No experience with 6in4 tunnel but not sure if table 401 is from PBR or related to the 6in4 tunnel?
Latest 1.2.3-r67 should be equivalent to 1.2.2-r16
Hello 
Why wireguard VPN gateway is no longer displayed on the screen? Only wan gateway appears.
Thanks 
1 Like
There is no WireGuard gateway it is a point-to-point connection (link)
The ip address formerly shown was just a bogus address and not the gateway.
We might show the interface address instead
1 Like
Yes, it used to look like this:
Yes I know but what wireguard shows it is not the gateway but just the address of the interface.
Most point to point links do not have a gateway (there are exceptions).
At this moment the real gateway is shown and if there is none then nothing is shown.
1 Like
Subject/Post text:Hi community,I am running PBR version 1.2.2-r14 in fw4 nft file mode on a
Linksys MX4300 running OpenWrt 25.12.4. I am running into an issue where PBR executes a full service reload every time a WAN DHCP lease renews, even though my WAN IP address has not actually changed. My WAN interface needs to stay active in PBR because I route specific local clients through it natively, so completely ignoring the WAN interface isn't an option for my setup.Here is a snippet of my configuration layout and active interfaces :Device: Linksys MX4300Firmware: OpenWrt 25.12.4Gateways: wan, Nordvpn/tun0, WireguardNord/x.x.x.x PBR Version: 1.2.2-r14 DNS Policies: Using domain routing (e.g., plex.tv, emby.media)Every time netifd triggers an update hotplug event for the DHCP lease renewal, PBR intercepts
it and restarts the engine. Is there an elegant way in this version to configure PBR to ignore identical IP address updates and strictly trigger reloads only if the interface state actually flips up or down? Thank you for any guidance!
Logs?
The version you mention should gracefully reload the affected interface table only.
You can also try the netifd mode, where pbr is not affected by the netifd-supported interface events.
Subject: Follow-up: PBR still triggers reloads on WAN DHCP renewals despite netifd mode
Hi @stangri,
Thank you for your guidance! I followed your advice and switched PBR (version 1.2.2-r14, OpenWrt 25.12.4) over to netifd mode by applying the following backend configuration to capture my multi-VLAN environment:
config pbr 'config'
option enabled '1'
option verbosity '0'
option strict_enforcement '0'
option resolver_set 'none'
list resolver_instance '*'
option ipv6_enabled '0'
option boot_timeout '30'
option rule_create_option 'add'
option procd_reload_delay '30'
option webui_show_ignore_target '0'
option nft_rule_counter '0'
option nft_set_auto_merge '1'
option nft_set_counter '0'
option nft_set_flags_interval '1'
option nft_set_flags_timeout '0'
option nft_set_policy 'performance'
list webui_supported_protocol 'all'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
option config_compat '25'
option config_version '1.2.2-r14'
option uplink_ip_rules_priority '30000'
option interface_trigger_action 'ignore'
list ignored_interface 'vpnserver'
option netifd_enabled '1'
option netifd_strict_enforcement '0'
option netifd_interface_default 'wan'
list netifd_interface_local 'lan'
list netifd_interface_local 'lan2'
list netifd_interface_local 'lan3'
list netifd_interface_local 'guest'
list netifd_interface_local 'guest2'
list netifd_interface_local 'iot'
list netifd_interface_local 'iot2'
After running service pbr netifd install, I simulated a DHCP renewal using ubus call network.interface.wan renew.
Unfortunately, the engine still intercepts the event and executes its routing table routine on every lease renewal, even though the IP address does not change. I also tried adding option interface_trigger_action 'ignore', but the compiled /lib/netifd/extensions/pbr.sh shell script catches the reload signal unconditionally.
Here is the log captured when running under Netifd Mode (IP addresses obfuscated for privacy):
Thu Jun 11 16:56:05 2026 user.notice pbr: Processing environment (on_interface_reload) Installing fw4 nft file pbr 1.2.2-r14 started with gateways: wan/xx.xx.xx.xx [✓] Nordvpn/tun0/0.0.0.0 WireguardNord/xx.xx.xx.xx
Thu Jun 11 16:56:05 2026 user.notice pbr: Processing environment (on_interface_reload) Installing fw4 nft file pbr 1.2.2-r14 started with gateways: wan/xx.xx.xx.xx [✓] Nordvpn/tun0/0.0.0.0 WireguardNord/xx.xx.xx.xx
For comparison, I reverted the changes and uninstalled the netifd hooks (service pbr netifd uninstall). Here is the log output of a renewal under Standard Mode, showing a hard service reset:
[Jun 11, 2026, 5:11:44 PM PDT] user.notice: pbr: Forwarding is disabled
[Jun 11, 2026, 5:11:48 PM PDT] user.notice: pbr: Processing environment (on_interface_reload) Forwarding is enabled
[Jun 11, 2026, 5:11:48 PM PDT] user.notice: pbr: pbr 1.2.2-r14 started with gateways: wan/xx.xx.xx.xx Nordvpn/tun0/0.0.0.0 WireguardNord/xx.xx.xx.xx
Because I have multiple local VLAN segments split-tunneling across NordVPN and WireGuard targets, these repetitive updates are causing routing instability for my clients.
