I am attempting to configure my Plus Net (ie BT Home Hub 5) router to switch from a DSL upstream connection to an EE LTE router (the rebadged Alcatel HH70 if that is relevant) using the 5GHz Wifi radio to make the upstream WAN connection. I modelled the setup on the procedure suggested in
https://unix.stackexchange.com/questions/701346/openwrt-how-to-use-wifi-as-wan-connection
The EE router is set to a 10.0.0.0/24 NAT network so as not to conflict with the OpenWRT router's 192.168.1.1/24 network.
Many of the steps are successful. The EE 4G router is up and running and providing internet connectivity to directly connected devices. The 5GHz radio of my OpenWRT router is associated to to the EE LTE router, and ping to 10.0.0.1 (the EE router IP) works from a laptop connected to the OpenWRT LAN side. In fact I can ping from the laptop to, eg a mobile phone associated with the EE router SSID, so packets are being sent to it - but only to the EE boxes 10.0.0.0/24 subnet, not to the wider internet.
If I turn of the DSL "wan" device (temporarily at first) I would hope that OpenWRT would switch to routing over the Wifi "wwan" device associated with the radio. It does not, and ping packets to 1.1.1.1 are all lost.
Have I misunderstood something about the way that OpenWRT works, or got something wrong in the configuation?
Or perhaps is the routing problem in the EE router? The locked-down kiosk interface does not offer much in the way of configurability or diagnostics.
# ubus call system board
{
"kernel": "6.6.86",
"hostname": "OpenWrt",
"system": "xRX200 rev 1.2",
"model": "BT Home Hub 5A",
"board_name": "bt,homehub-v5a",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.1",
"revision": "r28597-0425664679",
"target": "lantiq/xrx200",
"description": "OpenWrt 24.10.1 r28597-0425664679",
"builddate": "1744562312"
}
---------------------------------------------------------------------------------
# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdb6:53e3:b0e6::/48'
option packet_steering '1'
config atm-bridge 'atm'
option vpi '0'
option vci '101'
option encaps 'vc'
option payload 'bridged'
option nameprefix 'dsl'
config dsl 'dsl'
option annex 'a'
option ds_snr_offset '0'
option line_mode 'vdsl'
option tone 'a'
option xfer_mode 'ptm'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'wan'
config device
option name 'lan1'
option macaddr 'a4:08:f5:ac:65:08'
config device
option name 'lan2'
option macaddr 'a4:08:f5:ac:65:08'
config device
option name 'lan3'
option macaddr 'a4:08:f5:ac:65:08'
config device
option name 'lan4'
option macaddr 'a4:08:f5:ac:65:08'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'dsl0'
option macaddr 'a4:08:f5:ac:65:09'
option ipv6 '0'
config interface 'wan'
option device 'dsl0.101'
option proto 'pppoe'
[credentials redacted]
option ipv6 '1'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
config device
option name 'wan'
config interface 'wwan'
option proto 'static'
option device 'phy0-sta0'
option ipaddr '10.0.0.2'
option netmask '255.255.255.0'
option gateway '10.0.0.1'
option force_link '0'
list dns '10.0.0.1'
list dns '1.1.1.1'
config device
option name 'phy0-sta0'
option ipv6 '0'
---------------------------------------------------------------------------------
# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'pci0000:01/0000:01:00.0/0000:02:00.0'
option channel '36'
option band '5g'
option htmode 'VHT80'
option cell_density '0'
option country 'GB'
config wifi-device 'radio1'
option type 'mac80211'
option path 'pci0000:00/0000:00:0e.0'
option channel '1'
option band '2g'
option htmode 'HT20'
option cell_density '0'
option country 'GB'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option encryption 'psk2'
[ SSID and credentials redacted ]
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'
option disabled '1'
config wifi-iface 'wifinet3'
option device 'radio0'
option mode 'sta'
option network 'wwan lan'
option ssid '4GEE-Router-9S2Q-5GHz'
option encryption 'psk2'
[ Credentials redacted ]
---------------------------------------------------------------------------------
# cat /etc/config/firewall
config defaults
option syn_flood '1'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wwan'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config redirect
option dest 'lan'
option target 'DNAT'
option name 'Login'
option src 'wan'
option src_dport '2022'
option dest_ip '192.168.1.7'
option dest_port '22'
---------------------------------------------------------------------------------
# ip a show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host proto kernel_lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1508 qdisc fq_codel state UNKNOWN group default qlen 1000
link/ether 3a:0d:54:68:4e:80 brd ff:ff:ff:ff:ff:ff
inet6 fe80::380d:54ff:fe68:4e80/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
3: lan3@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
link/ether a4:08:f5:ac:65:08 brd ff:ff:ff:ff:ff:ff
4: lan4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
link/ether a4:08:f5:ac:65:08 brd ff:ff:ff:ff:ff:ff
5: lan2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
link/ether a4:08:f5:ac:65:08 brd ff:ff:ff:ff:ff:ff
6: lan1@eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue master br-lan state DOWN group default qlen 1000
link/ether a4:08:f5:ac:65:08 brd ff:ff:ff:ff:ff:ff
7: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
link/ether 3a:0d:54:68:4e:80 brd ff:ff:ff:ff:ff:ff
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a4:08:f5:ac:65:08 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 fdb6:53e3:b0e6::1/60 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::a608:f5ff:feac:6508/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
9: phy0-sta0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a4:08:f5:ac:65:0b brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global phy0-sta0
valid_lft forever preferred_lft forever
10: phy1-ap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
link/ether a4:08:f5:ac:65:0a brd ff:ff:ff:ff:ff:ff
11: dsl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether a4:08:f5:ac:65:09 brd ff:ff:ff:ff:ff:ff permaddr 00:20:da:86:23:75
25: dsl0.101@dsl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether a4:08:f5:ac:65:09 brd ff:ff:ff:ff:ff:ff
inet6 fe80::a608:f5ff:feac:6509/64 scope link proto kernel_ll
valid_lft forever preferred_lft forever
26: pppoe-wan: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1492 qdisc fq_codel state UNKNOWN group default qlen 3
link/ppp
inet 146.199.241.79 peer 172.16.14.62/32 scope global pppoe-wan
valid_lft forever preferred_lft forever