I installed OpenWrt on a netgear WNDR3800CH and put my old actiontec MI424WR-Gen3-Rev-I into bridge mode following these steps. On step 20, I can ping 1.1.1.1 from the router but not google.com or any other non-resolved IP address and I can't even ping 1.1.1.1 from any devices connected to my router. I started looking at the static vs router vs gateway page, but it says the default settings should work unless your address spaces conflict, which mine don't.
I've also tried setting dns server for the network interfaces (wan, wan-6 and lan) and setting the DNS in the DHCP and DNS page in luci. Please let me know if you have any ideas what I should try next.
Please post here the output of the following command, copy and paste the whole block:
uci show network;uci show wireless; \
uci show firewall; uci show dhcp; \
ip -4 addr ; ip -4 ro ; ip -4 ru; \
iptables-save; \
head -n -0 /etc/firewall.user; \
ls -l /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
The idea behind bridge mode is to use the actiontec as a modem only because my fios network is run as COAX. If I'm understanding correctly, you basically tell the actiontec to not request an IP address from verizon so OpenWrt can request one and you tell it to not serve DHCP, resolve DNS... I don't think the actiontec is the problem because I can ping across the actiontec to 1.1.1.1, but I'm very new to this, so maybe it is. @lleachii
Pretty odd flow stats there... for a "wan" interface... leave it to trendy / lleachii but a quick scan has me wondering about eth1 at the switch and ip6 issues/mtu... but i'm also confused about where the "bridge" is... i'm thinking your edge device is not quite right... like it's half in half bridge or something...
would be worth just plugging a laptop into it ( the actiontec ) to test if i'm understanding what your trying to do correctly...
@trendy@lleachii I did a lot of fiddling with this. The DNS will work, then stop working... Finally found that restarting the wan (ipv4) interface fixes the DNS problem too (not sure how long the fix will work for though). Is this a known issue?
So...is that a yes or no - if you want to statically setting the servers?
From my understanding, dynamic DNS server settings are controlled by the ISP's response to your DHCP request. So I would try statically setting the servers, or contacting the ISP.
You can also use tcpdump to look at the DHCP replies sent by your ISP - ensure they have DNS servers listed.
It seems to me that dnsmasq is hanging. You are using 3 internet based nameservers, so as long as the internet connection works, you should be able to resolve.
Check logs for any issues from dnsmasq.
Assign for testing purposes to one host static NS settings and see if it will work when others (and the router) fail.
UN@hostCPU:~$ ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
^C
--- 1.1.1.1 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6104ms
UN@hostCPU:~$ nslookup google.com 1.1.1.1
;; connection timed out; no servers could be reached
From the Router
root@OpenWrt:~# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=255 time=13.776 ms
64 bytes from 1.1.1.1: seq=1 ttl=255 time=8.072 ms
^C
--- 1.1.1.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 8.072/10.924/13.776 ms
root@OpenWrt:~# nslookup google.com 1.1.1.1
;; connection timed out; no servers could be reached
sys logs
Sat Oct 19 19:33:53 2019 authpriv.info dropbear[30541]: Child connection from 192.168.1.155:52496
Sat Oct 19 19:34:00 2019 authpriv.notice dropbear[30541]: Password auth succeeded for 'root' from 192.168.1.155:52496
Sat Oct 19 19:38:24 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.109 70:ef:00:b3:80:07
Sat Oct 19 19:38:24 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.109 70:ef:00:b3:80:07 iPhone-2
