No internet connection from the router via ssh from time to time


#1

From my pc, mobile phone, a.s.o I have an interent connection, but sometimes not when I am connected to the rooter via ssh.

 * opkg_download: Failed to download http://downloads.openwrt.org/releases/18.06.1/packages/arm_cortex-a15_neon-vfpv4/telephony/Packages.gz, wget returned 4.
 * opkg_download: Check your network settings and connectivity.

Last time I "played" a little bit with commands and suddenly it worked, no idea why.

root@R7800:~# grep -r "178\.1" /etc/config/
/etc/config/dhcp:	list server '192.168.178.1'

I entered the Fritzbox 192.168.178.1 for DNS-forwarding at http://192.168.178.55/cgi-bin/luci/admin/network/dhcp (DHCP and DNS)

root@R7800:~# ping 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
ping: sendto: Network unreachable

So it looks like it is not a DNS problem. Last time I thought it was.

root@R7800:~# cat /etc/config/dhcp 

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	list server '192.168.178.1'

config dhcp 'lan'
	option interface 'lan'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

Here is the network-config.

root@R7800:~# cat /etc/config/network 

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix '....-....-....::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth1.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.178.55'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'none'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'none'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '5 0t'
root@R7800:~# ping -c2 192.168.178.1
PING 192.168.178.1 (192.168.178.1): 56 data bytes
64 bytes from 192.168.178.1: seq=0 ttl=64 time=0.922 ms
64 bytes from 192.168.178.1: seq=1 ttl=64 time=0.922 ms

--- 192.168.178.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 0.922/0.922/0.922 ms
root@R7800:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 br-lan

Archer C7 v5 - openwrt 18.06.1 - extend wifi network
#2

There are 3 routers.

Fritzbox is connected to the internet
R7800 wds master (connected via Ethernet cable to the Frtizbox)
Archer C7 wds client (Wifi only, no cable connection)

root@notebook:~# nslookup openwrt.org # connected via wifi to the client-bridge at .59 (C7)
Server:		127.0.1.1
Address:	127.0.1.1#53

Non-authoritative answer:
Name:	openwrt.org
Address: 139.59.209.225

root@archerc7v5:~# ping -c1 192.168.178.55 # wds-master
PING 192.168.178.55 (192.168.178.55): 56 data bytes
64 bytes from 192.168.178.55: seq=0 ttl=64 time=2.415 ms
--- 192.168.178.55 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 2.415/2.415/2.415 ms
root@archerc7v5:~# ping -c1 192.168.178.1 # Fritzbox, gateway to Internet
PING 192.168.178.1 (192.168.178.1): 56 data bytes
64 bytes from 192.168.178.1: seq=0 ttl=64 time=2.162 ms
--- 192.168.178.1 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 2.162/2.162/2.162 ms
root@archerc7v5:~# ping -c1 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
--- 139.59.209.225 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss
root@notebook:~# route -n
Kernel-IP-Routentabelle
Ziel            Router          Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    600    0        0 wlp3s0
169.254.0.0     0.0.0.0         255.255.0.0     U     1000   0        0 wlp3s0
192.168.178.0   0.0.0.0         255.255.255.0   U     600    0        0 wlp3s0

So the notebook has an 192.168.178.1 entry and therefore I can connect to the internet

root@archerc7v5:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.50  0.0.0.0         UG    0      0        0 br-lan
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 br-lan

The WDS-client C7 connects to the WDS-master R7800 at 192.168.178.50

root@R7800:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 br-lan

So there is no gateway defined at the WDS-master

root@R7800:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 br-lan
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 br-lan

When I assign a gateway the internet-connection from the ssh-terminal of the master works

root@R7800:~# ping -c1 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
64 bytes from 139.59.209.225: seq=0 ttl=55 time=45.958 ms
--- 139.59.209.225 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 45.958/45.958/45.958 ms

But I cannot reach the wds-client anymore:

root@R7800:~# ping -c1 192.168.178.59
PING 192.168.178.59 (192.168.178.59): 56 data bytes
--- 192.168.178.59 ping statistics ---
1 packets transmitted, 0 packets received, 100% packet loss

I am playing with routes.

