No internet even after adding DNS

Abodivb · May 14, 2020, 4:19pm

Hi
I cannot connect to internet unless i set the DNS manually on each device

Here is Network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0d:3cdb:0b28::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth1.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '10.0.0.1'
	option ipv6 'off'
	list dns '1.1.1.1'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'static'
	option ipaddr '192.168.1.2'
	option netmask '255.255.255.0'
	option gateway '192.168.1.1'
	option ipv6 'off'
	list dns '1.1.1.1'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '5 0t'

and here is DHCP

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option localservice '1'
	list server '1.0.0.1'
	list server '4.2.2.3'
	list server '208.67.222.220'
	list server '208.67.222.123'
	list server '1.1.1.1'
	list server '4.2.2.1'
	list server '156.154.71.22'
	option resolvfile '/tmp/resolv.conf.auto'

config dhcp 'lan'
	option interface 'lan'
	option limit '150'
	option leasetime '5h'
	option start '125'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'



and last one firewall



config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option disable_ipv6 '1'

config zone 'lan'
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan'

config zone 'wan'
	option name 'wan'
	option output 'ACCEPT'
	option masq '1'
	option mtu_fix '1'
	list device 'tun0'
	option input 'REJECT'
	option forward 'REJECT'
	option network 'wan'

config forwarding 'lan_wan'
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'

config rule
	option target 'ACCEPT'
	option src 'wan'
	option proto 'tcp'
	option dest_port '80'
	option name 'AllowWANWeb'
	option dest_ip '10.0.0.1'
	option dest 'lan'
	option enabled '0'

config forwarding
	option dest 'lan'
	option src 'remote'

config forwarding
	option dest 'remote'
	option src 'wan'



config include 'miniupnpd'
	option type 'script'
	option path '/usr/share/miniupnpd/firewall.include'
	option family 'any'
	option reload '1'

psherman · May 14, 2020, 4:31pm

It appears you ae double NAT'd -- not ideal, but presumably not the problem itself.

I suspect that you have over-specified the DNS servers and something is getting messed up. Once we can verify that the simple case is working properly, you can add you desired DNS servers.

Try removing all of the DNS servers you've listed under the LAN and the dnsmasq section of your DHCP config. Change the DNS in the WAN to 192.168.1.1.

Test that -- see if you can ping both IP addresses and domain names from the router itself (within an SSH session). Then, after renewing the DHCP lease on a client machine, verify that the same is true there.

mk24 · May 14, 2020, 4:40pm

Your wan zone references a 'tun0' device but not the wan network.

You're also trying to set dns server 1.1.1.1 in three different places, only one will be correct, I think that is in the wan network.

Generally start with a default configuration, change the minimum to get that working, then start customizing one thing at a time until you break it. The only thing that needs to be changed off of a default configuration here is the LAN IP so it does not conflict with the 192.168.1.0 WAN network.

psherman · May 14, 2020, 4:49pm

You also have forwarding for a zone called remote but no definition of that network in the firewall zones nor in the network configuration.

eduperez · May 14, 2020, 4:56pm

Is 1.0.0.1 a valid DNS?

psherman · May 14, 2020, 5:09pm

I think that it is one of CloudFlare's DNS servers.

Abodivb · May 14, 2020, 6:06pm

Hi,
Thank you all for your responding actually it was an issue with static IP leases that i forgot to mention in thread Two different MAC were assigned to the same ip
so my mistake

But here is another question if i have two different MAC and it is impossible to get both connected together but i want they to use the same IP should i set DHCP lease time to 0 or i cannot do this?

mk24 · May 14, 2020, 6:29pm

DHCP can be reserved by hostname. Enter the hostname and leave MAC address blank. That works for example a laptop that may be connected by Ethernet or wifi.

Abodivb · May 15, 2020, 3:18am

Not all devices provide hostname for some devices i got a "?" only

system · May 25, 2020, 3:18am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.