couple day i setup warp in my AX6 openwrt not working well, so setup from 0 than i found mwan3 have issue, every time install mwan3 not show cloudflare ip, check conection the warp already connect.
any ide how solve it? or can't work with 1 router? now i setup 2 router, rotuer A with Warp, router B mwan3, don't know is good configuration or not setup 2 router only to use warp + mwan3
thanks
check the warp connection
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
option flow_offloading '1'
option flow_offloading_hw '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd89:aaaf:51ea::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ip6assign '60'
list ipaddr '192.168.x.1/24'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option metric '10'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config device
option name 'wan'
option macaddr 'xx:xx:xx:20:75:8B'
config interface 'wanb'
option proto 'dhcp'
option device 'lan2'
option metric '20'
config interface 'zerotier'
option proto 'dhcp'
option device 'ztr2qyexzy'
config interface 'cloud'
option proto 'wireguard'
option private_key 'xxxxxxxqNlQM4cY132Hille+vCN+oKLl4='
list addresses '172.16.0.2/32'
list addresses '2606:4700:110:82b8:b2c9:5992:ac1b:4254/128'
list dns '1.1.1.1'
config wireguard_cloud
option description 'Imported peer configuration'
option public_key 'xxxxxxxxxyiK2H5/1SUtzH0JuVo51h2wPfgyo='
list allowed_ips '0.0.0.0/0'
list allowed_ips '::/0'
option endpoint_host 'engage.cloudflareclient.com'
option endpoint_port '2408'
option route_allowed_ips '1'type or paste code here
I am not sure if this is relevant for your situation, but there is a well-known mwan3 bug with any kind of tunnels. See the related merge request: https://github.com/openwrt/packages/pull/20923
i don't make u confuse i will reset my router to factory default and submit new fresh configuration, forget previous post, let's focus to new. after factory default i just install only mwan3 package with mwan3 default configuration and WG VPN
router AX6 snapshot download from openwrt web.
root@OpenWrt:~# vi /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fda1:d3c0:53c3::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.5.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config interface 'cloud'
option proto 'wireguard'
option private_key 'xxxxxxxxxxP2qqNlQM4cY132Hille+vCN+oKLl4='
list dns '1.1.1.3'
list addresses '172.16.0.2/32'
list addresses '2606:4700:110:82b8:b2c9:5992:ac1b:4254/128'
config wireguard_cloud
option description 'Imported peer configuration'
option public_key 'xxxxxxxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo='
option endpoint_host 'engage.cloudflareclient.com'
option endpoint_port '2408'
option persistent_keepalive '25'
option route_allowed_ips '1'
list allowed_ips '0.0.0.0/0'
list allowed_ips '::/0'
config device
option name 'wan'
option macaddr 'xx:xx:C0:20:75:8B'
config interface 'wanb'
option proto 'dhcp'
option device 'lan1'
root@OpenWrt:~# vi /etc/config/firewall
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
root@OpenWrt:/etc/config# vi mwan3
option interface 'wanb'
option metric '2'
option weight '2'
config member 'wan6_m1_w3'
option interface 'wan6'
option metric '1'
option weight '3'
config member 'wan6_m2_w3'
option interface 'wan6'
option metric '2'
option weight '3'
config member 'wanb6_m1_w2'
option interface 'wanb6'
option metric '1'
option weight '2'
config member 'wanb6_m1_w3'
option interface 'wanb6'
option metric '1'
option weight '3'
config member 'wanb6_m2_w2'
option interface 'wanb6'
option metric '2'
option weight '2'
config policy 'wan_only'
list use_member 'wan_m1_w3'
list use_member 'wan6_m1_w3'
config policy 'wanb_only'
list use_member 'wanb_m1_w2'
list use_member 'wanb6_m1_w2'
config policy 'balanced'
list use_member 'wan_m1_w3'
list use_member 'wanb_m1_w3'
list use_member 'wan6_m1_w3'
list use_member 'wanb6_m1_w3'
config policy 'wan_wanb'
list use_member 'wan_m1_w3'
list use_member 'wanb_m2_w2'
list use_member 'wan6_m1_w3'
list use_member 'wanb6_m2_w2'
config policy 'wanb_wan'
list use_member 'wan_m2_w3'
list use_member 'wanb_m1_w2'
list use_member 'wan6_m2_w3'
list use_member 'wanb6_m1_w2'
config rule 'https'
option sticky '1'
option dest_port '443'
option proto 'tcp'
option use_policy 'balanced'
config rule 'default_rule_v4'
option dest_ip '0.0.0.0/0'
option use_policy 'balanced'
option family 'ipv4'
config rule 'default_rule_v6'
option dest_ip '::/0'
option use_policy 'balanced'
option family 'ipv6'