Dumb ap network problems

Debi · February 11, 2024, 5:12pm

Hello, I have problems receiving the IP from the main ap when there is a loss of power in both routers and the power is restored first in the dump ap and then in the main ap. I must power off manually the dumb ap to correctly receive the IP. Any help is appreciated!
main network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd80:4961:098c::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option proto 'static'
        list ipaddr '192.168.40.1/24'
        option device 'br-lan'

config device
        option name 'eth0.2'
        option macaddr 'a4:2b:b0:03:8a:53'

config interface 'wan'
        option device 'eth0.2'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
                          
config switch_vlan           
        option device 'switch0'  
        option vlan '1'           
        option vid '1'
        option ports '0t 2 3 5'
                                               
config switch_vlan
        option device 'switch0'
        option vlan '2'     
        option ports '0t 1' 
        option vid '2'     

config switch_vlan    
        option device 'switch0'
        option vlan '3'              
        option ports '0t 4'   
        option vid '3'
             
config device               
        option name 'br-invitado'         
        option type 'bridge'
        list ports 'eth0.3'
        option macaddr 'A8:2B:B0:03:8A:52'
                           
config interface 'invitado'
        option proto 'static'
        option device 'br-invitado'
        option ipaddr '192.168.3.1/24'

config interface 'wg0'
        option proto 'wireguard'
        option private_key ''

dumb network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd85:68e0:557a::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option proto 'dhcp'
        option device 'br-lan'

config device
        option name 'eth0.2'
        option macaddr '60:32:b1:fd:81:1c'

config interface 'wan'
        option device 'eth0.2'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth0.2'
        option proto 'dhcpv6'
                               
config switch                                  
        option name 'switch0'                  
        option reset '1'                  
        option enable_vlan '1'                 
                                               
config switch_vlan                             
        option device 'switch0'                
        option vlan '1'                   
        option vid '1'                    
        option ports '0t 2 3 5'           
                                          
config switch_vlan                        
        option device 'switch0'           
        option vlan '2'                   
        option ports '0t 1'               
        option vid '2'         
                                          
config switch_vlan                        
        option device 'switch0'           
        option vlan '3'                   
        option ports '0t 4'    
        option vid '3'         
                               
config device                  
        option name 'br-invitado'
        option type 'bridge'     
        list ports 'eth0.3'      
        option macaddr '64:32:B1:FD:81:1B'
                                          
config interface 'invitado'               
        option device 'br-invitado'       
        option proto 'dhcp'

main dhcp

config dnsmasq                                                                                                                         
        option domainneeded '1'                                                                                                        
        option localise_queries '1'                                                                                                    
        option rebind_protection '1'                                                                                                   
        option rebind_localhost '1'                                                                                                    
        option local '/lan/'                                                                                                           
        option domain 'lan'                                                                                                            
        option expandhosts '1'                                                                                                         
        option authoritative '1'                                                                                                       
        option readethers '1'                                                                                                          
        option leasefile '/tmp/dhcp.leases'                                                                                            
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'                                                                        
        option localservice '1'                                                                                                        
        option ednspacket_max '1232'                                                                                                   
                                                                                                                                       
config dhcp 'lan'                                                                                                                      
        option interface 'lan'                                                                                                         
        option start '100'                                                                                                             
        option limit '150'                                                                                                             
        option leasetime '12h'                                                                                                         
        option dhcpv4 'server'                                                                                                         
        list ra_flags 'none'                                                                                                           
                                                                                                                                       
config dhcp 'wan'                                                                                                                      
        option interface 'wan'                                                                                                         
        option ignore '1'                                                                                                              
                                                                                                                                       
config odhcpd 'odhcpd'                                                                                                                 
        option maindhcp '0'                                                                                                            
        option leasefile '/tmp/hosts/odhcpd'                                                                                           
        option leasetrigger '/usr/sbin/odhcpd-update'                                                                                  
        option loglevel '4'                                                                                                            
                                                                                                                                       
config dhcp 'invitado'
        option interface 'invitado'                                                                                                    
        option start '100'                                                                                                             
        option limit '150'                                                                                                             
        option leasetime '12h'                                                                                                         
        list ra_flags 'none'                                                                                                           
                                                                                                                                       
config host                                                                                                                            
        option name 'MCRouter1'                                                                                                        
        option dns '1'                                                                                                                 
        option broadcast '1'                                                                                                           
        option mac '60:32:B1:FD:81:1B'                                                                                                 
        option ip '192.168.40.190'                                                                                                     
                                                                                                                                                                                                                                                                              
config host                                                                                                                            
        option name 'MCRouter1b'                                                                                                       
        option dns '1'                                                                                                                 
        option broadcast '1'                                                                                                           
        option mac '64:32:B1:FD:81:1B'                                                                                                 
        option ip '192.168.3.190'

dumb dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
                              
config dhcp 'lan'            
        option interface 'lan'  
        option start '100'   
        option limit '150'                 
        option leasetime '12h'                                 
        option dhcpv4 'server'
        option ignore '1'      
        list ra_flags 'none'        
 
config dhcp 'wan'
        option interface 'wan'
        option ignore '1' 
                          
config odhcpd 'odhcpd'        
        option maindhcp '0'   
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'
                 
config dhcp 'invitado'        
        option interface 'invitado'
        option ignore '1'
        list ra_flags 'none'

main firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option masq '1'
        option masq_src '192.168.9.0/24'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config zone
        option name 'zona_wg0'
        list network 'wg0'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'    
                              
config rule                    
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4' 
                              
config rule                    
        option name 'Allow-Ping'
        option src 'wan'                
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'
                           
config rule                  
        option name 'Allow-IGMP'
        option src 'wan'       
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'
           
