Hello. I live in India. I have a Fibre to home Connection from the state provider BSNL. The Fibre lands on a Syrotech ONT.
I have kept the Internet WAN Profile with VLAN Tagged (Vlan id : 131) in Bridge mode , bound to LAN port 2 of the ONT.
Similarly, the Voice Wan Profile is in Bridge mode (VLAN ID : 1849) and bound to LAN Port 1 of ONT.
Now, on my Openwrt router (Netgear R 6220) with mwan3, I have configured LAN port as wanc (eth 0.131)and is connected to the LAN port 2 of the ONT. Its configured to connect via PPPoE , which it does. I have configured the interface to override the MAC address and use the mac address of the ONT.
I have configured the LAN port 3 of the Openwrt router as BSNL VOIP (eth 0.1849) and its connected to the LAN port 1 of the ONT. It successfully gets the IP Address in the Subnet of my Voice server (10.191.177.49) through DHCP. Again, the mac address is set to that of the ONT.
I have created a Static route to 10.0.0.0 through BSNL Voice interface with 10.146.24.1 (default gateway of the Voice connection) as the gateway.
The internet works fine (most of the times)
The problem is, I can neither ping the default gateway (10.146.24.1) nor my Voice server (10.191.177.49)
So, I am unable to proceed any further with configuring the SIP connection on my IPPBX/ IP Phone.
One more thing, PPPoE connection on Openwrt is lost after being live for some hours and goes back live again on the next day , around 6 am, without my doing anything. On the other hand, it is always up when I connect directly through ONT without any Bridging. I am not sure how relevant this is in relation to my VoIP problem.
Hello there,
let's have a look at the configurations to understand a bit what is the situation.
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
{
"kernel": "4.14.209",
"hostname": "OpenWrt",
"system": "MediaTek MT7621 ver:1 eco:3",
"model": "Netgear R6220",
"board_name": "r6220",
"release": {
"distribution": "OpenWrt",
"version": "19.07.5",
"revision": "r11257-5090152ae3",
"target": "ramips/mt7621",
"description": "OpenWrt 19.07.5 r11257-5090152ae3"
}
}
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd4e:2271:c462::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.0.1'
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr '08:02:8e:e6:43:e8'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
option metric '10'
config device 'wan_eth0_2_dev'
option name 'eth0.2'
option macaddr '08:02:8e:e6:43:e9'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '6t 0'
config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '6t 4'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '6t 3'
config switch_vlan
option device 'switch0'
option vlan '4'
option vid '4'
option ports '6t 2'
config interface 'wanb'
option ifname 'eth0.3'
option proto 'dhcp'
option metric '20'
option macaddr '08:02:8E:E6:43:E7'
config interface 'wanb6'
option ifname 'eth0.3'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
config switch_vlan
option device 'switch0'
option vlan '5'
option vid '131'
option ports '6t 2t'
config switch_vlan
option device 'switch0'
option vlan '6'
option vid '1849'
option ports '6t 1t'
config interface 'wanc6'
option ifname 'eth0.131'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option macaddr '7c:a9:6b:37:28:2e'
config interface 'wanc'
option ifname 'eth0.131'
option proto 'pppoe'
option password 'password'
option ipv6 'auto'
option metric '30'
option username 'kail_sun@ftth.bsnl.in'
option mtu '1492'
config interface 'wancvirtual'
option ifname 'eth0.4'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.1.4'
option gateway '192.168.1.1'
option macaddr '08:02:8e:e6:43:e6'
config interface 'BSNLVOIP'
option ifname 'eth0.1849'
option proto 'dhcp'
option macaddr '7c:a9:6b:37:28:2d'
config route
option target '10.0.0.0'
option gateway '10.146.24.1'
option interface 'BSNLVOIP'
option netmask '255.0.0.0'
option metric '5'
config route
option target '192.168.0.190'
option gateway '192.168.0.1'
option interface 'BSNLVOIP'
option metric '10'
package dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
option ra_management '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option synflood_protect '1'
option forward 'ACCEPT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option mtu_fix '1'
option masq '1'
option network 'wan wan6 wanb wanb6 wanc6 wanc wancvirtual'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config forwarding