Sat Oct 19 19:38:24 2019 daemon.warn odhcpd[1091]: DHCPV6 SOLICIT IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Sat Oct 19 19:38:25 2019 daemon.warn odhcpd[1091]: DHCPV6 REQUEST IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Sat Oct 19 19:39:41 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.109 70:ef:00:b3:80:07
Sat Oct 19 19:39:41 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.109 70:ef:00:b3:80:07 iPhone-2
Sat Oct 19 19:39:43 2019 daemon.warn odhcpd[1091]: DHCPV6 SOLICIT IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Sat Oct 19 19:39:44 2019 daemon.warn odhcpd[1091]: DHCPV6 REQUEST IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Sat Oct 19 19:40:48 2019 authpriv.info dropbear[30541]: Exit (root): Disconnect received
Sat Oct 19 19:41:17 2019 authpriv.info dropbear[30624]: Child connection from 192.168.1.155:52502
Sat Oct 19 19:41:25 2019 authpriv.notice dropbear[30624]: Password auth succeeded for 'root' from 192.168.1.155:52502
Sat Oct 19 19:41:30 2019 authpriv.info dropbear[30624]: Exit (root): Disconnect received
Sat Oct 19 19:42:17 2019 daemon.notice netifd: wan (28667): udhcpc: sending renew to 96.241.140.1
Sat Oct 19 19:43:58 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.202 10:ce:a9:54:8a:73
Sat Oct 19 19:43:58 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.202 10:ce:a9:54:8a:73 SoundTouch-Kitchen
Sat Oct 19 19:44:29 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.127 40:bd:32:ab:3b:73
Sat Oct 19 19:44:29 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.127 40:bd:32:ab:3b:73 SoundTouch-Family-room
Sat Oct 19 19:45:33 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.111 f4:39:09:54:52:8f
Sat Oct 19 19:45:33 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.111 f4:39:09:54:52:8f MikePrinter
Sat Oct 19 19:46:46 2019 daemon.warn odhcpd[1091]: DHCPV6 SOLICIT IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Sat Oct 19 19:46:47 2019 daemon.warn odhcpd[1091]: DHCPV6 REQUEST IA_NA from 000100012188d29370ef00b38007 on br-lan: ok fd00:cb4:be40::65c/128
Note, I SSHed into the router a few times
Kernel logs
[94356.106016] eth1: link down
[94356.116996] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[94356.124224] ar71xx: pll_reg 0xb8050014: 0x11110000
[94356.124233] eth1: link up (1000Mbps/Full duplex)
[94356.128848] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[94365.100318] br-lan: port 1(eth0.1) entered disabled state
[94365.131721] device eth0.1 left promiscuous mode
[94365.136256] device eth0 left promiscuous mode
[94365.140706] br-lan: port 1(eth0.1) entered disabled state
[94365.169327] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready
[94365.193748] eth0: link down
[94365.242204] ar71xx: pll_reg 0xb8050010: 0x11110000
[94365.242277] eth0: link up (1000Mbps/Full duplex)
[94365.265736] br-lan: port 1(eth0.1) entered blocking state
[94365.271138] br-lan: port 1(eth0.1) entered disabled state
[94365.277058] device eth0.1 entered promiscuous mode
[94365.281886] device eth0 entered promiscuous mode
[94365.327169] br-lan: port 1(eth0.1) entered blocking state
[94365.332619] br-lan: port 1(eth0.1) entered forwarding state
[94377.884731] eth1: link down
[94377.894890] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[94377.902422] ar71xx: pll_reg 0xb8050014: 0x11110000
[94377.902434] eth1: link up (1000Mbps/Full duplex)
[94377.907072] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[94395.112844] eth1: link down
[94395.122520] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[94395.129694] ar71xx: pll_reg 0xb8050014: 0x11110000
[94395.129701] eth1: link up (1000Mbps/Full duplex)
[94395.151024] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[94396.087667] br-lan: port 1(eth0.1) entered disabled state
[94396.115724] device eth0.1 left promiscuous mode
[94396.120253] device eth0 left promiscuous mode
[94396.124765] br-lan: port 1(eth0.1) entered disabled state
[94396.162993] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready
