So i'm using WR1043NDv4 that i install OpenWRT, i already do some configuration to meet requirement of it to be made into OpenFlow-enabled with installing openvswitch package on the router and using Opendaylight Flourine-SR2 as the controller.
Before i add the lan port (1 until 4) to openvswitch, hosts that connect to the router still can ping each other and to the router, but after adding it to openvswitch the lan port become inaccessible, even when it was given static address to each of it. hosts can't ping to the router and to each other. I'm using my wan port that i didn't add to openvswitch as management.
I already tried to include the openvswitch br interface (that i give name ovslan) to /etc/config/network
and giving it static ip address but still doesn't work.
but if I stop openvswitch services that run on OpenWRT the lan port become accessible again. Please help me
here is my content of /etc/config/network
and /etc/config/firewall
:
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdbc:261a:0d40::/48'
#config interface 'lan'
# option ifname 'eth0.1 eth0.3 eth0.4 eth0.5'
# option proto 'static'
# option ipaddr '192.168.1.1'
# option netmask '255.255.255.0'
# option gateway '192.168.1.254'
config interface 'lan1'
option ifname 'eth0.1'
option proto 'static'
# option ipaddr '192.168.0.1'
# option netmask '255.255.255.0'
config interface 'lan2'
option ifname 'eth0.3'
option proto 'static'
# option ipaddr '192.168.3.1'
# option netmask '255.255.255.0'
config interface 'lan3'
option ifname 'eth0.4'
option proto 'static'
# option ipaddr '192.168.4.1'
# option netmask '255.255.255.0'
config interface 'lan4'
option ifname 'eth0.5'
option proto 'static'
# option ipaddr '192.168.5.1'
# option netmask '255.255.255.0'
config device 'lan_dev'
option name 'eth0.1 eth0.3 eth0.4 eth0.5'
option macaddr '98:de:xx:xx:xx:xx'
config interface 'wan'
option ifname 'eth0.2'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
config device 'wan_dev'
option name 'eth0.2'
option macaddr '98:de:xx:xx:xx:xx
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config interface 'ovslan'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.1.1'
option ifname 'ovslan'
option gateway '192.168.1.254'
option dns '192.168.1.254'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
option enable_learning '0'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 0t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0t'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '2 0t'
config switch_vlan
option device 'switch0'
option vlan '4'
option ports '3 0t'
config switch_vlan
option device 'switch0'
option vlan '5'
option ports '4 0t'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan1 lan2 lan3 lan4 ovslan'
config zone
option name 'wan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
and here my configuration on ovs-vsctl:
root@OpenWrt:~# ovs-vsctl show
7a3baad8-3b47-4751-b5a9-48f347768b41
Manager "ptcp:6640"
Bridge ovslan
Controller "tcp:192.168.2.152:6633"
is_connected: true
fail_mode: standalone
Port ovslan
Interface ovslan
type: internal
Port "eth0.1"
Interface "eth0.1"
Port "eth0.5"
Interface "eth0.5"
Port "eth0.4"
Interface "eth0.4"
Port "eth0.3"
Interface "eth0.3"
ovs_version: "2.8.5"
I've been stuck in these problem for one day, i've already tried adding dhcp server on my main router to connect to one of lan port but the hosts still didn't recieve any IP address and therefore can't ping each other