Hi, there, new user of OpenWRT, please be gentle...
My configuration is very basic, and 98% of it went well. Well, if I believe the GUI, it all went well, except, that none of my WiFi devices can join the network.
My android phone fails at at status "Obtaining IP address".
In the system log, I see "DHCP packet received on wlan0 which has no address"
ssh-ing to the router, sure enough, wlan0 and wlan1 have no IPv4 address.
Using Google, I saw a number of people having this or similar problems, but no solution that I could grok.
This is a single router. I'm not setting up ansible or the like until I can do it first with GUI and/or shell commands.
There is no guest VLAN. One disaster at a time.
The firewall rules are default; I have not modified the iptables.
First off, it would help to know where you've started and where you've gone from there. A default configuration of current OpenWrt should result in a pretty much "ready to go" setup with:
WAN interface accepting DHCP
Two, unencrypted APs, disabled, both bridged to the LAN
The LAN at 192.168.1.1, providing DHCP in 192.168.1.0/24
NAT for LAN clients to the Internet (or whatever is upstream of your LAN)
Editing /etc/config/wireless to comment out the "disabled" line on the two radios and running wifi, or doing the equivalent through LuCI should have brought your box up in a functional way.
Which version of OpenWrt did you flash?
What changes from default did you make?
The two wlan interfaces are slave interfaces to the br-lan interface. It is that bridge that gets the IP address, not the wlan interfaces. What you're seeing there is expected, assuming that you've got an address on the bridge. A box on my bench reports the following:
root@OpenWrt:~# ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
OpenWRT version in subject line, OpenWrt 18.06.2 r7676-cddd7b4c77
SSH access is available, I did set my public key in.
LuCI at 192.168.20.254
NAT for LAN clients to ISP
Two fixed entries for resolving DNS, 8.8.8.8 and 8.8.4.4
ESSID for radio0 is xxxx, for radio1 is xxxx2, same password, WPA2-PSK.
radio0 is in legacy mode, channel 11, defaults. It clearly is handshaking past the security. (Radio1 can be ignored since I'm not even attempting to talk to it.)
My box reports as follows:
root@speedbump:~# ip -4 addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.20.254/24 brd 192.168.20.255 scope global br-lan
valid_lft forever preferred_lft forever
8: br-wan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 208.69.213.177/25 brd 208.69.213.255 scope global br-wan
valid_lft forever preferred_lft forever
root@speedbump:~#
Other than what I think is a typo with "268", that all looks reasonable (meaning should be functional, as there are some tweaks you might take on relative to wireless performance in the future).
What does cat /etc/config/dhcp show? (The preformatted-text button is helpful, </>)
Is there a symink in /etc/rc.d/ for S19dnsmasq -> ../init.d/dnsmasq or the equivalent?
Does ps w show dnsmasq running?
Does your /etc/config/wireless have option network 'lan' in each of the wifi-iface stanzas?
(As an example, from a first-boot system)
Laptop and phone are both failing to connect -- both are attempting. The android phone was closest to grab for the "user friendly" error message.
Same behavior with radio1
Applied to your case, it seems like dnsmasq receives DHCP requests on
eth0.3 which does not have an IP and netmask, and therefore rightly
complain about that.
So, for some reason it might be that dnsmasq is listening to wlan0 and hasn't been configured to ignore it.
For comparison, here's bringing up an AP, seeing it come up and being enslaved by the br-lan bridge, then an iPhone associating and getting both an IPv6 and IPv4 address.
Also, do any other wireless devices have problems with DHCP? I have vague memories of posts about Android devices having problems with IPv6, but I don't remember any of the details.(I see now that you have other devices with DHCP problems)
It was more that the device could get "confused", but DHCPV6 is handed by odhcpd, not dnsmasq, from what I understand.
You may be new at this, but you seem to know your way around `nix systems reasonably well. tcpdump-mini will give you most of the functionality you need to watch the packets. (I haven't figured out what it is missing, having never run into a limitation in my own use.)
From a running system, firstboot will erase the overlay (then reboot)
Pressing "the button" (edit: I'm not sure which one is "standard" for this) for 5 or ten seconds (as I recall) on a running system will do a reset/reboot
Getting into "failsafe" mode by pressing "the button" (once) during the two seconds when the boot light (typically the same as power/status) starts flashing, will shortly indicate failsafe mode by (typically) that same light flashing even faster. The device is reachable at 192.168.1.1:22, ssh, root, no password (though the host key will change). From there you can run firstboot as well.
Might want to save your config somewhere off the router for reference. sysupgrade can be used for that, or through LuCI.
root@OpenWrt:~# sysupgrade
Usage: /sbin/sysupgrade [<upgrade-option>...] <image file or URL>
/sbin/sysupgrade [-q] [-i] [-c] [-u] [-o] [-k] <backup-command> <file>
upgrade-option:
-f <config> restore configuration from .tar.gz (file or url)
-i interactive mode
-c attempt to preserve all changed files in /etc/
-o attempt to preserve all changed files in /, except those
from packages but including changed confs.
-u skip from backup files that are equal to those in /rom
-n do not save configuration over reflash
-p do not attempt to restore the partition table after flash.
-k include in backup a list of current installed packages at
/etc/backup/installed_packages.txt
-T | --test
Verify image and config .tar.gz but do not actually flash.
-F | --force
Flash image even if image checks fail, this is dangerous!
-q less verbose
-v more verbose
-h | --help display this help
backup-command:
-b | --create-backup <file>
create .tar.gz of files specified in sysupgrade.conf
then exit. Does not flash an image. If file is '-',
i.e. stdout, verbosity is set to 0 (i.e. quiet).
-r | --restore-backup <file>
restore a .tar.gz created with sysupgrade -b
then exit. Does not flash an image. If file is '-',
the archive is read from stdin.
-l | --list-backup
list the files that would be backed up when calling
sysupgrade -b. Does not create a backup file.