There are 3 routers.

Fritzbox is connected to the internet
R7800 wds master (connected via Ethernet cable to the Frtizbox)
Archer C7 wds client (Wifi only, no cable connection)

What I don't understand where the IP for DNS-forwarding is saved in the config-files.

root@archerc7v5:~# grep -r "178\.1" /etc/
/etc/config/network:	option gateway '192.168.178.1'
grep: /etc/localtime: No such file or directory
grep: /etc/ppp/resolv.conf: No such file or directory

I entered 192.168.178.1 for dns forwarding, but it is not found in the config files.

root@archerc7v5:~# cat /etc/resolv.conf 
search lan
nameserver 127.0.0.1

Edited:

Maybe I understand the problem a little bit better now. A cleint like a mobile phone uses DHCP and gets the IP-address and the DNS-server from the Fritzbox. A manual configured TV has the Frtizbox as Gateway and the IP-address of the Fritzbox for DNS, but the router has a static IP only and DHCP is disabled. There can be only 1 DNS-server, which is the Fritzbox, so other routers must disable DHCP, but that is too much disabled, when I read https://openwrt.org/docs/guide-user/base-system/dns_configuration

Enabling DNS without enabling DHCP

dnsmasq can be used to provide clients with a DNS server, but not with DHCP (for example, if DHCP is already supplied by a separate server).

  1. dnsmasq must be turned on for the internal interface:

  2. Network → Interfaces: Click desired internal interface to select it

  3. DHCP Server: Click Setup DHCP Server , which enables both DHCP and DNS

  4. DHCP portion of dnsmasq needs to be turned off.

  5. Network → Interfaces: Click desired internal interface to select it

  6. DHCP Server: Enable option Ignore interface

  7. Save & Apply

This change will turn off just DHCP but leave DNS services available on the specified interface.

I can't find this with Luci in 18.06.1


#4

Having set a static IP on the LAN network of the you also need option dns and option gateway in the LAN stanza of /etc/config/network. These point back to the main router.

It is OK to kill dnsmasq completely. Also you need to be sure there is no DHCPv6 server running. This is all covered in the standard instructions for a "dumb AP", which is what both of your OpenWrt routers are. They aren't needing to actually route anything, they are just LAN bridges.


Netgear 7800: Downgrade after opkg update
Netgear 7800: Downgrade after opkg update
#5

Thanks a lot for your reply! I am trying to test everything step by step after I did a "sysupgrade -n" IMHO the following looks ok for the wds-master. Tests with the wds-client will follow, if you confirm this.

First I try to get the WDS-master work, which is connected via Ethernet to a Fritzbox at the LAN-Port. The Fritzbox is connected to the internet.

root@R7800:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.178.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan

So there is no gateway assigned:

root@R7800:~# ping -c2 192.168.178.1
PING 192.168.178.1 (192.168.178.1): 56 data bytes
64 bytes from 192.168.178.1: seq=0 ttl=64 time=1.135 ms
64 bytes from 192.168.178.1: seq=1 ttl=64 time=1.040 ms
--- 192.168.178.1 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 1.040/1.087/1.135 ms

root@R7800:~# ping -c2 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
ping: sendto: Network unreachable

Now a gateway (Fritzbox) will be defined

root@R7800:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.178.1 0.0.0.0 UG 0 0 0 br-lan
192.168.178.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan

root@R7800:~# ping -c2 139.59.209.225
PING 139.59.209.225 (139.59.209.225): 56 data bytes
64 bytes from 139.59.209.225: seq=0 ttl=55 time=46.791 ms
64 bytes from 139.59.209.225: seq=1 ttl=55 time=45.031 ms
--- 139.59.209.225 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 45.031/45.911/46.791 ms

So I can ping the IP-address of openwrt.org

root@R7800:~# ping -c2 openwrt.org
ping: bad address 'openwrt.org'

root@R7800:~# nslookup openwrt.org
;; connection timed out; no servers could be reached

