Hi,
I have a Comset 4G router here that runs OpenWrt. It is working for the most part, except it's not responding to DHCP discover requests from the client on a particular VLAN (4011). I can see with TCPDUMP that the requests are reaching the interface on the OpenWrt router.
VLAN 25 is untagged and VLAN 4011 is tagged. VLAN 4011 is the interface that isn't responding to DHCP requests from clients.
That VLAN interface is in it's own firewall zone. There is a firewall rule that currently accepts all input from that zone. There is nothing specific for that zone in terms of output, but the default is to accept output. It accepts forwarding from that zone to wan, but that's not too relevant here.
I would have said the behaviour is akin to it silently discarding input packets on that VLAN, so the DHCP server never receives the request (even though I can see it hitting the interface). If that's not the problem, then the behaviour is akin to it silently ignoring the request and not responding.
Any ideas?
/etc/config/network:
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 6t'
option vid '25'
config switch_vlan
option device 'switch0'
option vlan '4'
option ports '0t 1t 2t 3t 6t'
option vid '4011'
config interface 'DSFW_4011'
option proto 'static'
option ifname 'eth0.4011'
option auto '1'
option delegate '1'
option ipaddr 'xxx.xxx.xxx.1'
option netmask '255.255.255.0'
option ip6assign '60'
/etc/config/dhcp:
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option expandhosts '1'
option nonegcache '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
option authoritative '0'
option filterwin2k '1'
option local 'domain.xxx.xxx.xxx'
option domain 'domain.xxx.xxx.xxx'
config dhcp 'LAN_Untagged'
option leasetime '12h'
option interface 'LAN_Untagged'
option ignore '0'
option start '11'
option limit '149'
option dynamicdhcp '1'
option force '1'
option ra 'server'
option dhcpv6 'server'
option ra_management '1'
option ra_default '0'
config dhcp 'DSFW_4011'
option leasetime '12h'
option interface 'DSFW_4011'
option ignore '0'
option start '11'
option limit '149'
option dynamicdhcp '1'
option ra 'server'
option dhcpv6 'server'
option ra_management '1'
option ra_default '0'
option force '1'
/etc/config/firewall:
config defaults
option enabled '1'
option output 'ACCEPT'
option forward 'DROP'
option syn_flood '1'
option synflood_burst '50'
option synflood_protect '1'
option drop_invalid '1'
option tcp_ecn '1'
option tcp_syncookies '1'
option tcp_window_scaling '1'
option input 'DROP'
config zone 'lan'
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan guestlan'
config zone
option name 'lan_untagged'
option input 'ACCEPT'
option forward 'DROP'
option output 'ACCEPT'
option network 'LAN_Untagged'
config zone
option name 'DSFW_4011'
option input 'ACCEPT'
option forward 'DROP'
option output 'ACCEPT'
option network 'DSFW_4011'
config rule
option enabled '1'
option target 'ACCEPT'
option src 'DSFW_4011'
option dest 'wan'
option proto 'all'
option name 'DSFW4011<>WAN'
config rule
option enabled '1'
option target 'ACCEPT'
option src 'DSFW_4011'
option name 'DSFW4011-Input'
option proto 'all'