LAN/WAN port no internet
My device is TP-Link TL-MR3020 v3 (https://openwrt.org/toh/tp-link/tl-mr3020_v3)
I connect it to my computer via an ethernet cable usb adapter and in luci I remove existing (disabled) wifi OpenWrt and scan for WiFi networks, I connect to an existing wifi network, all is fine, however, only the router gets internet, which is fine for me to update and add packages, LAN/WAN connected to my Debian computer does not get internet, but has a connection to SSH/luci and do whatever I need.
I then go ahead and use client wifi and Master wifi. All works as expected. Once I do this I can't even connect to LAN, the LAN icon on debian keeps spinning, asif it's not getting assigned an IP address.
All wifi devices connected to the network work fine, using OpenVPN/Adblock, works perfectly.
LAN/WAN connection to PC just doesn't work. Is it my router? does it support LAN while being an AP? or is it my firewall? or something else.
When I plug in the LAN/WAN eth to computer and unplug I get the following in Kernel Log
[ 485.472561] br-lan: port 1(eth0.1) entered blocking state
[ 485.478072] br-lan: port 1(eth0.1) entered forwarding state
[ 488.345254] IPv6: MLD: clamping QRV from 1 to 2!
[ 494.357956] IPv6: MLD: clamping QRV from 1 to 2!
[ 500.370006] IPv6: MLD: clamping QRV from 1 to 2!
[ 506.381687] IPv6: MLD: clamping QRV from 1 to 2!
[ 512.394216] IPv6: MLD: clamping QRV from 1 to 2!
[ 518.406852] IPv6: MLD: clamping QRV from 1 to 2!
[ 524.417392] IPv6: MLD: clamping QRV from 1 to 2!
[ 530.430471] IPv6: MLD: clamping QRV from 1 to 2!
[ 536.451433] IPv6: MLD: clamping QRV from 1 to 2!
[ 542.462491] IPv6: MLD: clamping QRV from 1 to 2!
[ 548.475206] IPv6: MLD: clamping QRV from 1 to 2!
[ 554.488425] IPv6: MLD: clamping QRV from 1 to 2!
[ 560.499975] IPv6: MLD: clamping QRV from 1 to 2!
[ 566.514832] IPv6: MLD: clamping QRV from 1 to 2!
[ 572.524846] IPv6: MLD: clamping QRV from 1 to 2!
[ 578.536175] IPv6: MLD: clamping QRV from 1 to 2!
[ 584.561791] IPv6: MLD: clamping QRV from 1 to 2!
[ 589.018680] rt3050-esw 10110000.esw: port 0 link down
[ 589.024624] br-lan: port 1(eth0.1) entered disabled state
root@OpenWrt:~# ubus call system board
{
"kernel": "5.10.146",
"hostname": "OpenWrt",
"system": "MediaTek MT7628AN ver:1 eco:2",
"model": "TP-Link TL-MR3020 v3",
"board_name": "tplink,tl-mr3020-v3",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "22.03.2",
"revision": "r19803-9a599fee93",
"target": "ramips/mt76x8",
"description": "OpenWrt 22.03.2 r19803-9a599fee93"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd29:fbef:2087::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.1'
option igmp_snooping '1'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '0'
config interface 'jio'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.1'
config interface 'eth'
option proto 'dhcp'
option device 'eth0.1'
option peerdns '0'
list dns '1.1.1.1'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list device 'tun0'
list network 'lan'
list network 'jio'
list network 'eth'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled '0'
config include
option path '/etc/firewall.user'