I am having a problem with a Linksys WRT3200ACM on which I have been installing Openwrt since I started using it, the problem appeared a few months ago
I am currently at version 22.03.2 of Openwrt.
The problems are multiple:
The videos on Youtube with a windows 11 PC connected via RJ45 or Wifi on the Linksys have a buffer greater than 30s.
My Nvidia shield connected via RJ45 or Wifi on the Linkys can no longer be updated via Google play.
My Android mobile phone connected via Wifi on the Linksys can't update via Google play (but update as soon as I use mobile data or connect to another router somewhere else)
All the cables have been changed, Openwt has been completely configured from a totally blank installation multiple times, I tried downgrades.
All these problems disappear as soon as I remove Openwrt from the equation by connecting directly to my ISP router which is FREE (Freebox model Delta in France).
I should point out that of course when I connect the Linksys to my ISP router it is configured in Bridge mode.
I have also tested custom DNS on Openwrt but without success, no machines is configured with a custom DNS.
I can't see where the problem lies in Openwrt, but everything suggests that the problem is in Openwrt, but I am not sure.
Thanks is advance to this community.
trendy
January 22, 2023, 2:45pm
2
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
Thanks, here is the results of the code you publish here
{
"kernel": "5.10.146",
"hostname": "OpenWrt",
"system": "ARMv7 Processor rev 1 (v7l)",
"model": "Linksys WRT3200ACM",
"board_name": "linksys,wrt3200acm",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "22.03.2",
"revision": "r19803-9a599fee93",
"target": "mvebu/cortexa9",
"description": "OpenWrt 22.03.2 r19803-9a599fee93"
}
}
package network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd4d:31cd:2cf1::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'wan'
option macaddr '62:38:e0:bd:88:e0'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option peerdns '0'
list dns '2606:4700:4700::1111'
list dns '2606:4700:4700::1001'
package wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'soc/soc:pcie/pci0000:00/0000:00:01.0/0000:01:00.0'
option band '5g'
option country 'FR'
option channel 'auto'
option cell_density '0'
option htmode 'VHT80'
config wifi-device 'radio1'
option type 'mac80211'
option path 'soc/soc:pcie/pci0000:00/0000:00:02.0/0000:02:00.0'
option band '2g'
option country 'FR'
option htmode 'HT40'
option cell_density '0'
option channel '12'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option macaddr '60:38:e0:bd:88:e1'
option ssid 'tetsujin28'
option encryption 'psk2'
option key '**ultrapop**'
config wifi-device 'radio2'
option type 'mac80211'
option path 'platform/soc/soc:internal-regs/f10d8000.sdhci/mmc_host/mmc0/mmc0:0001/mmc0:0001:1'
option channel '34'
option band '5g'
option htmode 'VHT80'
option disabled '1'
config wifi-iface 'default_radio2'
option device 'radio2'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
config wifi-iface 'wifinet3'
option device 'radio0'
option mode 'ap'
option encryption 'psk2'
option key '**poiuytrepop**'
option ssid 'gbhyabdzer'
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
option logqueries '1'
option authoritative '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
list ra_flags 'managed-config'
list ra_flags 'other-config'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option name 'DiskStation1'
option ip '192.168.1.112'
option mac '00:11:32:03:38:B2'
config host
option ip '192.168.1.150'
option mac '54:60:09:FC:6D:A0'
option name 'Chromecast-Audio-Couloir'
option dns '1'
config host
option name 'SAL9000'
option mac '2C:56:DC:DD:32:50'
option ip '192.168.1.120'
config host
option name 'Redmi-Note-11'
option ip '192.168.1.116'
option mac 'FC:02:96:E7:83:CA'
config host
option ip '192.168.1.198'
option mac '30:FD:38:86:30:35'
option name 'Google-Home-Mini-Chambre'
option dns '1'
config host
option ip '192.168.1.123'
option mac '30:FD:38:7F:CE:AB'
option dns '1'
option name 'Google-Home-Mini-Salon'
config host
option ip '192.168.1.220'
option mac '38:8B:59:33:0E:81'
option name 'Google-Home-Mini-Cuisine'
option dns '1'
config host
option ip '192.168.1.233'
option mac '00:04:4B:49:BC:A9'
option name 'Shield'
option dns '1'
config host
option name 'HomeAssistant'
option dns '1'
option mac 'B8:27:EB:12:7D:3A'
option ip '192.168.1.148'
config host
option name 'Rasperrypi4'
option dns '1'
option mac 'DC:A6:32:FA:B1:CC'
option ip '192.168.1.142'
config host
option name 'DiskStation2'
option ip '192.168.1.105'
option mac '00:11:32:50:AB:8C'
config host
option ip '192.168.1.203'
option mac 'F0:0F:EC:BE:3D:CB'
option name 'Honor10'
option dns '1'
config host
option name 'HAL9000'
option ip '192.168.1.102'
option mac 'F8:D1:11:98:3E:98'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Force DNS'
option src 'lan'
option src_dport '53'
option enabled '0'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Home assistant'