Is there a configuration flag I can pass to prevent the netifd extension from executing on_interface_reload when the WAN IP remains identical, or perhaps a way to exclude specific interfaces (like wan) from the netifd hook generation entirely?
Thank you again for your time and help!
service output/logs on install, on subsequent service start and on ubus call?
also, please learn how to use formatting on this forum.
Until now I cannot duplicate your findings 
root@X86:~# date
Fri Jun 12 20:22:34 CEST 2026
root@X86:~# ubus call network.interface.wan renew
root@X86:~# logread | tail -30
Fri Jun 12 20:19:15 2026 daemon.notice netifd: wan (2762): udhcpc: sending renew to server 192.168.0.1
Fri Jun 12 20:19:15 2026 daemon.notice netifd: wan (2762): udhcpc: lease of 192.168.0.18 obtained from 192.168.0.1, lease time 21600
Fri Jun 12 20:20:24 2026 daemon.notice netifd: wan (2762): udhcpc: sending renew to server 192.168.0.1
Fri Jun 12 20:20:24 2026 daemon.notice netifd: wan (2762): udhcpc: lease of 192.168.0.18 obtained from 192.168.0.1, lease time 21600
Fri Jun 12 20:22:37 2026 daemon.notice netifd: wan (2762): udhcpc: sending renew to server 192.168.0.1
Fri Jun 12 20:22:37 2026 daemon.notice netifd: wan (2762): udhcpc: lease of 192.168.0.18 obtained from 192.168.0.1, lease time 21600
Default is via WireGuard and I have domain routing via the wan.
Of course you can have different settings which might trigger it but unless we see logs and settings it is difficult to give good advice
Subject: Re: Follow-up: PBR still triggers reloads on WAN DHCP renewals despite netifd mode
Apologies for the formatting issues in my previous message. I’ve reformatted everything below with proper code blocks and clearer structure. I hope this version is easier to read and meets the forum standards.
Reproducibility summary:
This behavior is consistently reproducible on my setup: every WAN DHCP renew event triggers on_interface_reload in PBR netifd mode, even when the WAN IPv4 address remains unchanged.
Thanks for continuing to look into this.
@egc — I understand your setup behaves differently, and I agree that differences in routing design (WireGuard default vs WAN usage) may affect reproducibility. In my case I can reproduce the behavior consistently, so I’m including the exact configuration and logs below for reference.
Configuration
config pbr 'config' option enabled '1' option verbosity '0' option strict_enforcement '1' option resolver_set 'none' list resolver_instance '*' option ipv6_enabled '0' option boot_timeout '30' option rule_create_option 'add' option procd_reload_delay '30' option interface_trigger_action 'none' option netifd_enabled '1' option netifd_strict_enforcement '0' option netifd_interface_default 'wan' list netifd_interface_local 'lan' list netifd_interface_local 'Guest' list netifd_interface_local 'IOT'
1. Netifd install
service pbr netifd install
(No output)
2. Service restart
service pbr restart && sleep 2 && logread -e pbr | tail -n 15
user.notice pbr: Forwarding is disableduser.notice pbr: Processing environment (on_start) Installing fw4 netifd nft file Forwarding is enableduser.notice pbr: pbr 1.2.2-r14 started with gateways: wan/REDACTED Nordvpn/tun0/0.0.0.0 WireguardNord/REDACTED
3. WAN DHCP renew test
ubus call network.interface.wan renew
WAN IPv4 address remains unchanged before and after renewal.
Relevant logs
DHCP renewal (netifd / udhcpc)
daemon.notice netifd: wan: udhcpc: sending renew to server REDACTEDdaemon.notice netifd: wan: udhcpc: lease of REDACTED obtained from REDACTED
PBR reaction
user.notice pbr: Processing environment (on_interface_reload)user.notice pbr: pbr 1.2.2-r14 started with gateways: wan/REDACTED Nordvpn/tun0/0.0.0.0 WireguardNord/REDACTED
Observation
- WAN DHCP renew completes successfully
- WAN IPv4 address does not change
- netifd emits an interface reload event during renewal
- PBR reacts to
on_interface_reloadand rebuilds routing rules
Question
Is this expected behavior in netifd mode (i.e. PBR triggering on_interface_reload on WAN DHCP renew events even when no IP change occurs), or is there a supported way to make PBR react only to actual interface state or configuration changes?
If there is a recommended configuration approach to avoid this without modifying /lib/netifd/extensions/pbr.sh, I would appreciate guidance.