config rule                   
        option name 'Allow-DHCPv6'
        option src 'wan'     
        option proto 'udp'    
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'
                             
config rule                   
        option name 'Allow-MLD'
        option src 'wan'              
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'   
        option target 'ACCEPT'  
                                        
config rule                
        option name 'Allow-ICMPv6-Input'
        option src 'wan'    
        option proto 'icmp'   
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'    
        option target 'ACCEPT'

config rule                 
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'     
        option dest '*'       
        option proto 'icmp'    
        list icmp_type 'echo-request' 
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'    
        option target 'ACCEPT'          
                           
config rule                             
        option name 'Allow-IPSec-ESP'
        option src 'wan'      
        option dest 'lan'            
        option proto 'esp'         
        option target 'ACCEPT'                  
                                       
config rule                           
        option name 'Allow-ISAKMP' 
        option src 'wan'                    
        option dest 'lan'                   
        option dest_port '500'                 
        option proto 'udp'                   
        option target 'ACCEPT'                  
                               
config rule                     
        option name 'Support-UDP-Traceroute'
        option src 'wan'      
        option dest_port '33434:33689'
        option proto 'udp'                
        option family 'ipv4' 
        option target 'REJECT'
        option enabled 'false' 
                                      
config include                     
        option path '/etc/firewall.user'        
                                       
config zone                           
        option name 'invitado'     
        option input 'ACCEPT'               
        option output 'ACCEPT' 
        option forward 'REJECT' 
        list network 'invitado'         
                           
config forwarding                       
        option src 'invitado'        
        option dest 'wan'     
                                     
config rule                        
        option name 'Allow-WireGuard'           
        option dest_port '51820'       
        option proto 'udp'            
        option target 'ACCEPT'     
        option family 'ipv4'                
        option src '*'                      
                                               
config forwarding                            
        option src 'zona_wg0'                   
        option dest 'lan'      
                                
config forwarding                           
        option src 'zona_wg0' 
        option dest 'wan'

dumb firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'         
                                            
config rule                                     
        option name 'Allow-Ping'       
        option src 'wan'              
        option proto 'icmp'        
        option icmp_type 'echo-request'     
        option family 'ipv4'                
        option target 'ACCEPT'                 
                                             
config rule                                     
        option name 'Allow-IGMP'                
        option src 'wan'               
        option proto 'igmp'                 
        option family 'ipv4'       
        option target 'ACCEPT'              
                                            
config rule                                    
        option name 'Allow-DHCPv6'           
        option src 'wan'                        
        option proto 'udp'            
        option src_ip 'fc00::/6'   
        option dest_ip 'fc00::/6'               
        option dest_port '546'         
        option family 'ipv6'          
        option target 'ACCEPT'            
                                            
config rule                    
        option name 'Allow-MLD' 
        option src 'wan'              
        option proto 'icmp'        
        option src_ip 'fe80::/10'               
        list icmp_type '130/0'         
        list icmp_type '131/0'        
        list icmp_type '132/0'    
        list icmp_type '143/0'              
        option family 'ipv6'                    
        option target 'ACCEPT'         
                                      
config rule                        
        option name 'Allow-ICMPv6-Input'    
        option src 'wan'                    
        option proto 'icmp'                    
        list icmp_type 'echo-request'        
        list icmp_type 'echo-reply'             
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'      
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'       
        option family 'ipv6'       
        option target 'ACCEPT'                  
                                       
config rule                           
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'                    
        option dest '*'        
        option proto 'icmp'     
        list icmp_type 'echo-request' 
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'  
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'                 
        option family 'ipv6'           
        option target 'ACCEPT'        
                                   
config rule                                 
        option name 'Allow-IPSec-ESP'       
        option src 'wan'                       
        option dest 'lan'                    
        option proto 'esp'                      
        option target 'ACCEPT'                  
                                       
config rule                                 
        option name 'Allow-ISAKMP' 
        option src 'wan'                    
        option dest 'lan'                   
        option dest_port '500'                 
        option proto 'udp'                   
        option target 'ACCEPT'                  
                                      
config rule                        
        option name 'Support-UDP-Traceroute'    
        option src 'wan'               
        option dest_port '33434:33689'
        option proto 'udp'                
        option family 'ipv4'                
        option target 'REJECT' 
        option enabled 'false'  
                                      
config include                     
        option path '/etc/firewall.user'        
                                       
config zone
        option name 'invitado'       
        option input 'ACCEPT'               
        option output 'ACCEPT'                  
        option forward 'REJECT'        
        list network 'invitado'       
                                   
config forwarding                           
        option src 'invitado'               
        option dest 'wan'

frollic · February 11, 2024, 5:15pm

Set static IP, or restart the network service in rc.local.

trendy · February 11, 2024, 5:20pm

You are trying to get DHCP settings in both br-lan and br-invitado interfaces, which doesn't make sense in a dumb AP.
Although it would be best to use static on one interface only, which will be used for management, you should change the other interface to unmanaged and let only one interface ask for DHCP.

Debi · February 11, 2024, 5:20pm

static ip does not work properly because I lose the ability to connect to the dumb ap from the main ap.

psherman · February 11, 2024, 5:32pm

That signals a misconfiguration in terms of how you're entering the information into the dumb AP.

This is the main router's lan config:

Therefore, if you do something similar on the dumb AP, it should work... like:

config interface 'lan'
        option proto 'static'
        list ipaddr '192.168.40.2/24'
        option device 'br-lan'

Note that above, this is using the .2 address -- I'm assuming you don't have any other devices using that address (it is outside the DHCP scope, so should be fine on that end).

frollic · February 11, 2024, 5:32pm

Then you misconfigured something, but you're in good hands.

system · February 21, 2024, 5:33pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.