Hi,
I am trying to use a dedicated OpenWrt device as a standalone DHCP server as my ISP's router has limited functionalities.
I have set it up as described here.
Everything seems to work pretty good except that wireless devices only receive an IPv6 address, while wired devices can receive both IPv4 and IPv6 addresses.
Any suggestion?
Happy to provide more details as needed.
Thanks
Please run the following commands (copy/paste the whole block) and post the output here using the "Preformatted text </>" button:
uci export network
uci export wireless
uci export dhcp
brctl show
Remember to redact passwords, MAC addresses and any public IPs you may have.
Of course:
BusyBox v1.36.1 (2024-09-23 12:34:46 UTC) built-in shell (ash)
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
OpenWrt 23.05.5, r24106-10cc5fcd00
-----------------------------------------------------
root@EX7300v2-OpenWrt:~# uci export network
package network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd3c:6ced:effd::/48'
config interface 'lan1'
option proto 'static'
option device 'eth0'
option ipaddr '192.168.2.2'
option netmask '255.255.255.0'
option gateway '192.168.2.1'
list dns '192.168.2.1'
option broadcast '192.168.2.255'
option delegate '0'
option ip6assign '60'
config device
option name 'eth0'
option ipv6 '1'
root@EX7300v2-OpenWrt:~# uci export wireless
package wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:00/0000:00:00.0'
option channel '36'
option band '5g'
option htmode 'VHT80'
option disabled '1'
root@EX7300v2-OpenWrt:~# uci export dhcp
package dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'lan1'
option interface 'lan1'
option start '100'
option limit '150'
option leasetime '12h'
list dhcp_option '3,192.168.2.1'
list dhcp_option '6,192.168.2.1'
option ra 'hybrid'
option dhcpv6 'hybrid'
root@EX7300v2-OpenWrt:~# brctl show
Additional info:
Thanks for the help.
Could you also post this?
uci export firewall
here:
root@EX7300v2-OpenWrt:~# uci export firewall
package firewall
config defaults
option syn_flood '1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan1'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
root@EX7300v2-OpenWrt:~#
All looks good on OpenWrt side, so I am suspecting some security function on the Nokia router to block rogue DHCP servers. Why it happens to wireless clients only you may ask. Well because the ethernet clients communicate with OpenWrt via the built in switch where there is no control, however the ethernet to wifi packets go through the cpu of the router.
Well, it appears that the wireless clients are connected to the ISP router.
I don't know anything about the Nokia device, but my first guess would be that the DHCP Discover (broadcast) messages are not being forwarded from the wireless to the wired interface. You could check this using tcpdump.
As for IPv6, wireless clients probably use an autoconfiguration technique (if ICMPv6 traffic is forwarded to the wired port or Nokia itself sends RA messages).
A poor workaround I see is to set a small (non-overlapping) range for wireless clients on the Nokia gateway. However, there is no guarantee that IP addresses will not be assigned by the Nokia to wired clients as well (unless you set static leases).
Many thanks to you both for looking into it and providing feedback. I was also suspecting that the ISP gateway Wifi==>LAN could cause some problems.
I can also try using another cascading device behind the ISP router (and only use the ISP one as a modem), hoping that it will handle this scenario better. Unfortunately, the only other device I have handy are a set of Netgear Orbi RBR50 & 2 RBS50 but they are v2 and not v1 and apparently they are not supported by OpenWrt so I'll have little control over how they behave.
After more experiments, I can confirm the suspicion that the Nokia is blocking the DHCP traffic for IPv4 wireless connections.
Thanks again!
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.