But there is a DNS problem

root@R7800:~# cat /etc/resolv.conf
search lan
nameserver 127.0.0.1

root@R7800:~# nslookup openwrt.org 192.168.178.1
Server: 192.168.178.1
Address: 192.168.178.1#53
Name: openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1

http://192.168.178.55/cgi-bin/luci/admin/network/network
I try: Use custom DNS servers: 192.168.178.1 (luci)

Reboot of the R7800

root@R7800:~# nslookup openwrt.org
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: openwrt.org
Address 1: 139.59.209.225
Address 2: 2a03:b0c0:3:d0::1af1:1

Still looks good.

root@R7800:~# cat /etc/config/dhcp 

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

This time I can find: option dns '192.168.178.1'

root@R7800:~# cat /etc/config/network 

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix '....-....-....::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth1.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.178.55'
	option gateway '192.168.178.1'
	option dns '192.168.178.1'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'none'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'none'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '5 0t'

I want to try something using the internet. How can I force a ntp-synchronization?

If you mean too, that everything is ok, I will do tests with the wds-client.


#6

Set dhcpv6 and ra to disabled, so your 7800 doesn't serve any dhcpv6 either. (This can also be done on the IPv6 tab of the GUI.)

Otherwise looks good.

The WDS client will use the same settings.

The simplest way to force a NTP update is to reboot.


#7

Do you mean:
http://192.168.178.55/cgi-bin/luci/admin/network/network/lan
DHCP Server
IPv6 Settings

Router Advertisement-Service disabled
DHCPv6-Service disabled

Where can I control these settings in the config files?

I want to see the result of the ntp update, something like

root@R7800:~# date
Tue Dec 11 18:46:43 GMT 2018

But I want to see the net time.


#8

You will have to install ntp-utils in order to access the utility ntpq.


#9
root@R7800:~# ntpq -p
ntpq: read: Connection refused
root@R7800:~# ntpq -pn
ntpq: read: Connection refused

And now?


#10

Are you running "real" ntp or the busybox version?

I don't know that the busybox version supports ntpq or other query operations. I don't see a listener on 123 on the OpenWrt box I checked.

http://doolittle.icarus.com/ntpclient/

Its functionality is a small subset of xntpd,


#11

I installed it via ssh on the R7800 and opkg.

root@R7800:~# opkg list-installed | grep -i ntp
ntp-utils - 4.2.8p11-1

ntpq> version
ntpq 4.2.8p11@1.3728-o Fri Aug 17 03:27:08 UTC 2018 (1)

root@R7800:~# ps w | grep -i ntp
 1157 root      1068 S<   /usr/sbin/ntpd -n -N -S /usr/sbin/ntpd-hotplug -p 0.openwrt.pool.ntp.org -p 1.openwrt.pool.ntp.org -p 2.o


#12

I think you need to add the ip of the ntp ...

http://doc.ntp.org/4.1.0/ntpq.htm ->

root@R7800:~# ntpq <ip.of.the.ntp-server>

#13

root@R7800:~# ntpq 192.168.178.55
ntpq> quit

root@R7800:~# ntpq
ntpq> ntpq 192.168.178.55
***Command `ntpq' unknown

ntpq> 192.168.178.55
***Command `192.168.178.55' unknown
ntpq>


#14

https://linux.die.net/man/8/ntpq


#15

I thought openwrt installs a ntp server by default.

root@R7800:~# ntpq europe.pool.ntp.org

root@R7800:~# ntpq de.pool.ntp.org

root@R7800:~# ntpq 176.9.82.67
ntpq> 

Unfortunately this doesn't work too. Maybe you can give an example which works with your openwrt-router.

The goal is to see the difference between the local router and the ntp-server.


#16
root@router:~# opkg install ntpdate
Installing ntpdate (4.2.8p11-1) to root...
Downloading http://downloads.openwrt.org/releases/18.06.1/packages/mips_24kc/packages/ntpdate_4.2.8p11-1_mips_24kc.ipk
Configuring ntpdate.
root@router:~# ntpdate de.pool.ntp.org

#17

It installs the busybox version, as linked above. It is not feature complete, as also indicated above.