option dest 'lan'
option src 'wan'
config zone
option input 'ACCEPT'
option forward 'ACCEPT'
option name 'Voice'
option output 'ACCEPT'
option network 'BSNLVOIP'
config forwarding
option dest 'lan'
option src 'Voice'
config forwarding
option dest 'Voice'
option src 'lan'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group defaul t qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
5: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP gro up default qlen 1000
inet 192.168.0.1/24 brd 192.168.0.255 scope global br-lan
valid_lft forever preferred_lft forever
7: eth0.1849@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue stat e UP group default qlen 1000
inet 10.146.27.73/22 brd 10.146.27.255 scope global eth0.1849
valid_lft forever preferred_lft forever
8: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state U P group default qlen 1000
inet 192.168.29.13/24 brd 192.168.29.255 scope global eth0.2
valid_lft forever preferred_lft forever
9: eth0.3@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state U P group default qlen 1000
inet 192.168.4.10/24 brd 192.168.4.255 scope global eth0.3
valid_lft forever preferred_lft forever
11: eth0.4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.168.1.4/24 brd 192.168.1.255 scope global eth0.4
valid_lft forever preferred_lft forever
15: pppoe-wanc: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1460 qdisc fq_code l state UNKNOWN group default qlen 3
inet 59.95.92.171 peer 10.212.192.1/32 scope global pppoe-wanc
valid_lft forever preferred_lft forever
default via 192.168.29.1 dev eth0.2 table 1 metric 10
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 1 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 1 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 1 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 1 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 1 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 1 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 1 proto static scope link metric 10
default via 192.168.4.1 dev eth0.3 table 3 metric 20
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 3 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 3 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 3 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 3 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 3 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 3 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 3 proto static scope link metric 10
default via 10.212.192.1 dev pppoe-wanc table 5 metric 30
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 5 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 5 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 5 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 5 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 5 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 5 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 5 proto static scope link metric 10
default via 10.146.24.1 dev eth0.1849 proto static src 10.146.27.73
default via 192.168.29.1 dev eth0.2 proto static src 192.168.29.13 metric 10
default via 192.168.4.1 dev eth0.3 proto static src 192.168.4.10 metric 20
default via 10.212.192.1 dev pppoe-wanc proto static metric 30
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 proto static metric 5
10.146.24.0/22 dev eth0.1849 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 proto static scope link metric 10
broadcast 10.146.24.0 dev eth0.1849 table local proto kernel scope link src 10.1 46.27.73
local 10.146.27.73 dev eth0.1849 table local proto kernel scope host src 10.146. 27.73
broadcast 10.146.27.255 dev eth0.1849 table local proto kernel scope link src 10 .146.27.73
local 59.95.92.171 dev pppoe-wanc table local proto kernel scope host src 59.95. 92.171
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0 .1
broadcast 192.168.0.0 dev br-lan table local proto kernel scope link src 192.168 .0.1
local 192.168.0.1 dev br-lan table local proto kernel scope host src 192.168.0.1
broadcast 192.168.0.255 dev br-lan table local proto kernel scope link src 192.1 68.0.1
broadcast 192.168.1.0 dev eth0.4 table local proto kernel scope link src 192.168 .1.4
local 192.168.1.4 dev eth0.4 table local proto kernel scope host src 192.168.1.4
broadcast 192.168.1.255 dev eth0.4 table local proto kernel scope link src 192.1 68.1.4