[94396.183020] eth0: link down
[94396.235097] ar71xx: pll_reg 0xb8050010: 0x11110000
[94396.235133] eth0: link up (1000Mbps/Full duplex)
[94396.261764] br-lan: port 1(eth0.1) entered blocking state
[94396.267161] br-lan: port 1(eth0.1) entered disabled state
[94396.272956] device eth0.1 entered promiscuous mode
[94396.277738] device eth0 entered promiscuous mode
[94396.332234] br-lan: port 1(eth0.1) entered blocking state
[94396.337637] br-lan: port 1(eth0.1) entered forwarding state
(time of error 19:33)
After restart
restarted WAN and LAN interfaces
system logs
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' is now down
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.870854] br-lan: port 1(eth0.1) entered disabled state
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.907618] device eth0.1 left promiscuous mode
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.912238] device eth0 left promiscuous mode
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.916800] br-lan: port 1(eth0.1) entered disabled state
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.949998] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready
Sat Oct 19 19:48:49 2019 kern.info kernel: [101998.969270] eth0: link down
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' is disabled
Sat Oct 19 19:48:49 2019 daemon.err odhcpd[1091]: setsockopt(IPV6_ADD_MEMBERSHIP): No such device
Sat Oct 19 19:48:49 2019 daemon.err odhcpd[1091]: setsockopt(SO_BINDTODEVICE): No such device
Sat Oct 19 19:48:49 2019 daemon.notice netifd: VLAN 'eth0.1' link is down
Sat Oct 19 19:48:49 2019 daemon.notice netifd: bridge 'br-lan' link is down
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' has link connectivity loss
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Network device 'eth0' link is down
Sat Oct 19 19:48:49 2019 kern.debug kernel: [101999.025105] ar71xx: pll_reg 0xb8050010: 0x11110000
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.025180] eth0: link up (1000Mbps/Full duplex)
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.059647] br-lan: port 1(eth0.1) entered blocking state
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.065131] br-lan: port 1(eth0.1) entered disabled state
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.071031] device eth0.1 entered promiscuous mode
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.075905] device eth0 entered promiscuous mode
Sat Oct 19 19:48:49 2019 daemon.info dnsmasq[28476]: read /etc/hosts - 4 addresses
Sat Oct 19 19:48:49 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/odhcpd - 0 addresses
Sat Oct 19 19:48:49 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Sat Oct 19 19:48:49 2019 daemon.info dnsmasq-dhcp[28476]: read /etc/ethers - 0 addresses
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.128403] br-lan: port 1(eth0.1) entered blocking state
Sat Oct 19 19:48:49 2019 kern.info kernel: [101999.133893] br-lan: port 1(eth0.1) entered forwarding state
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' is enabled
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' is setting up now
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' is now up
Sat Oct 19 19:48:49 2019 daemon.notice netifd: bridge 'br-lan' link is up
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Interface 'lan' has link connectivity
Sat Oct 19 19:48:49 2019 daemon.notice netifd: Network device 'eth0' link is up
Sat Oct 19 19:48:49 2019 daemon.notice netifd: VLAN 'eth0.1' link is up
Sat Oct 19 19:48:50 2019 user.notice firewall: Reloading firewall due to ifup of lan (br-lan)
Sat Oct 19 19:48:51 2019 daemon.info dnsmasq[28476]: read /etc/hosts - 4 addresses
Sat Oct 19 19:48:51 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/dhcp.cfg01411c.30840 - 0 addresses
Sat Oct 19 19:48:51 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/odhcpd - 5 addresses