$ sudo ntpd --version
ntpd: unrecognized option: version
BusyBox v1.29.2 () multi-call binary.

Usage: ntpd [-dnqNwl -I IFACE] [-S PROG] [-p PEER]...

NTP client/server

	-d	Verbose (may be repeated)
	-n	Do not daemonize
	-q	Quit after clock is set
	-N	Run at high priority
	-w	Do not set time (only query peers), implies -n
	-S PROG	Run PROG after stepping time, stratum change, and every 11 mins
	-p PEER	Obtain time from PEER (may be repeated)
	-l	Also run as server on port 123
	-I IFACE Bind server to IFACE, implies -l

#18
root@router:~# opkg install ntpdate
Installing ntpdate (4.2.8p11-1) to root...
Downloading http://downloads.openwrt.org/releases/18.06.1/packages/mips_24kc/packages/ntpdate_4.2.8p11-1_mips_24kc.ipk
Configuring ntpdate.
root@router:~# ntpdate de.pool.ntp.org

Is it a risk to install this? May there be a conflict with the already installed packages?


#19

Since it's not clear what you're trying to achieve, only you can answer if that goal is worth the very remote chance that you'll have some kind of incompatibility or misconfiguration. Any such problem would likely be able to be resolved by removing the package, or, at worst, resetting your device to defaults and reinstalling packages and configuration. There is always going to be unexpected failure modes when installing software on any system.


#20

I was testing cronjobs and the time was wrong, so I thought the cronjobs didn't work. I was assuming that the router sets the time automatically from a ntpserver. I want to avoid this in the future. So I thought i want to test the difference between local time of the router and the correct time from the internet. But if this is not so easy, I forget it. I thought it is easy.


#21

Time synchronization on OpenWrt is very straightforward.

Most all-in-one routers don't have a battery-backed RTC, so they have no notion of "now" at boot.

At boot, sysfixtime sets the time to a generally reasonable time by looking at the newest file in /etc/

Unless you've changed the configuration, sysntpd then starts

/usr/sbin/ntpd -n -N -S /usr/sbin/ntpd-hotplug -p 0.lede.pool.ntp.org -p 1.lede.pool.ntp.org -p 2.lede.pool.ntp.org -p 3.lede.pool.ntp.org

which takes over control of time.

If you've got problems with time and haven't mucked with the configuration, failure to resolve the NTP peer hostnames would be the most likely cause. "Bad" NTP references in your DHCP lease may be another problem.

Logging into your OpenWrt box and looking at the time in LuCI or with date and comparing with your desktop is one, very easy way.


Edit:

If you want full-on NTP and have sufficient space, the following should install and enable it for you:

opkg update
opkg install ntpd
/etc/init.d/sysntpd stop
/etc/init.d/sysntpd disable
/etc/init.d/ntpd enable
/etc/init.d/ntpd start

and ntpq should work

jeff@office:~$ ntpq
ntpq> pe
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
+MTPBX.cytranet. 45.127.113.2     3 u   14   64   17   10.684    1.418   1.526
-lithium.constan 192.5.41.40      2 u   12   64   17   76.728    1.096   1.295
*45.32.199.189 ( 142.66.101.13    2 u   16   64   17   53.786    2.978   3.160
+den1.m-d.net    132.163.96.1     2 u   16   64   17   34.328    5.897   1.994
ntpq> rv
associd=0 status=0614 leap_none, sync_ntp, 1 event, freq_mode,
version="ntpd 4.2.8p12@1.3728-o Mon Nov 26 12:02:01 UTC 2018 (1)",
processor="mips", system="Linux/4.14.67", leap=00, stratum=3,
precision=-18, rootdelay=79.298, rootdisp=36.073, refid=45.32.199.189,
reftime=dfbc447a.dc2b6489  Wed, Dec 12 2018 18:37:46.860,
clock=dfbc448b.ed3e4019  Wed, Dec 12 2018 18:38:03.926, peer=35012, tc=6,
mintc=3, offset=-1.494592, frequency=0.000, sys_jitter=3.069965,
clk_jitter=3.099, clk_wander=0.000