When I connect my computer to the openwrt ap, it takes about 30 seconds before my computer can use any domain redirects configure in dnsmasq, or /etc/hosts. It seems like this is the amount of time it takes openwrt to tell the computer what the dns hostnames are. Is there any way to speed this up?
Please post here the output of the following command, copy and paste the whole block: (you can omit the ip -6 commands if you don't use IPv6)
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro ls tab all ; ip -4 ru; \
ip -6 addr ; ip -6 ro ls tab all ; ip -6 ru; \
ls -l /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
Please use "Preformatted text </>" for logs, scripts, configs and general console output.
root@XXX:~# uci export network; uci export wireless; \
> uci export dhcp; uci export firewall; \
> head -n -0 /etc/firewall.user; \
> ip -4 addr ; ip -4 ro ls tab all ; ip -4 ru; \
> ip -6 addr ; ip -6 ro ls tab all ; ip -6 ru; \
> ls -l /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdcf:a3c6:aeef::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '10.241.100.145'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option proto 'dhcp'
config device 'wan_dev'
option name 'eth0.2'
option macaddr ':'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
package wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/10180000.wmac'
option htmode 'HT20'
option disabled '0'
config wifi-iface 'sta_radio0'
option device 'radio0'
option network 'wan'
option mode 'sta'
option ifname 'apcli0'
option ssid 'xxx'
option macaddr '00:21:CC:32:AD:ED'
config wifi-iface 'ap_radio0'
option device 'radio0'
option network 'lan'
option mode 'sta'
option ifname 'ra0'
option ssid 'xxx'
package dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
package firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
3: br-lan: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue qlen 1000
inet 10.241.100.145/24 brd 10.241.100.255 scope global br-lan
valid_lft forever preferred_lft forever
4: apcli0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq qlen 1000
inet 192.168.1.104/24 brd 192.168.1.255 scope global apcli0
valid_lft forever preferred_lft forever
ip: invalid argument 'ls' to 'ip'
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: br-lan: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qlen 1000
inet6 fdcf:a3c6:aeef::1/60 scope global
valid_lft forever preferred_lft forever
inet6 fe80::221:ccff:fe32:adee/64 scope link
valid_lft forever preferred_lft forever
4: apcli0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fe80::221:ccff:fe32:aded/64 scope link
valid_lft forever preferred_lft forever
ip: invalid argument 'ls' to 'ip'
0: from all lookup local
32766: from all lookup main
4200000001: from all iif lo lookup unspec 12
4200000003: from all iif br-lan lookup unspec 12
4200000004: from all iif apcli0 lookup unspec 12
lrwxrwxrwx 1 root root 16 Mar 27 17:54 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 32 Mar 27 17:56 /tmp/resolv.conf
-rw-r--r-- 1 root root 39 Mar 27 17:56 /tmp/resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
==> /tmp/resolv.conf.auto <==
# Interface wan
nameserver 192.168.1.1
root@XXX:~#
So basically you are using the apcli0 device to connect wirelessly to some access point which is upstream for internet. Then there is another device ra0 which is also client, bridged to the lan. Is that correct? Is there some other access point that you connect?
I think it is a better approach to create a separate interface wwan with proto dhcp to bind the apcli0, rather than using a null mac for eth0.2. But this should not be the problem.
Or even better the use of travelmate helps with connectivity issues when the station is scanning.
This is a custom piece of hardware that has two network modes:
Initially it is an AP, that a mobile app connects to (ra0) and passes over wifi creds.
Then it becomes a client (apcli0) connected to a host wifi network.
My problem is that when it is acting as an AP, and a computer or mobile app connects to it, there seems to be a delay before dns works correctly. Accessing it by ip works instantly, but accessing it by hostname, or a host in the /etc/hosts, or a dnsmasq.conf domain redirect, doesnt work for about 30 seconds. Its as if it takes openwrt some time after getting a client connection, to tell the client the full dns info, or start performing dns redirects.
The reason I want this to work faster, is because I have built a webpage into the module to accept the wifi creds for the host network. I would like the user to be able to get to the page by typing something like "setup.net" into the browser, as opposed to the ip. Setup.net works fine after 20-30 seconds. Ip works instantly.
Maybe you can check the logs if dnsmasq is restarting or rejecting the queries for this half minute period.
You may want to increase the verbosity level of dnsmasq as well.