FLINT 2 - Problem accessing NAS from LAN, not from WIFI

Hi,

I have very low knowledge of networking and I also have a bad english (Italy here), so please forgive me.

Today I got my connection changed from FTTC (FASTWEB) to FTTH (TIM).

In the past weeks I read many router specs, tecnical forum, discussions because I had to choose a new router for the upcoming fiber but I have almost zero knowledge.

In my home I have quite a simple network: the FASTGATE (the router of FASTWEB) connected to a gigabit switch and many devices plugged in while other devices where connected through the router wifi.

Among this devices there was my NAS (Terramaster f-423), which have two 2.5G ethernet ports, both plugged into the switch; so this device had 2 ip addresses: 192.168.1.173 and 192.168.1.186 and it was possible to use indifferently both of them.

Everything was working fine.

In these days of readings, I discovered that a router can do a lot more than simply make you access your devices and I saw a powerful open source firmare (OpenWrt) exists.
So I decided to buy a router capable of letting me experiment some of what I was discovering; in particular I find interesting ADGUARD and VPN.

So I chosen for a GL.INET GL-MT6000 (FLINT 2) router.

I first upgraded it from version 4.5.4 to 4.5.8 using the proprietary update feature.
Than I installed OpenWrt following this page.

Today the fiber men replaced my cables.
I spend almost all day making the connection working (please don't laught), but finally I could; these the specs:

  • USERNAME: numero_telefonico
  • PASSWORD: timadsl
  • PROTOCOLLO: PPPoE Routed (definito come RFC 2516)
  • INCAPSULAMENTO: VLAN Ethernet 802.1q
  • NAT: attivo
  • VLAN: 835
  • IGMP proxy: disabilitato
  • Routing: traffico unicast

I also added a second switch (TENDA TEM2010F - eight 2.5G unmanaged switch) with 2.5g ports and connected to it the devices that can reach that speed.
This switch can work in "aggregation": in this mode, ports 7 and 8 are aggregate to work to 5g.
I put the switch in this mode, and plugged both NAS ethernets to these ports.

So now I got: router - Switch 2.5G with some devices - old switch 1G with other devices (the two switches are in cascade)
And other devices connected to router wifi.

Well, seems quite everything now is working and I'm also hitting good speeds (the connection is a 2.5g down and 1g up).

BUT

NAS is unreachable from LAN.

If I try from my PC connected by LAN

C:\Users\Gio>ping nas-tnas

Esecuzione di Ping nas-tnas.lan [192.168.1.187] con 32 byte di dati:
Richiesta scaduta.
Richiesta scaduta.
Richiesta scaduta.
Richiesta scaduta.

Statistiche Ping per 192.168.1.187:
    Pacchetti: Trasmessi = 4, Ricevuti = 0,
    Persi = 4 (100% persi),

The NAS have now taken these ips:
192.168.1.187
192.168.1.188
(I thought that in aggregation mode there would be a single ip)

I see it can translate the name into the ip, but seems NAS is not responding.

This same PC, along with multigiga lan port, also have WIFI.
If I unplug the cable and I connect to the wifi, I got this:

C:\Users\Gio>ping nas-tnas

Esecuzione di Ping nas-tnas.lan [192.168.1.187] con 32 byte di dati:
Risposta da 192.168.1.187: byte=32 durata=1ms TTL=64
Risposta da 192.168.1.187: byte=32 durata=1ms TTL=64
Risposta da 192.168.1.187: byte=32 durata=2ms TTL=64
Risposta da 192.168.1.187: byte=32 durata=1ms TTL=64

Statistiche Ping per 192.168.1.187:
    Pacchetti: Trasmessi = 4, Ricevuti = 4,
    Persi = 0 (0% persi),
Tempo approssimativo percorsi andata/ritorno in millisecondi:
    Minimo = 1ms, Massimo =  2ms, Medio =  1ms

And I can access to all samba shares from windows file explorer and to the web UI by a browser.

Seems everything is OK with WIFI so there must be something in the LAN configuration. I tried to make both NAS ips static but nothing changed.

Any suggestion is appreciated.

I see often people leave their network config; mine is the following (but unless now I only used LuCi):

login as: root
root@192.168.1.1's password:


BusyBox v1.36.1 (2024-03-22 22:09:42 UTC) built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 23.05.3, r23809-234f1a2efa
 -----------------------------------------------------
root@Casetta:~# uname
Linux
root@Casetta:~# uname -a
Linux Casetta 5.15.150 #0 SMP Fri Mar 22 22:09:42 2024 aarch64 GNU/Linux
root@Casetta:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd56:4722:5fd9::/48'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'lan5'

config device
        option name 'lan1'
        option macaddr '94:83:c4:a3:17:e9'

config device
        option name 'lan2'
        option macaddr '94:83:c4:a3:17:e9'

config device
        option name 'lan3'
        option macaddr '94:83:c4:a3:17:e9'

config device
        option name 'lan4'
        option macaddr '94:83:c4:a3:17:e9'

config device
        option name 'lan5'
        option macaddr '94:83:c4:a3:17:e9'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config device
        option name 'eth1'
        option macaddr '94:83:c4:a3:17:e7'

config interface 'wan'
        option device 'eth1.835'
        option proto 'pppoe'
        option username '***'
        option password '***'
        option ipv6 'auto'

config interface 'wan6'
        option device 'eth1'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'

config device
        option type '8021q'
        option ifname 'eth1'
        option vid '835'
        option name 'eth1.835'

root@Casetta:~#

Let’s see the firewall and wireless files.

root@Casetta:~# cat /etc/config/firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'
        option flow_offloading '1'
        option flow_offloading_hw '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

root@Casetta:~# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'platform/soc/18000000.wifi'
        option channel '1'
        option band '2g'
        option htmode 'HE20'
        option country 'IT'
        option cell_density '0'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'Casetta'
        option encryption 'psk2'
        option key '***'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'platform/soc/18000000.wifi+1'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option country 'IT'
        option cell_density '0'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'Casetta'
        option encryption 'psk2'
        option key '***'

Try removing the switch and connecting your pc and nas directly to the router - if the problem goes away then the managed switch config is incorrect

If the problem continues try connecting only 1 of the nas network cables, if the problem goes away there is a setup issue with the interface bonding on your nas.

If the issues persists draw a network diagram and share it

2 Likes

Hi,

You need to configure the link aggregation on the NAS side as well.
Not sure which NAS you are using, but as an example:
https://mariushosting.com/synology-how-to-setup-link-aggregation-on-your-nas/

Choose balance XOR for static link aggregation.
After this you would have a single (static) IP for your NAS.

you were right: the problem was the link aggregation.

On the new switch I changed mode from link aggregation to standard switch, and everything works fine.

For now I can live without link-aggregation :slight_smile:
Maybe in the future I will try to make it work.

ty all

1 Like