First installation OpenWRT kills network after running a while

Explore2444 · January 2, 2026, 5:32pm

Hello. New to OpenWRT. Still learning.

I installed OpenWRT 24.10.5 on my Linksys 1900 ACS router. But, after i set everything up, and everything seems to be working okay, after a while I lose internet connection (both wireless and physical connections are gone), router is not pingable, and a machine connected via patch cable, during arp -a command, shows absolutely no connected devices at all. The router is soft bricked, and I need to 30s reset it. But then same thing happens after I configure again. What am I doing wrong? The following are the settings I am changing from Vanilla OpenWRT installation.

Change Root password

System>Administration>SSH Access>interface: lan

Network>Interfaces: delete wan6 interface (my setup is ipv4 for now)

Network>Interfaces>lan>General Settings: ipv4 address: 192.168.5.1

Network>Interfaces>lan>Advanced Settings>Use custom DNS servers: set 192.168.5.200 (for my pihole running on an rpi)

Network>Interfaces>wan>Advanced Settings: Use DNS servers advertised by peer: Unchecked (because I dont want my ISP dns to be used)

Network> DHCP and DNS> General> Authoritative unchecked (because my pihole also is my DHCP server, and the option is enabled in pihole)

Network>Interfaces>Lan>DHCP Server>General setup> ignore Interface checked (Becauss my pihole is my DHCP server)

I also do some basic configuration with my wireless network, but I really don't think thats the issue here.

So what am I doing wrong?

EDIT: is setting the WAN server to a custom DNS server (pihole) redundant since I already did it on Lan, and could it be causing a loop that looks like a freeze?

Also, I have a fiber hub. But it should be in bridge mode, which then connects directly to router. So, i dont think this is a double NAT issue

frollic · January 2, 2026, 5:43pm

Does your client know the IP changed and are you selecting "apply unchecked" when saving ?

Explore2444 · January 2, 2026, 5:46pm

Yes, clients know. They get rebooted, and the internet does work for a while. But then router freezes up and i lose all connection, and its not pingable.

And yes, I am hitting save and apply for every small change i do

brada4 · January 2, 2026, 5:56pm

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button (red circle; this works best in the 'Markdown' composer view in the blue oval):

Remember to redact passwords, VPN keys, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

frollic · January 2, 2026, 5:56pm

Yes it does.
Your clients need the custom DNS IP, the router doesn't.

Use option 6 from https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#dhcp_options.

Explore2444 · January 2, 2026, 6:30pm

Well, I deleted that option based on your advice here, but my router crashed anyway. So, there is something else at play here...

Explore2444 · January 2, 2026, 6:32pm

Here is the output. Some information is censored, like MAC addresses.

ubus call system board
{
	"kernel": "6.6.119",
	"hostname": "OpenWrt",
	"system": "ARMv7 Processor rev 1 (v7l)",
	"model": "Linksys WRT1900ACS",
	"board_name": "linksys,wrt1900acs",
	"rootfs_type": "squashfs",
	"release": {
		"distribution": "OpenWrt",
		"version": "24.10.5",
		"revision": "r29087-d9c5716d1d",
		"target": "mvebu/cortexa9",
		"description": "OpenWrt 24.10.5 r29087-d9c5716d1d",
		"builddate": "1766005702"
	}
}
root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdb9:278d:6c3f::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.5.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '192.168.5.200'

config device
	option name 'wan'
	option macaddr 'censored mac address'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'
	option peerdns '0'

root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'soc/soc:pcie/pci0000:00/0000:00:01.0/0000:01:00.0'
	option band '5g'
	option channel '36'
	option htmode 'VHT80'
	option disabled '1'
	option country 'US'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'
	option macaddr 'censored mac address'

config wifi-device 'radio1'
	option type 'mac80211'
	option path 'soc/soc:pcie/pci0000:00/0000:00:02.0/0000:02:00.0'
	option band '2g'
	option channel '1'
	option htmode 'VHT20'
	option disabled '1'
	option country 'US'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'
	option macaddr 'censored mac address'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'
	option piofolder '/tmp/odhcpd-piofolder'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
	option syn_flood '1'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

frollic · January 2, 2026, 6:32pm

Remove the setting on the LAN side too, of it's still there.

psherman · January 2, 2026, 6:36pm

You said that your pihole is your dhcp server, correct? Have you verified that it is working properly and also that the dhcp server is set such that the dhcp pool explicitly excludes the .1 address?

If the dhcp server isn’t working properly and the leases expire on the dhcp client devices, you would get the same symptom but the root cause would not be related to the openwrt router at all.

frollic · January 2, 2026, 6:38pm

If this is correct (I missed it) it's not OpenWRT related at all.
The Pi have to point the clients to the IP of the OpenWRT device as default gw.

Explore2444 · January 2, 2026, 6:41pm

Had the pihole a long time with DDWRT, and never ran into an issue. So far, the pihole is set to:
give a lease time of 24 hours
Range of IP Addresses to hand out: 192.168.5.201 to 192.168.5.251
Gateway IP Address: 192.168.5.1
Subnet mask: Automatic

And already has some IP addresses for various devices, and a couple static ones I set for servers

Explore2444 · January 2, 2026, 6:41pm

So why then does OpenWRT crash so hard I cant even ping the router?

psherman · January 2, 2026, 6:43pm

I would not leave this to chance. Set it to /24 (255.255.255.0).

The point is that it might not be crashing. If the clients encounter a dhcp lease expiration and lose their address, they would have no connectivity.

Can you ping the pihole when the router appears to be crashed?

Explore2444 · January 2, 2026, 6:46pm

Okay. I set the mask to 255.255.255.0 in the pihole.

As for the other question, no i cannot. I cannot ping anything at all. As soon as I reboot the router, whole thing is down. Ping command gives nothing and says network is unreachable. Arp -a shows nothing

psherman · January 2, 2026, 6:48pm

So far, this aligns with the idea that the clients may be losing their leases.

Check the clients to see if they still have an active dhcp lease (when the problem manifests)

Explore2444 · January 2, 2026, 7:19pm

Okay. So, lets assume there is a DHCP issue. I can turn that off for now in the pihole.

Simply to get the pihole into the system as a DNS blocker, is there a procedure or guide I can follow? Is there a guide for DHCP in the pihole?

So, as a test, i unplugged the pihole and attempted to cause the crash state again. It doesnt happen, so the pihole is a factor somehow

psherman · January 2, 2026, 7:23pm

Yes. Do that.

Enable the dhcp server on openwrt and disable it on the pi.

Simply set dhcp option 6 on the openwrt dhcp server to point to the pihole. That will advertise the pihole address via dhcp to the clients.

If you want the openwrt system to use the pihole as the resolver, the easiest way is to set your wan interface to ignore the dhcp advertised dns server and put in the pihole address manually for the wan.

Keep in mind that this approach still requires that the pihole is working properly. You might be better off simply not using it at all for now to prove that openwrt is not the culprit here.

lleachii · January 2, 2026, 7:55pm

DNS servers?

system · January 12, 2026, 7:56pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.