No Internet Access on one Interface

BadOne · August 22, 2022, 3:00am

I have No Internet Access on one interface. This Vlan interface was originally set up in the firewall rules to purposely have no Internet as an IoT Vlan. It has always worked great until we just had a two hour power outage. So now I need to temporary have Internet to re-connect some devices.

When I put the firewall rules to allow access, I get ‘No Internet Access”, just as it was as an IoT. I tried connecting a laptop and my phone and I get the same, no Internet. I tried connecting via Ethernet, and when that didn’t work, I tried setting it up as a wireless and that still didn’t work.

I’ve looked carefully at etc/config/firewall and config/network and I don’t see anything wrong there either.

I suspected something downstream, or even the managed switches, so I set up the port directly on the router, disconnected everything downstream, and still, no Internet. (That’s when I then tried setting it up as wireless to no avail either).

The Vlan itself is working perfectly, 21 cameras. No problems there.

When I compare the settings to my Guest Vlan, everything is identical, but my Guest Vlan does in fact have Internet. My regular private Vlan also has Internet. After relentlessly setting the rules over and over, I’m out of ideas.
I searched around but couldn’t find anything to help.
Any help would be greatly appreciated.

psherman · August 22, 2022, 4:17am

Let's see your configuration...

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

BadOne · August 22, 2022, 3:36pm

Solved –
I think

The problem cleared up when I removed the DHCP Option, 6,192.168.3.11 in the IoT Vlan 4 Interface settings. That ip is my Raspberry Pi Pihole, DNS server.

The odd thing is, that the Raspberry Pi shut down during the power outage, and there was no problem with the LAN. The native LAN in Openwrt, which is Vlan 3 on my system, still has Internet with or without the Pihole powered on, with that setting in place. But Vlan 4, no Internet access.
I guess there is something unique about the native LAN vs a created LAN.

It seems that Vlan 4 won’t have Internet with anything in the DHCP option.
I guess I didn’t catch this when I added the DNS server because the IoT was already set up with no Internet, and at that point all seemed to be working as planned. Come to think of it, I don’t know why I even make that entry for the IoT.

The Pihole is a DNS server only, not a DHCP. It is at 192.168.3.11.
The Vlan 3 is 192.168.3.x/24. (Native LAN)
The Vlan 4 is 192.168.2.x/24 (IoT, created LAN)

The Vlan 4 will not work with DHCP option 6,192.168.3.11, whether the DNS server is on or not.
The Vlan 3 will work with the DHCP option 6,192.168.3.11, whether it is on or not.

In fact, I put in a fictional DHCP option 6,192.168.2.11 (which doesn’t exist), and Vlan 3 still has Internet.

Vlan 4 however seems to not work with any Interface DHCP Option. Even when I set it to allow zone forwarding to WAN and LAN, and set it to Accept, Accept, Accept, it still didn’t work.

I don’t know if there is something broken here or not. But after many ping tests and connection tests I have confirmed it’s operation.
And when the DNS server is on, it is filtering DNS requests, as it should.

Testing this, I put the DNS server, (192.168.3.11), instead in
Network > DHCP and DNS > DNS FORWARDINGS, then the Vlan 4 is okay with that. It just doesn’t like anything in the Interface DHCP Option setting.

So now that I know all this I can work with it.

I’m pretty sure I won’t need to redact anything here, but then again it was till 4:45 a.m. ! And that is the result of one sleepless night.

Any insight would be appreciated. Thanks!!!

tmomas · September 1, 2022, 3:36pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.