uhttpd config file for "Openwrt" and found "common name" and "realm" would you know which one can be used?

Thanks for your prompt response by the way :slight_smile: I really appreciate it a lot. Kudos!

Regards,

Vince

Unfortunately

You lost me here.

You'll need to make any changes in the names on the master router, in hostnames section in Luci or config domain in config/dhcp

I don't have such options in uhttpd.

You can rename the devices in luci.
System > general settings tab > host name

There are options "commonname" and "realm" in UHTTPD config file. "Commonname" is currently commented out in my config file out of the box. At any rate noted on the hostnames in LuCI will check if that will work.

Sorry if you were lost ... I meant In LuCI->Interfaces -> LAN there is "ignore interface" when there is a need to disable to service itself.

Anyway, I have a much bigger issue now. The Dumb AP guide mentions to disable Firewall, dnsmasq and DHCP services in Dumb router as options available for lazy guys like me. I re-enabled dnsmasq and DHCP and just disabled certain components as per the DumbAP guide. I am assuming that option was listed as because some parts of dnsmasq and DHCP will be needed if you plan to setup guest wifi in your DumbAP as per guide https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guestwifi_dumbap.

I learnt this the hard way when I connected to my guest wifi it didn't get an IP address.

Now I have IP address expected 10.0.1.x but I don't have Internet. I have a feeling this is a firewall issue. I have two concerns about the firewall config. In the DumbAP guide requested to simply disabling of firewall and no other limited disabling listed. So i'm puzzled how the firewall rules as described in the guestwifi_dumbap guide will run if the FW is disabled.

Regards,

Vince

The dumbAP and the guestwifi_dumbAP follow different approaches and you cannot combine them.
One is disabling the firewall, the other depends on the firewall.
One doesn't use dhcp, the other is using it.
So if you need a guest wifi on a dumbAP, you need to start configuring from defaults using the guest wifi guide, not trying to combine them.

These sample lines were on 18 builds for infrequently used / legacy http auth ( luci login function only ).

1 Like

you should add your hostname into hosts in order to be available to resolutions

if you add it using luci will be like doing:

uci add dhcp domain
uci set dhcp.@domain[-1].name='openwrt'
uci set dhcp.@domain[-1].ip='192.168.1.1'

you could try also:

uci set dhcp.@domain[-1].name='openwrt.lan'

but I think that expandhosts adds .lan , if I remember it well its, so you should check:

uci show dhcp | grep dnsmasq
...
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1
dhcp.@dnsmasq[0].localservice='1'
...

those are the defaults I think, check it out on: https://openwrt.org/docs/guide-user/base-system/dhcp

Hmmm :thinking:

Ok got it. It now works. I just undone steps 3, 4 and 5 as per DumbAP guide.

Thanks so much @trendy!

1 Like

Hi @braian87b!

I will be trying the github link you sent earlier in after my wife finishes her Netflix fix. As the saying goes wife has priority internet. :sweat_smile:

The shell script looks promising though. Thanks for responding and sharing :slight_smile:

Will let you know ASAP.

Hi @trendy,

I have one follow up question. Since the router in question is dumb and have Guest wifi set up. My main router also has Guest wifi. Both had SQM configured 5 mbps down and 2 mbps up. My question is, given this set up does this mean the guests can gobble up up to 10 mbps of my internet bandwidth if they use both wifis? Or it will only access 5 mbps?

Thanks!

I am not an expert in SQM, but if you applied it on the wifi only and not on the upstream, then yes it sounds plausible that combined can aggregate 10Mbps.

Hi @trendy,

That's my suspicion as well. As SQM is interface based.

Would you know from a network layer there's for the main WRT router (192.168.1.1) and manage this and just share a common bandwidth including the dumb ones?

Thanks!

Vince

Hi braian87b

The commands you gave in your last reply is to be done on the dumbAP?

===================================
you should add your hostname into hosts in order to be available to resolutions

if you add it using luci will be like doing:
uci add dhcp domain
uci set dhcp.@domain[-1].name='openwrt'
uci set dhcp.@domain[-1].ip='192.168.1.1'

you could try also:

uci set dhcp.@domain[-1].name='openwrt.lan'

but I think that expandhosts adds .lan , if I remember it well its, so you should check:

uci show dhcp | grep dnsmasq

...
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1
dhcp.@dnsmasq[0].localservice='1'
...
those are the defaults I think, check it out on: https://openwrt.org/docs/guide-user/base-system/dhcp

===================================
Also in your first reply (see below) to me you gave me a link to a scripts you have shared is this still applicable? If yes, the dumb-ap-wired-link.sh is for the dumbAPs then the wireless-link-wds.sh is commands for the main router?

=============================

dumb-ap-wired-link.sh

========================================================

Setup a Dumb AP, Wired backbone for OpenWRT / LEDE

========================================================

Set lan logical interface as bridge (to allow bridge multiple physical interfaces)

uci set network.lan.type='bridge'

assign WAN physical interface to LAN (will be available as an additional LAN port now)

uci set network.lan.ifname="$(uci get network.lan.ifname) $(uci get network.wan.ifname)"

uci del network.wan.ifname

Remove wan logical interface, since we will not need it.

uci del network.wan

https://gist.github.com/braian87b/8a524a8ad74a36407a8f481e9d16a5c9 5

====================================

Thanks much in advance!

Vince