Need help setting up LAN and WAN

Hi, I'm a new user and still learning a lot. So far I've been unsuccessful in configuring my router. This is my third attempt to set up something like this (first time using openWRT) and again I find myself spending multiple days on configuration without any results. I could really use some pointers.

I've installed OpenWrt (19.07.5 r11257-5090152ae3) on a Netgear WNDR3700v1 and I want to use it to extend both my physical and wireless network. My main router is a Compal CH7465LG-ZG provided by the ISP, the configuration options are very limited but I'm still trying to work with it.

The Netgear WAN port is wired to the Compal LAN1 port. Compal is using the 192.168.178.0/24 range, Netgear is on 192.168.2.0/24.

When I connect my laptop to the Netgear LAN1 port using a static IP address, everything 'works'. However, when I switch to automatic IP assignment, I'm not getting any.

So far, I followed the steps described here to set up a wifi repeater: relayd configuration. I think I managed to configure it correctly, but I'm unable to confirm. I would like to first check on the wired connection. For now I've disabled the wireless clients.

Just going to dump some info here:

root@OpenWrt:~# uci show wireless
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.hwmode='11g'
wireless.radio0.path='pci0000:00/0000:00:11.0'
wireless.radio0.htmode='HT20'
wireless.radio0.channel='6'
wireless.radio0.disabled='1'
wireless.default_radio0=wifi-iface
wireless.default_radio0.device='radio0'
wireless.default_radio0.network='lan'
wireless.default_radio0.mode='ap'
wireless.default_radio0.encryption='none'
wireless.default_radio0.ssid='Ziggo9ED6C1D'
wireless.default_radio0.disabled='1'
wireless.radio1=wifi-device
wireless.radio1.type='mac80211'
wireless.radio1.channel='36'
wireless.radio1.hwmode='11a'
wireless.radio1.path='pci0000:00/0000:00:12.0'
wireless.radio1.htmode='HT20'
wireless.radio1.disabled='1'
wireless.default_radio1=wifi-iface
wireless.default_radio1.device='radio1'
wireless.default_radio1.network='lan'
wireless.default_radio1.mode='ap'
wireless.default_radio1.encryption='none'
wireless.default_radio1.ssid='Ziggo9ED6C1D'
wireless.default_radio1.disabled='1'
wireless.wifinet2=wifi-iface
wireless.wifinet2.ssid='Ziggo9ED6C1D'
wireless.wifinet2.device='radio0'
wireless.wifinet2.mode='sta'
wireless.wifinet2.key='b7x6xyRjwsmX'
wireless.wifinet2.network='wwan'
wireless.wifinet2.encryption='psk2'
wireless.wifinet2.bssid='90:5C:44:0A:EA:BE'
wireless.wifinet2.disabled='1'
wireless.wifinet3=wifi-iface
wireless.wifinet3.ssid='Ziggo9ED6C1D'
wireless.wifinet3.device='radio1'
wireless.wifinet3.mode='sta'
wireless.wifinet3.key='b7x6xyRjwsmX'
wireless.wifinet3.network='wwan'
wireless.wifinet3.encryption='psk2'
wireless.wifinet3.bssid='90:5C:44:0A:EA:9A'
wireless.wifinet3.disabled='1'

root@OpenWrt:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fde0:6385:540c::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan.gateway='192.168.178.1'
network.lan.dns='8.8.8.8' '8.8.4.4'
network.lan.ipaddr='192.168.2.1'
network.lan_eth0_dev=device
network.lan_eth0_dev.name='eth0'
network.lan_eth0_dev.macaddr='e2:91:f5:00:fa:aa'
network.wan=interface
network.wan.ifname='eth1'
network.wan.proto='dhcp'
network.wan6=interface
network.wan6.ifname='eth1'
network.wan6.proto='dhcpv6'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch[0].blinkrate='2'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='0 1 2 3 5'
network.@switch_port[0]=switch_port
network.@switch_port[0].device='switch0'
network.@switch_port[0].port='1'
network.@switch_port[0].led='6'
network.@switch_port[1]=switch_port
network.@switch_port[1].device='switch0'
network.@switch_port[1].port='2'
network.@switch_port[1].led='9'
network.@switch_port[2]=switch_port
network.@switch_port[2].device='switch0'
network.@switch_port[2].port='5'
network.@switch_port[2].led='2'
network.wwan=interface
network.wwan.proto='dhcp'
network.repeater_bridge=interface
network.repeater_bridge.proto='relay'
network.repeater_bridge.ipaddr='192.168.178.2'
network.repeater_bridge.network='lan' 'wwan'

root@OpenWrt:~# uci show firewall
firewall.@defaults[0]=defaults
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@defaults[0].synflood_protect='1'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan repeater_bridge wwan'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].network='wan wan6'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fc00::/6'
firewall.@rule[3].dest_ip='fc00::/6'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[7]=rule
firewall.@rule[7].name='Allow-IPSec-ESP'
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].name='Allow-ISAKMP'
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[1]=forwarding
firewall.@forwarding[1].dest='wan'
firewall.@forwarding[1].src='lan'

root@OpenWrt:~# uci show dhcp
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.dhcpv6='server'
dhcp.lan.ra='server'
dhcp.lan.ra_management='1'
dhcp.lan.ignore='1'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'

