[SOLVED] Locked out - need help troubleshooting /etc/config/network

Hi there!
First time fiddling around with openWrt, forgive any dumb question.

As per hw compatibility table, I installed Barrier Breaker 14.07 on a Netgear DG834GT.
Everything went fine, and I had access both via web interface and ssh.

Then I went on and replaced the default /etc/config/network with the following snippet, copy-pasted from the DG834GT wiki page , section "Assigning a WAN port with DHCP":

config 'switch' 'eth1'
	option 'enable' '1'
	option 'enable_vlan' '1'
	option 'reset' '1'

config 'switch_vlan' 'vlan0'
	option 'vlan' '0'
	option 'device' 'eth1'
	option 'ports' '1 2 3 5*'

config 'switch_vlan' 'vlan1'
	option 'vlan' '1'
	option 'device' 'eth1'
	option 'ports' '0 5t'

config 'interface' 'loopback'
	option 'ifname' 'lo'
	option 'proto' 'static'
	option 'ipaddr' '127.0.0.1'
	option 'netmask' '255.0.0.0'

config 'interface' 'lan'
	option 'type' 'bridge'
	option 'ifname' 'eth1.0'
	option 'proto' 'static'
	option 'ipaddr' '192.168.1.1'
	option 'netmask' '255.255.255.0'
	option 'nat' '1'
	option 'mtu' '1500'

config 'interface' 'wan'
	option 'ifname' 'eth1.1'
	option 'mtu' '1492'
	option 'proto' 'dhcp'

After rebooting the device, the following happens:
On the 4th eth port it requests (and gets assigned from my other router), an ip address successfully.
About the remaining 3 eth ports: on my pc I set a static ip using
dhcpcd -S ip_address=192.168.1.7/24 -S routers=192.168.1.1 enp0s25
(enp0s25 is the eth interface I'm trying to connect to the DG834GT) , but I cannot ping nor ssh nor see the dg834gt (enumerating all the hosts on the 192.168.1.1/24 from interface enp0s25 with nmap -sP 192.168.1.1/24 returns a single host, the one which is running nmap).

Did I misinterpret the /etc/network/config ?
How can I ssh into the dg834gt?

The dg834gt gets assigned an address in a 192.168.1.1/24 network from the other router (which provides internet connectivity), but this shouldn't be a problem: the same problem described above happens whether I connect the dg834gt to the other router, or I don't.
Thanks in advance for any idea and/or pointer!

gz

It's been too many years since Barrier Breaker was current, and it may be from the era that telnet was enabled.
(Edit: That impacts my memories of it, and I have asked how links such as the one you very reasonably followed might be kept up to date.)

Once you get access back to the device, you should strongly consider updating to 18.06 (18.06.1 looks like it's being build right now), or at least the latest 17.01 version. Once the 18.06.1 builds complete, the image should be in the http://downloads.openwrt.org/releases/18.06.1/targets/brcm63xx/generic/ directory.

I may be wrong, but isn't barrier breaker the last release supported by the dg834gt? I chose it based on the hardware compatibility table and the wiki page for the dg834gt ( that says officially 10.03 backfire is the last officially supporte by dg834gt, but 14.07 should work too, as it actually does as per my experience).

Besides, how would this solve my /etc/config/network problem?

Maybe I didn't fully comprehend your suggestion,sorry!

Zero is not valid as a VLAN number. Number your VLANs starting from 1.

Did firstboot make a default switch config? Several other things in your switch config also look fishy.

Log into the router via wifi while working on the Ethernet configuration so you don't get locked out.

While Google and other search engines still return the wiki.openwrt.org pages, it is the openwrt.org pages that are most current. Looking at the page for your router, the page looks outdated to me.

There appears to be an image for the DG834GT for the 18.06.0 release under http://downloads.openwrt.org/releases/18.06.0/targets/brcm63xx/generic/ 18.06.1 is presently just kicking off builds (it fixes a Linux vulnerability that was recently announced, from what I understand) and should be available for all devices in a day or two, depending on how fast the build machines progress.

On the network problem, it sounds like you may have the 192.168.1.0/24 network (and the 192.168.1.1 address) on two different interfaces. That would certainly make connectivity to the device from that network a hit-or-miss kind of thing.

Sadly wifi isn't enabled by default on dg834gt, and in order to do so you need internet to download the ath5k packages, and that is the reason that moved me to modify /etc/config/network.
But thanks for the pointers, will look into fixing that conf.

Thanks, I'll look into the links you provided tomorrow, and hopefully follow up with an edit.
If 18.06 turns out to be supported, I'll flash it asap.
Thanks for the prompt help!

Never seen asterix before only t for tagged

I saw that when I was expanding the switch documentation on the wiki. Might be / have been a Broadcom-ism, but didn't confirm if it is current.

The suffixes * and u are referred to in docs:guide-user:network:switch with reference to certain Broadcom switches in the context of older releases.

I read the docs and can confirm it's broadcom specific, '*' on a port means that traffic through that port is 'untagged', as opposed to 'T' ports.

There is only 16 MB of RAM. Do not try to run anything later than 14.04! The newer builds are certain to crash for lack of RAM.

You want to tag the CPU port in both VLANs, so it will work as eth1.1 and eth1.2.

Another way to get online so you can download packages (if the RAM permits) is to use it as a LAN device from your existing router.

2 Likes

The DG834GT dataentry currently shows 10.03.1 as last supported OpenWrt release.
IIRC this is due to the 16MB RAM only and a historic decision many moons ago to keep those devices at 10.03.1. Maybe the old forum has more information on this subject.

Hey all

problem solved thanks to all of you guys!:smiley:
Currently the DG834GT is happily running a Backfire release, and the VLANs and bridge are up and running.

In the end, not being able to gain access to the router, I ended up reflashing it.
This time I went with Backfire since it's just a home-project (I plan on buying a more capable device later on, which will run, hopefully, the latest openwrt release).
With backfire running and ssh access, after a couple failed configs, I ended up following the suggestions of mk24: reindex VLANs starting from 1 instead of 0, and tag port 5 in both of them.

This thing bugged me for quite a bit of time, thanks everybody for your help.
See you around

gz

ps:
Just in case anybody would ever need it - this is the working /etc/config/network .
The openwrt release is: 10.03.1 Backfire (r29592).

config 'switch' 'eth1'
	option 'enable' '1'
	option 'enable_vlan' '1'
	option 'reset' '1'

config 'switch_vlan' 'vlan1'
	option 'vlan' '1'
	option 'device' 'eth1'
	option 'ports' '1 2 3 5t'

config 'switch_vlan' 'vlan2'
	option 'vlan' '2'
	option 'device' 'eth1'
	option 'ports' '0 5t'

config 'interface' 'loopback'
	option 'ifname' 'lo'
	option 'proto' 'static'
	option 'ipaddr' '127.0.0.1'
	option 'netmask' '255.0.0.0'

config 'interface' 'lan'
	option 'type' 'bridge'
	option 'ifname' 'eth1.1'
	option 'proto' 'static'
	option 'ipaddr' '10.0.0.1'                 
	option 'netmask' '255.255.255.0'
	option 'nat' '1'
	option 'mtu' '1500'

config 'interface' 'wan'
	option 'ifname' 'eth1.2'
	option 'mtu' '1492'
	option 'proto' 'dhcp'

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.