broadcast 192.168.4.0 dev eth0.3 table local proto kernel scope link src 192.168 .4.10
local 192.168.4.10 dev eth0.3 table local proto kernel scope host src 192.168.4. 10
broadcast 192.168.4.255 dev eth0.3 table local proto kernel scope link src 192.1 68.4.10
broadcast 192.168.29.0 dev eth0.2 table local proto kernel scope link src 192.16 8.29.13
local 192.168.29.13 dev eth0.2 table local proto kernel scope host src 192.168.2 9.13
broadcast 192.168.29.255 dev eth0.2 table local proto kernel scope link src 192. 168.29.13
0: from all lookup local
1001: from all iif eth0.2 lookup 1
1003: from all iif eth0.3 lookup 3
1005: from all iif pppoe-wanc lookup 5
2001: from all fwmark 0x100/0x3f00 lookup 1
2003: from all fwmark 0x300/0x3f00 lookup 3
2005: from all fwmark 0x500/0x3f00 lookup 5
2061: from all fwmark 0x3d00/0x3f00 blackhole
2062: from all fwmark 0x3e00/0x3f00 unreachable
32766: from all lookup main
32767: from all lookup default
ls: /tmp/resolv.*/*: No such file or directory
lrwxrwxrwx 1 root root 16 Dec 6 07:31 /etc/resolv.conf -> /tm p/resolv.conf
-rw-r--r-- 1 root root 0 Feb 3 12:05 /tmp/resolv.conf
-rw-r--r-- 1 root root 347 Feb 3 12:05 /tmp/resolv.conf.auto
-rw-r--r-- 1 root root 0 Feb 3 12:05 /tmp/resolv.conf.ppp
==> /etc/resolv.conf <==
==> /tmp/resolv.conf <==
==> /tmp/resolv.conf.auto <==
# Interface BSNLVOIP
nameserver 172.30.249.11
nameserver 172.30.249.33
search voip.bsnl.com
# Interface wan6
nameserver 2405:201:300f:c5::c0a8:1d01
# Interface wanc_6
nameserver 2001:4490:3ffe:13::4
# Interface wan
nameserver 192.168.29.1
# Interface wanb
nameserver 192.168.4.1
# Interface wanc
nameserver 218.248.114.1
nameserver 218.248.114.65
==> /tmp/resolv.conf.ppp <==
head: /tmp/resolv.*/*: No such file or directory
root@OpenWrt:~#
If you only have one real WAN interface and one VoIP interface, you do not need MWAN at all. One interface gives you access just to the VoIP servers, and the other one to the internet.
As you are using VLANs between the ONT and the router, you can probably use a single ethernet cable.
This route is wrong, the gateway is invalid for that interface.
all this can be merged into assigning the BSNLVOIP interface to lan zone.
This is not necessarily a problem, the administrator of those two might have denied the reply to pings.
Another thing worth mentioning is that vlan 4 and 131 are on the same interface, untagged and tagged. Unless you are 100% sure that there is no crosstalk, it would be better to have them both tagged.
use ifname @wanc
uci set network.wanc.keepalive='6 10'
uci commit network
ifup wan
I have 3 Internet connections from 3 different providers. That's why I am using mwan3. One connections goes to WAN, Second to LAN Port 1 (wanb). The third one is: Internet to Lan 2 (wanc) and Voice to LAN 3 (BSNL Voice). Previously, I had kept both Internet and Voice on the same LAN Port 2 of openwrt (I had done VLAN Binding 131/1849 on the ONT) but changed it because it was also not working.
all this can be merged into assigning the BSNLVOIP interface to lan zone.
OK.
vlan 4 and 131 are on the same interface, untagged and tagged. Unless you are 100% sure that there is no crosstalk, it would be better to have them both tagged.
I made a Virtual Interface Using VLAN 4 so that I could access the ONT in Bridge Mode.
Factory reset the ONT, and connect LAN to WAN of R6220. By defaults, unconfigured ONT acts as a bridge and will forward any packets (tagged/untagged)
I tried this. It does not work. So I have to my previous configuration. Could it be that my ONT is not working appropriately in Bridge Mode? I have noticed that the WAN connections status shows different Mac Addresses when in Bridge Mode and Route mode.
BSNL FTTH provides decent bandwidth, even with low-end OLT on their side, it's enough to get work done. Any reason for using 3 connections?
The second connection (from Airtel) is my work horse. The BSNL connection is more of Nostalgic value. I wish to retain /upgrade it just for the sake of doing so (it is not very reliable here).
The third connection was just a make shift arrangement and I am really not bothered about it.
You can try connecting ONT directly to your PC and using Dail-Up on Windows to check if ONT is configured in bridge, after setting VLAN tag on the network interface in adapter properties. If it prompts for user/password, it's working as expected.
