Issues with configuring GL-AR300M as wifi bridge, IP being set correctly but gateway is incorrect

I'm relatively new to networking // using openwrt but here goes.

Essentially I've followed these guides:

• https://oldwiki.archive.openwrt.org/doc/recipes/relayclient
• https://openwrt.org/docs/guide-user/network/wifi/relay_configuration

I originally started with the second guide, but as I was unable to install the UI package for relay configuration, I ended up referring to the older guide as it includes the uci cli commands for each step. This also made it a lot easier to follow.

Anyhow, my network setup is almost identical to the diagram in the second guide. In that I have the GL-AR300M as a client of what I'll refer to as my primary router.

The intention is for devices connected to the GL-AR300M via ethernet to be able to:

• Connect to the internet via the primary router
• Be connected to or otherwise interfaced with by other devices in the primary router's network

As far as I can tell most of it seems to be working. The netbook I've been using to configure the router is able to correctly receive an IP from the primary router, but for some non-obvious reason it's defaulting to the GL-AR300M's subnet IP as the gateway, instead of the primary router. If I manually set the gateway to be the primary router it all works, but ideally it should be receiving this configuration automatically.

Configuration details for dhcp, firewall, network and wireless are as follows:

/etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option ignore '1'
	option ra 'relay'
	option ndp 'relay'
	option dhcpv6 'relay'
	list dhcp_option '3, 192.168.0.1'
	list dhcp_option '6, 192.168.0.1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'

config domain 'localhost'
	option name 'console.gl-inet.com'
	option ip '192.168.8.1'

/etc/config/firewall

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan wwan'

config zone
	option name 'wan'
	list network 'wan'
	list network 'wan6'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

config include 'miniupnpd'
	option type 'script'
	option path '/usr/share/miniupnpd/firewall.include'
	option family 'any'
	option reload '1'

config include 'shadowsocks'
	option type 'script'
	option path '/var/etc/shadowsocks.include'
	option reload '1'

config rule 'glservice_rule'
	option name 'glservice'
	option dest_port '83'
	option proto 'tcp udp'
	option src 'wan'
	option target 'ACCEPT'
	option enabled '0'

/etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdad:d6ff:1aba::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option hostname 'GL-AR300M-968'
	option ipaddr '192.168.8.1'
	option gateway '192.168.0.1'
	option dns '192.168.0.1'

config interface 'wan'
	option ifname 'eth0'
	option proto 'dhcp'
	option hostname 'GL-AR300M-968'

config interface 'wan6'
	option ifname 'eth0'
	option proto 'dhcpv6'

config interface 'wwan'
	option proto 'dhcp'

config interface 'stabridge'
	option proto 'relay'
	option network 'lan wwan'
	option ipaddr '192.168.0.169'

/etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'platform/qca953x_wmac'
	option noscan '1'
	option txpower '20'
	option channel '11'
	option hwmode '11g'
	option country 'US'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option ifname 'wlan0'
	option disabled '0'
	option network 'wwan'
	option mode 'sta'
	option ssid 'primary-router'
	option key 'redacted'
	option encryption 'psk-mixed'

What model is the primary router and does it have openwrt too?

Configuration should be simple, no need to touch dhcp/dnsmasq/firewall. On the client, dnsmasq should be disabled.

If the primary router has openwrt I recommend doing 802.11s mesh instead of the generic client bridge crap. Both boards need the package wpad-mesh-openssl. In wireless you make the radio in 802.11s mode, set an ID and password and thats it. In Interfaces, you edit LAN --> physical settings, and add the wifi interface.

If you still want to do it the old-fashioned way, you simply need to add the wireless interface to lan instead of the new interface wwan. The gateway ip of the client should be = to the address of the primary router. Again this would be set in Network --> Interfaces. Then simply go to System --> Startup and disable dnsmasq.

While you are editing LAN interface you can also take care of IPv6. In DHCP --> IPv6 settings, set everything to relay mode.

So in this particular case the primary router is supplied by my ISP and not something I'm willing nor likely able to reconfigure in this manner, thus unfortunately the neater option is out.

So in this case am I ticking the Bridge interfaces checkbox in the lan interface Physical Settings to include both eth0 and wwan?

After which point I should then disable dnsmasq?

Otherwise I believe the rest of what you've described should already be in place

Yes and also make sure that wwan is set to LAN for firewall in Network --> Interfaces

Looks like that all worked, thanks for the help!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.