Hi, I'm not very experienced in OpenWRT, so please explain what to do. A few days ago, I installed the openwrt software on the Xiaomi R4 router. I connected it to the main router via 5GHz wifi and bridged this connection to the lan ports according to the instructions on the openwrt wiki. Everything worked fine. I have a computer connected to one ethernet port, and an hp terminal to the other, which I use as a file server. I have an internet connection on my computer, but the terminal loses its assigned ipv4 address after some time and stays with the ipv6 address. I can connect to it via ssh (via ipv6). Along with the loss of the ipv4 address, the terminal loses access to the Internet. the ping command and ping6 return me an error saying that there is no internet connection. I have already dug a large chunk of the internet and found no solution. I do not see any errors in the connection with the terminal in the logs. This is really annoying. I can post my config here if someone tells me exactly where to find it. Thanks in advance.
Which specific instructions did you follow? Were you trying to setup the new OpenWrt device as a dumb AP? Did you turn off the DHCP server on the OpenWrt system and change the IPv4 address on the LAN to ensure it doesn't conflict with the upstream router?
if you ssh into your openwrt router, you can find and post the config files as described below.
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
I was following these exact instructions:
network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option ula_prefix 'fdb7:e18c:e4cd::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ip6assign '60'
list ipaddr '192.168.2.1/24'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config interface 'wwan'
option proto 'static'
option device 'wlan1'
option ipaddr '192.168.1.2'
option netmask '255.255.255.0'
config interface 'relay_bridge'
option proto 'relay'
list network 'WiFi24'
list network 'lan'
list network 'wwan'
option ipaddr '192.168.1.2'
config interface 'WiFi24'
option proto 'static'
list ipaddr '192.168.3.1/32'
option device 'wlan0'
wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option htmode 'HT20'
option txpower '20'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option encryption 'psk2'
option key 'mypass'
option network 'lan WiFi24'
option ssid 'hiddenssid'
config wifi-device 'radio1'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option txpower '20'
option cell_density '0'
option htmode 'HT40'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
option disabled '1'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'sta'
option network 'wwan'
option ssid 'hiddenssid'
option encryption 'psk2'
option key 'mypass'
dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
config dhcp 'lan'
option interface 'lan'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option ignore '1'
option start '3'
option limit '30'
list dhcp_option '6,192.168.1.191'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'WiFi24'
option interface 'WiFi24'
option start '100'
option limit '150'
option leasetime '12h'
option ignore '1'
option dynamicdhcp '0'
list dhcp_option '6,192.168.1.191'
list ra_flags 'none'
config host
option name 'T5550'
option duid '0004A199F8D5D28EC8F362CE9A73D99B25A8'
option hostid 'ce3'
firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option synflood_protect '1'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
list network 'relay_bridge'
list network 'wwan'
list network 'WiFi24'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled 'false'
config include
option path '/etc/firewall.user'
config zone
option name 'relay'
option input 'ACCEPT'
option output 'ACCEPT'
list network 'lan'
list network 'wwan'
option forward 'ACCEPT'
config forwarding
option src 'relay'
option dest 'lan'
config forwarding
option src 'lan'
option dest 'relay'
I cannot personally help you with this wireless relay configurations as I have not used this method. There is a warning at the top of the page that says that this method may not work on all devices, and one of the common failures is that DHCP messages don't get through the bridge properly.
Regarding the DHCP issue, you can try setting up a wireless device with a static IP (manually configured on the device itself) to see if that establishes proper connectivity. If so, it is likely just a DHCP problem. But if a static IP doesn't resolve the problem (in the test scenario), it is plausible there are other things going on.
That said, do you have an option to connect this OpenWrt device via a wire rather than wireless? If so, you eliminate the need to deal with the relay issues in the first place.
If I had the opportunity, I would not make the bridge. The only option is to connect to the main router via wifi and then split the connection into ethernet ports. I knew about the warning on the website, but it amazes me that one device has no problem and the other does. Interestingly, wifi24 also works properly when connected across the bridge. I just turned off the dhcp server for the LAN interface, the hp terminal has an ipv4 address again, see if it loses it again, or if it got solved.
Good luck. I wish I could help more. But if the problem persists, please report back here. Also, if you do need to continue working on the issue, I'd suggest editing the subject to indicate that this is a wireless relay issue -- that might get the right readers to click through and hopefully help resolve your issue.
Okay, I gave it some time and realized something. Just after ip loss, I ssh'd into Terminal and ran "dmesg" and "journalctl -p 3 -xb" Here's what I found:
[250613.896785] audit: type=1400 audit(1642356869.227:35): apparmor="DENIED" operation="open" profile="/{,usr/}sbin/dhclient" name="/proc/151900/task/151903/comm" pid=151900 comm="dhclient" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0
The journalctl gives some errors about pihole. I will try to disable pihole and solve dhclient problems.
Maybe that's the issue.
Ok, Apparmor was the problem. It was blocking dhclient from getting address. Solved.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.