Sat Oct 19 19:48:51 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Sat Oct 19 19:48:51 2019 daemon.info dnsmasq-dhcp[28476]: read /etc/ethers - 0 addresses
Sat Oct 19 19:48:52 2019 daemon.notice netifd: wan (28667): udhcpc: received SIGTERM
Sat Oct 19 19:48:52 2019 daemon.notice netifd: Interface 'wan' is now down
Sat Oct 19 19:48:52 2019 daemon.notice netifd: Interface 'wan' is setting up now
Sat Oct 19 19:48:52 2019 daemon.warn dnsmasq[28476]: no servers found in /tmp/resolv.conf.auto, will retry
Sat Oct 19 19:48:52 2019 daemon.notice netifd: wan (30914): udhcpc: started, v1.28.3
Sat Oct 19 19:48:52 2019 daemon.notice netifd: wan (30914): udhcpc: sending discover
Sat Oct 19 19:48:52 2019 daemon.info dnsmasq[28476]: read /etc/hosts - 4 addresses
Sat Oct 19 19:48:52 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/odhcpd - 5 addresses
Sat Oct 19 19:48:52 2019 daemon.info dnsmasq[28476]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Sat Oct 19 19:48:52 2019 daemon.info dnsmasq-dhcp[28476]: read /etc/ethers - 0 addresses
Sat Oct 19 19:48:55 2019 daemon.notice netifd: wan (30914): udhcpc: sending discover
Sat Oct 19 19:48:55 2019 daemon.notice netifd: wan (30914): udhcpc: sending select for 108.18.37.96
Sat Oct 19 19:48:56 2019 daemon.notice netifd: wan (30914): udhcpc: lease of 108.18.37.96 obtained, lease time 7200
Sat Oct 19 19:48:56 2019 daemon.notice netifd: Interface 'wan' is now up
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: reading /tmp/resolv.conf.auto
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain test
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain onion
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain localhost
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain local
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain invalid
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain bind
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using local addresses only for domain lan
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using nameserver 1.1.1.1#53
Sat Oct 19 19:48:56 2019 daemon.info dnsmasq[28476]: using nameserver 8.8.8.8#53
Sat Oct 19 19:48:56 2019 user.notice firewall: Reloading firewall due to ifup of wan (eth1)
Sat Oct 19 19:49:59 2019 daemon.info dnsmasq-dhcp[28476]: DHCPDISCOVER(br-lan) 10:cd:b6:03:3c:45
Sat Oct 19 19:49:59 2019 daemon.info dnsmasq-dhcp[28476]: DHCPOFFER(br-lan) 192.168.1.107 10:cd:b6:03:3c:45
Sat Oct 19 19:49:59 2019 daemon.info dnsmasq-dhcp[28476]: DHCPREQUEST(br-lan) 192.168.1.107 10:cd:b6:03:3c:45
Sat Oct 19 19:49:59 2019 daemon.info dnsmasq-dhcp[28476]: DHCPACK(br-lan) 192.168.1.107 10:cd:b6:03:3c:45
Kernel Log
[101998.870854] br-lan: port 1(eth0.1) entered disabled state
[101998.907618] device eth0.1 left promiscuous mode
[101998.912238] device eth0 left promiscuous mode
[101998.916800] br-lan: port 1(eth0.1) entered disabled state
[101998.949998] IPv6: ADDRCONF(NETDEV_UP): eth0.1: link is not ready
[101998.969270] eth0: link down
[101999.025105] ar71xx: pll_reg 0xb8050010: 0x11110000
[101999.025180] eth0: link up (1000Mbps/Full duplex)
[101999.059647] br-lan: port 1(eth0.1) entered blocking state
[101999.065131] br-lan: port 1(eth0.1) entered disabled state
[101999.071031] device eth0.1 entered promiscuous mode
[101999.075905] device eth0 entered promiscuous mode
[101999.128403] br-lan: port 1(eth0.1) entered blocking state
[101999.133893] br-lan: port 1(eth0.1) entered forwarding state
ping/nslookup
Both work from the router and a host on the network.
I presume you have one cable from Actiontech LAN going to Netgear WAN and no other connections between those 2 right?
Could you verify that packets come and go through the router or router is dropping them?
Leave this running on the Netgear and when it happens again start a ping from some host on the LAN. tcpdump -i any -vvn icmp and host 1.1.1.1