No internet on an IP

cedric · December 3, 2020, 4:35pm

Hello all.
Sorry for my broken english, but i'm using google translate to write to you.

I aim to configure my router like the following link
Openwrt bridge ap

here is the diagram:
Internet box<=>ubuntu router( isc dhcp server192.16.10.1)<=>Openwrt router(192.168.10.2<=> PC A(192.168.10.5) +PC B(192.168.10.9)+Another device (192.168.10.3 to 192.168.10.200)

For some reason I don't understand, I don't have internet on pc A, but I can ssh on the OpenWRT router and on the Ubuntu server.
PC B has no problem, and neither does the other devices.

As I'm new to Openwrt, I don't know where to look.

root @ OpenWrt: ~ # arp
IP address HW type Flags HW address Mask Device
192.168.10.1 0x1 0x2 90: xx: ba: xx: bd: xx * br-lan
192.168.10.5 0x1 0x2 80: xx: f2: xx: b7: xx * br-lan

On the Ubuntu server :

cedric@routeur:~$ arp -a -i enp3s0
? (192.168.10.5) at xx:xx:xx:xx:xx [ether] on enp3s0
? (192.168.10.7) at xx:xx:xx:xx:xx [ether] on enp3s0
? (192.168.10.2) at xx.xx.xx.xx.xx [ether] on enp3s0
? (192.168.10.9) at xx:xx:xx:xx:xx [ether] on enp3s0

From time to time, the internet comes back to this pc A, but the next day nothing
Looking forward to reading you

mk24 · December 3, 2020, 4:53pm

In that configuration, OpenWrt isn't a router it is just a device on the LAN. The network is being controlled and routed by the Ubuntu machine.

It is important to turn off the DHCP server in the OpenWrt box. Otherwise it may give other machines a bad configuration by telling them it is the gateway to the Internet instead of the Ubuntu box. Let the Ubuntu server do all DHCP.

cedric · December 3, 2020, 6:24pm

I'm okay with that, that's exactly what I want to do.
Normally, it is my ubuntu server which manages the dhcp (with isc-dhcp-sever).
but on the side of openwrt, i'm not sure if i disabled dhcp in the right place.
I'm looking on this side.

cedric · December 3, 2020, 7:12pm

um, i hadn't disabled dhcp on the lan interface.
Probably the cause of my problem.
I disabled, restart everything and poof, it works!
To see in time ..
Thanks to you.

cedric · December 4, 2020, 5:20am

same thing this morning, no connection on this ip.

vgaetera · December 4, 2020, 5:30am

Post the output:

uci show network; uci show firewall; uci show dhcp; \
head -v -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*; \
ip address show; ip route show; ip rule show

cedric · December 4, 2020, 5:49am

root@OpenWrt:~# uci show network; uci show firewall; uci show dhcp; \
> head -v -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*; \
> ip address show; ip route show; ip rule show
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fd6f:4ce3:23b0::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.proto='static'
network.lan.ipaddr='192.168.10.2'
network.lan.netmask='255.255.255.0'
network.lan.gateway='192.168.10.1'
network.lan.igmp_snooping='1'
network.lan.delegate='0'
network.lan.ifname='eth0.1'
network.lan.dns='8.8.8.8' '8.8.4.4'
network.lan_eth0_1_dev=device
network.lan_eth0_1_dev.name='eth0.1'
network.lan_eth0_1_dev.macaddr='ec:ad:e0:98:16:b8'
network.wan_eth0_2_dev=device
network.wan_eth0_2_dev.name='eth0.2'
network.wan_eth0_2_dev.macaddr='ec:ad:e0:98:16:ba'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='1 2 3 4 0t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='5 0t'
firewall.@defaults[0]=defaults
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='ACCEPT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].masq='1'
firewall.@zone[0].device='eth0.1'
firewall.@zone[0].network='lan'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].masq='1'
firewall.@zone[1].input='ACCEPT'
firewall.@zone[1].forward='ACCEPT'
firewall.@zone[1].device='eth0.1'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fc00::/6'
firewall.@rule[3].dest_ip='fc00::/6'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[7]=rule
firewall.@rule[7].name='Support-UDP-Traceroute'
firewall.@rule[7].src='wan'
firewall.@rule[7].dest_port='33434:33689'
firewall.@rule[7].proto='udp'
firewall.@rule[7].family='ipv4'
firewall.@rule[7].target='REJECT'
firewall.@rule[7].enabled='0'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].expandhosts='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.d/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].ednspacket_max='1232'
dhcp.@dnsmasq[0].nohosts='1'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.ra_slaac='1'
dhcp.lan.ra_flags='managed-config' 'other-config'
dhcp.lan.ignore='1'
dhcp.wan=dhcp
dhcp.wan.interface='wan'
dhcp.wan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
==> /etc/resolv.conf <==
# Interface lan
nameserver 8.8.8.8
nameserver 8.8.4.4

==> /tmp/resolv.conf <==
# Interface lan
nameserver 8.8.8.8
nameserver 8.8.4.4

==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error

==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface lan
nameserver 8.8.8.8
nameserver 8.8.4.4
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether a2:e6:8c:0b:c4:be brd ff:ff:ff:ff:ff:ff
    inet6 fe80::a0e6:8cff:fe0b:c4be/64 scope link 
       valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether ec:ad:e0:98:16:b8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.2/24 brd 192.168.10.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fe80::eead:e0ff:fe98:16b8/64 scope link 
       valid_lft forever preferred_lft forever
7: eth0.1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
    link/ether ec:ad:e0:98:16:b8 brd ff:ff:ff:ff:ff:ff
8: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
    link/ether ec:ad:e0:98:16:bb brd ff:ff:ff:ff:ff:ff
    inet6 fe80::eead:e0ff:fe98:16bb/64 scope link 
       valid_lft forever preferred_lft forever
9: wlan1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
    link/ether ec:ad:e0:98:16:b8 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::eead:e0ff:fe98:16b8/64 scope link 
       valid_lft forever preferred_lft forever
default via 192.168.10.1 dev br-lan proto static 
192.168.10.0/24 dev br-lan proto kernel scope link src 192.168.10.2 
0:	from all lookup local
32766:	from all lookup main
32767:	from all lookup default

lleachii · December 5, 2020, 2:18pm

I assume you enabled IPv4 forwarding on the routing machine?
I assume you added a masquerade (NAT) rule on that same machine - if needed?

vgaetera · December 5, 2020, 2:20pm

uci -q delete firewall.@zone[0].device
uci -q delete firewall.@zone[1].device
uci commit firewall
/etc/init.d/firewall restart

cedric · December 6, 2020, 4:25pm

i have all re-installed openwrt, recheck everything.
IPv4 forwarding = 1
For routing:

sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         
MASQUERADE  all  --  anywhere             anywhere            
MASQUERADE  all  --  192.168.1.0/24       anywhere

Then added in the openwrt terminal:

uci -q delete firewall.@zone[0].device
uci -q delete firewall.@zone[1].device
uci commit firewall
/etc/init.d/firewall restart

Right now everything is working ...
I wait to see in time.

cedric · December 6, 2020, 7:34pm

I managed to find the problem.
The problem was with the client, a DNS problem, which I couldn't fix.
I ended up reinstalling the system.

cedric · December 6, 2020, 7:35pm

Merci à tous !

system · December 16, 2020, 7:35pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.