I know it's a frequent question but I dit not manage to fix it since friday. I tried almost everything I found in other threads.
I have a cable modem/router. Everything works fine when the ISP Router is a router, even if its in double NAT. But at the moment I put the ISP Router in bridge mode, I got no Internet.
Tried power cycling, broadcast flag, etc, with no luck. I changed the WAN mac address to be the same as the WAN Mac address of the ISP, and its not working. I get a WAN address that seems to be valid, but way different of my usual one. But every DNS requests are failing. Same with a ping in the diagnostic tool.
Q1 : However, I noticed that under the ISP router box, there is a CM-MAC Address.. would it be the one to clone? (instead of the MAC address I found in the settings)?
Q2 : Also, if i'm not able to make it work.. Would it be a big problem to let the ISP Router like that (not it Bridge mode) if I change the range to avoid double nat and I disable the firewall on this one? My openwrt router would be the master of everything even if there is a non-bridged router on top ? Are there any other disadvantages ?
Just to check, did you power down both the cable modem (in bridge mode) as well as your router, leave them powered down for 5 minutes and then powered them on again? (You probably have, but DOCSIS is a bit fiddly here so I have to ask).
Also, the OpenWrt router is connected directly to the cable modem, without, say a managed switch in between them (this can interfere with how in bridge mode a cable modem provisions DHCP addresses to ists LAN side).
If both of these are 48 bit MACs why not simply try this out? Just remember to power down router and modem and rebott them cleanly after implementing such changes.
Well, for any port forward you would need to configure it on both sides, obviously. That said, IIRC most NAT systems try to keep the port numbers on both sides identical (if possible) so this might work reasonably well for a lot of use cases, but might require special care for things like SIP/VoIP phones.
I had a lot of fun this morning.
Tested the 3 MAC of the ISP router :
CM MAC : Absolutely nothing happens
EMTA MAC : This is the VoIp Mac .. it's funny because it works, but only with ipv6 websites. My ipv6 address is valid, but not the ipv4.
MAC : Clearly I connect because openwrt receives the good DNS address from the ISP.. but the IP address is not in the usual range (23.233.x.x) instead of (174.x.x.x) . Both are property of my ISP. Also noticed that I can't ping the gateway provided (23.233.157.1).
EDIT : Plugged my laptop directly in the ISP router, and I gets also a 23.233.. ip and I can ping the gateway.
Any ideas? Will shut everything down during the lunch and power cycle again.
Also noticed that without internet, I can't reach Luci Network pages, ...and I'm constantly kicked out Luci, need to close the browser or I receive a 400 - bad request which is really annoying, but it's another issue.
If you are getting an address in the 174 range, you may not be able to ping 23 gateway because it is in a different network. It may be setup to ignore pings from hosts not associated with its network.
It is not uncommon to get IPs from different network ranges within the ISPs purview, so as long as it works, just go with the configuration that provides normal connectivity.
When the ISP Router is not Bridge, I have 174.x.x... and it works.
But when it is bridge mode, I get 23.233.xxx.. If I connect my laptop to the ISP box, it works, but if I connect the OpenWRT WAN port to the router, it does'nt.
I knew it would be stupid. Thanks to @moeller0 .. It is not "beetween ISP and openwrt", but I have a old wrt54g downstair acting as a switch for my raspberry pi and xbox... totally forgot that 4 years ago I set his ip to 10.0.0.2... and when I setu p my openwrt last friday, I also gave it 10.0.0.2 to avoid collision with isp router..
Thanks to the fact I tried to connect to my openwrt and it prompted the other one login page! .. Since I change the Ip, Internet is working everywhere, with no mac address clone!