try disabling the wan6 interface, if you don't need it.
you could also try installing wget-ssl, but it's probably a no go with 380kb free flash space.
Owut? Luci-app-attendedsysuphrade?
what? are you tying to say.
Well, you appear to have wan_6 there instead...
But that seems to have proper routable IPv6 address and also prefix from PD, so likely works ok.
However, disabling that should be at least tested. Might have impact (if the reason is uclient-fetch)
Other possibility is that this is a secondary router, dumb AP, and has no DHCP and gateway set properly.
wget 4 error is about general network settings. Check that the DNS and routing (e.g. ping) works from the router's SSH console. (Not from PC via the router, but from the router itself)
"SSL error: NET - Sending information through the socket failed
Collected errors:
-
opkg_download: Failed to download https://downloads.openwrt.org/releases/24.10.1/targets/ramips/mt7621/kmods/6.6.86-1-2a6d68f3ded425efc0850296e7f62d53/kmod-crypto-lib-chacha20poly1305_6.6.86-r1_mipsel_24kc.ipk, wget returned 4.
-
opkg_download: Check your network settings and connectivity.
-
opkg_install_pkg: Failed to download kmod-crypto-lib-chacha20poly1305. Perhaps you need to run 'opkg update'?
-
opkg_install_cmd: Cannot install package luci-proto-wireguard." Now getting this error.
do nslookup downloads.openwrt.org, post the output.
try (http not httpS)
cd /tmp
wget http://downloads.openwrt.org/releases/24.10.1/targets/ramips/mt7621/kmods/6.6.86-1-2a6d68f3ded425efc0850296e7f62d53/kmod-crypto-lib-chacha20poly1305_6.6.86-r1_mipsel_24kc.ipk
Have same problem with BananaPi R3 and TP-Link Archer C60 V3 24.10.1 sysubgrade images, downloaded today from firmware sellector. There is something broken with libustream-mbedtls in them. Replacing it with openssl or wolfssl version fixes SSL, however requires space that one may lack.
1 Like
Just to add: disabling wan6 interface until device is fully configured allows wget to work. Still can't figure why with my minimal config: WiFi isolated on a separate bridge/interface/fw group and v4 only wireguard interface added (only ip/range routes) the problem also dissapears even with wan6 enabled.
Also, the problem is not 10.24.1 exclusive, had it with 23.05.5 to.
A month later you come back!
Your problem is most likely the "well known" problem where you have an active ipv6 LAN but do not have an active ipv6 upstream connection.
It is caused by uclient-fetch where if dns resolves both ipv4 and ipv6, it will choose ipv6, but you have the upstream ipv6 disabled.
There is a workaround you can try, by issuing a couple of commands in an ssh terminal window.
- First do a backup of the link we are about to change:
mv /usr/bin/wget /usr/bin/wget.bak - Now make the change:
echo -e "#!/bin/sh\n/usr/bin/wget.bak -4 \"\$@\"" > /usr/bin/wget && chmod +x /usr/bin/wget - Test it:
opkg update
To revert the change we made, do:
rm /usr/bin/wget
followed by:
mv /usr/bin/wget.bak /usr/bin/wget
You will see the same problem with apk update on OpenWrt > 24.10 (eg current snapshot) and the same workaround works there too.
2 Likes
haven't checked if it's there, but this should be on openwrt's apk page ...
1 Like
echo "-4" > /root/.wgetrc
echo /root/.wgetrc >> /etc/sysupgrade.conf
1 Like
But uclient-fetch does not use this...... unless something has changed recently?