list proto 'tcp'
option src 'wan'
option src_dport '8123'
option dest_ip '192.168.1.148'
option dest_port '8123'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Home Assistant'
list proto 'tcp'
option src 'wan'
option src_dport '443'
option dest_ip '192.168.1.148'
option dest_port '8123'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Davinci Resolve'
list proto 'tcp'
option src 'wan'
option src_dport '5432'
option dest_ip '192.168.1.142'
option dest_port '5432'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Vaulwarden'
list proto 'tcp'
option src 'wan'
option src_dport '7277'
option dest_port '7277'
option dest_ip '192.168.1.148'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Kod1 Plex'
list proto 'tcp'
option src 'wan'
option src_dport '32400'
option dest_ip '192.168.1.233'
option dest_port '32400'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc cake state UP qlen 1000
inet 78.192.160.26/23 brd 78.xxx.xxx.255 scope global wan
valid_lft forever preferred_lft forever
15: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
default via 78.xxx.xxx.254 dev wan src 78.xxx.xxx.26
78.xxx.xxx.0/23 dev wan scope link src 78.xxx.xxx.26
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
broadcast 78.xxx.xxx.0 dev wan table local scope link src 78.xxx.xxx.26
local 78.1xxx.xxx.26 dev wan table local scope host src 78.xxx.xxx.26
broadcast 78.xxx.xxx.255 dev wan table local scope link src 78.xxx.xxx.26
broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
broadcast 192.168.1.0 dev br-lan table local scope link src 192.168.1.1
local 192.168.1.1 dev br-lan table local scope host src 192.168.1.1
broadcast 192.168.1.255 dev br-lan table local scope link src 192.168.1.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
lrwxrwxrwx 1 root root 16 Oct 14 22:44 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 47 Jan 22 11:26 /tmp/resolv.conf
-rw-r--r-- 1 root root 135 Jan 22 14:16 /tmp/resolv.conf.d/resolv.conf.auto
/tmp/resolv.conf.d:
-rw-r--r-- 1 root root 135 Jan 22 14:16 resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error
==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface wan
nameserver 1.1.1.1
nameserver 1.0.0.1
# Interface wan6
nameserver 2606:4700:4700::1111
nameserver 2606:4700:4700::1001
trendy
January 22, 2023, 4:15pm
4
Why did you disable MSS clamping on wan zone?
uci rename firewall.@zone[0]="lan"
uci rename firewall.@zone[1]="wan"
uci set firewall.wan.mtu_fix='1'
uci commit firewall
service firewall restart
1 Like
It was an attempt to find a solution to the problem that I thought was caused by a badly tuned MTU.
trendy
January 22, 2023, 5:49pm
6
There is a different way to troubleshoot a wrong mtu, but it's not by turning it off on the firewall.
1 Like
Of course I know the method you linked in your reply, and I immediately used it at the time, however seeing no improvement, I dug further and came across this 'MSS Clamping' function which in any case had no effect on the problem.
It was an oversight on my part to not put it back in, thank you for pointing that out.
That being said I have executed what you put in your previous post.
trendy
January 22, 2023, 6:07pm
8
Make sure that the wan uplink has the correct mtu. Since it is ethernet, it most likely is 1500, but better double check that. Apart from that, there are not any other things you can change, hopefully your ISP did not try anything funny from their side.
No idea if this unsupported bit impacts:
config interface 'wan'
...
list dns '1.1.1.1'
list dns '1.0.0.1'
Yes, the MTU has been tested and configured correctly.
I have configured them in Network>Interfaces>Edit (WAN and WAN6)>Advanced Settings (Tab)>Use custom DNS servers (fields).
With or without these custom DNS the problem persists.
trendy
January 22, 2023, 7:39pm
12
Do a ifdown wan6 for a moment and try it again.
The 'ifdown wan6' did not change anything
trendy
January 22, 2023, 9:47pm
14
Does it happen only to google or to other sites as well?here ?
This only happens with google and specifically with Youtube and Google Play.
trendy
January 23, 2023, 11:28am
16
What was used to redirect? Some external application or did you just add it there?
Also better remove miniupnpd, as it is not considered secure.
The first one was used to force the use of a custom DNS, but as you can see, it is disabled.
trendy
January 23, 2023, 12:09pm
18
One last question, when you connect your pc on the isp router, do you keep the latter in bridge mode? Or revert it to router mode?
When I connect my PC directly to the ISP router, it is in router mode and not in bridge mode.
It should be noted that there are 2 other computers, 1 PC W11 and 1 Apple Macbook that show us exactly the same problems on Google Youtube as the main PC W11.
... I must admit that despite my limited knowledge of networks, I am overwhelmed by this problem.
trendy
January 23, 2023, 1:23pm
20
Just unplug the Linksys, reboot the isp router in bridge mode, then plug in a pc and test.