root@OpenWrt:~# ip a; ip r; ip ru
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br-lan state UP qlen 1000
    link/ether e2:91:f5:00:fa:aa brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    link/ether e0:91:f5:00:fa:ab brd ff:ff:ff:ff:ff:ff
    inet 192.168.178.3/24 brd 192.168.178.255 scope global eth1
       valid_lft forever preferred_lft forever
    inet6 fe80::e291:f5ff:fe00:faab/64 scope link
       valid_lft forever preferred_lft forever
4: wlan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether e0:91:f5:00:fa:aa brd ff:ff:ff:ff:ff:ff
5: wlan1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether e0:91:f5:00:fa:ac brd ff:ff:ff:ff:ff:ff
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether e2:91:f5:00:fa:aa brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.1/24 brd 192.168.2.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fde0:6385:540c::1/60 scope global
       valid_lft forever preferred_lft forever
    inet6 fe80::e091:f5ff:fe00:faaa/64 scope link
       valid_lft forever preferred_lft forever
default via 192.168.178.1 dev eth1  src 192.168.178.3
192.168.2.0/24 dev br-lan scope link  src 192.168.2.1
192.168.178.0/24 dev eth1 scope link  src 192.168.178.3
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

root@OpenWrt:~# ping -c3 google.com
PING google.com (172.217.17.110): 56 data bytes
64 bytes from 172.217.17.110: seq=0 ttl=117 time=12.966 ms
64 bytes from 172.217.17.110: seq=1 ttl=117 time=12.669 ms
64 bytes from 172.217.17.110: seq=2 ttl=117 time=11.072 ms

--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 11.072/12.235/12.966 ms

Sorry, I do not like reading output of uci show (@trendy likes it, but now even he asks to perform uci export). So what is you aim? On the manual there is configuration to extend existing WIRELESS network, so OpenWRT-router connects to exising wireless network, and extends it. Have you installed relayd package?

The most common problem is that the client router cannot pass the DHCP message between the main router and the client connected to the client router. Currently it seems to be the hardware/SOC limitation (related to MAC cloning?)

Are you using a static IP from the 192.168.2.0/24 subnet?

That's because it appears DHCP is disabled on the LAN interface. Enable it.

I want to have both the Compal and Netgear broadcasting the same wireless network. I would like all devices that are either connected wirelessly or wired to either of these machines, to be a part of the same network.
Longer term, if I can get these two machines to work together, I want to get a third router up and running, in a more remote location - the garden shed. There's currently no wifi coverage anywhere near there, so I'm gonna roll out a ground cable.

Then it seems I followed the wrong manual? I do want to extend the existing wireless network, but I want to use a wired connection between these two devices. There's a lot of wifi interference where I live.

Yes.

Yes.

I was told that relayd can't work if DHCP is enabled. I would like to have only 1 DHCP server in my network, which would have to be the Compal.

I think I've read about this somewhere in my Google quest to find the solution, IIRC there are others with the same Compal device with similar issues. If this is the issue, how would I go around fixing this with the current hardware?

And here's the uci exports:

package wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option hwmode '11g'
        option path 'pci0000:00/0000:00:11.0'
        option htmode 'HT20'
        option channel '6'
        option disabled '1'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option encryption 'none'
        option ssid 'Ziggo9ED6C1D'
        option disabled '1'

config wifi-device 'radio1'
        option type 'mac80211'
        option channel '36'
        option hwmode '11a'
        option path 'pci0000:00/0000:00:12.0'
        option htmode 'HT20'
        option disabled '1'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option encryption 'none'
        option ssid 'Ziggo9ED6C1D'
        option disabled '1'

config wifi-iface 'wifinet2'
        option ssid 'Ziggo9ED6C1D'
        option device 'radio0'
        option mode 'sta'
        option key 'b7x6xyRjwsmX'
        option network 'wwan'
        option encryption 'psk2'
        option bssid '90:5C:44:0A:EA:BE'
        option disabled '1'

config wifi-iface 'wifinet3'
        option ssid 'Ziggo9ED6C1D'
        option device 'radio1'
        option mode 'sta'
        option key 'b7x6xyRjwsmX'
        option network 'wwan'
        option encryption 'psk2'
        option bssid '90:5C:44:0A:EA:9A'
        option disabled '1'

root@OpenWrt:~# uci export network
package network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fde0:6385:540c::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.178.1'
        list dns '8.8.8.8'
        list dns '8.8.4.4'
        option ipaddr '192.168.2.1'

config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'e2:91:f5:00:fa:aa'

config interface 'wan'
        option ifname 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth1'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
        option blinkrate '2'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0 1 2 3 5'

config switch_port
        option device 'switch0'
        option port '1'
        option led '6'

config switch_port
        option device 'switch0'
        option port '2'
        option led '9'

config switch_port
        option device 'switch0'
        option port '5'
        option led '2'

config interface 'wwan'
        option proto 'dhcp'

config interface 'repeater_bridge'
        option proto 'relay'
        option ipaddr '192.168.178.2'
        list network 'lan'
        list network 'wwan'

root@OpenWrt:~# uci export firewall
package firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan repeater_bridge wwan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config forwarding

config forwarding
        option dest 'wan'
        option src 'lan'

root@OpenWrt:~# uci export dhcp
package dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        option ignore '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

Then you want to set the Netgear up as a 'Dumb AP'

That sounds just right, I'll go and try that out, thanks! I'll let you know if I got it working.

Well, that was surprisingly easy, thanks! The wired connection is working well, I'm not 100% sure I set up the wifi correctly, but I'll certainly manage from here.

It is not difficult. If you were trying a bit instead of complaining you would have learnt it.

I leave this great skill for you

Thank you, cringy little guy.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.