Problem Configuring VoIP from a Fibre Connection

Hello. I live in India. I have a Fibre to home Connection from the state provider BSNL. The Fibre lands on a Syrotech ONT.
I have kept the Internet WAN Profile with VLAN Tagged (Vlan id : 131) in Bridge mode , bound to LAN port 2 of the ONT.
Similarly, the Voice Wan Profile is in Bridge mode (VLAN ID : 1849) and bound to LAN Port 1 of ONT.
Now, on my Openwrt router (Netgear R 6220) with mwan3, I have configured LAN port as wanc (eth 0.131)and is connected to the LAN port 2 of the ONT. Its configured to connect via PPPoE , which it does. I have configured the interface to override the MAC address and use the mac address of the ONT.
I have configured the LAN port 3 of the Openwrt router as BSNL VOIP (eth 0.1849) and its connected to the LAN port 1 of the ONT. It successfully gets the IP Address in the Subnet of my Voice server (10.191.177.49) through DHCP. Again, the mac address is set to that of the ONT.
I have created a Static route to 10.0.0.0 through BSNL Voice interface with 10.146.24.1 (default gateway of the Voice connection) as the gateway.
The internet works fine (most of the times)
The problem is, I can neither ping the default gateway (10.146.24.1) nor my Voice server (10.191.177.49)
So, I am unable to proceed any further with configuring the SIP connection on my IPPBX/ IP Phone.
One more thing, PPPoE connection on Openwrt is lost after being live for some hours and goes back live again on the next day , around 6 am, without my doing anything. On the other hand, it is always up when I connect directly through ONT without any Bridging. I am not sure how relevant this is in relation to my VoIP problem.

Please help me .
Thanks in advance.

Hello there,
let's have a look at the configurations to understand a bit what is the situation.

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
1 Like
{
        "kernel": "4.14.209",
        "hostname": "OpenWrt",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "Netgear R6220",
        "board_name": "r6220",
        "release": {
                "distribution": "OpenWrt",
                "version": "19.07.5",
                "revision": "r11257-5090152ae3",
                "target": "ramips/mt7621",
                "description": "OpenWrt 19.07.5 r11257-5090152ae3"
        }
}
package network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd4e:2271:c462::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.0.1'

config device 'lan_eth0_1_dev'
        option name 'eth0.1'
        option macaddr '08:02:8e:e6:43:e8'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'
        option metric '10'

config device 'wan_eth0_2_dev'
        option name 'eth0.2'
        option macaddr '08:02:8e:e6:43:e9'

config interface 'wan6'
        option ifname 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '6t 0'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'
        option ports '6t 4'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '3'
        option ports '6t 3'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option vid '4'
        option ports '6t 2'

config interface 'wanb'
        option ifname 'eth0.3'
        option proto 'dhcp'
        option metric '20'
        option macaddr '08:02:8E:E6:43:E7'

config interface 'wanb6'
        option ifname 'eth0.3'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'

config switch_vlan
        option device 'switch0'
        option vlan '5'
        option vid '131'
        option ports '6t 2t'

config switch_vlan
        option device 'switch0'
        option vlan '6'
        option vid '1849'
        option ports '6t 1t'

config interface 'wanc6'
        option ifname 'eth0.131'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'
        option macaddr '7c:a9:6b:37:28:2e'

config interface 'wanc'
        option ifname 'eth0.131'
        option proto 'pppoe'
        option password 'password'
        option ipv6 'auto'
        option metric '30'
        option username 'kail_sun@ftth.bsnl.in'
        option mtu '1492'

config interface 'wancvirtual'
        option ifname 'eth0.4'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.1.4'
        option gateway '192.168.1.1'
        option macaddr '08:02:8e:e6:43:e6'

config interface 'BSNLVOIP'
        option ifname 'eth0.1849'
        option proto 'dhcp'
        option macaddr '7c:a9:6b:37:28:2d'

config route
        option target '10.0.0.0'
        option gateway '10.146.24.1'
        option interface 'BSNLVOIP'
        option netmask '255.0.0.0'
        option metric '5'

config route
        option target '192.168.0.190'
        option gateway '192.168.0.1'
        option interface 'BSNLVOIP'
        option metric '10'

package dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

package firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option synflood_protect '1'
        option forward 'ACCEPT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option mtu_fix '1'
        option masq '1'
        option network 'wan wan6 wanb wanb6 wanc6 wanc wancvirtual'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config forwarding
        option dest 'lan'
        option src 'wan'

config zone
        option input 'ACCEPT'
        option forward 'ACCEPT'
        option name 'Voice'
        option output 'ACCEPT'
        option network 'BSNLVOIP'

config forwarding
        option dest 'lan'
        option src 'Voice'

config forwarding
        option dest 'Voice'
        option src 'lan'

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group defaul                                                                                                                                                             t qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
5: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP gro                                                                                                                                                             up default qlen 1000
    inet 192.168.0.1/24 brd 192.168.0.255 scope global br-lan
       valid_lft forever preferred_lft forever
7: eth0.1849@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue stat                                                                                                                                                             e UP group default qlen 1000
    inet 10.146.27.73/22 brd 10.146.27.255 scope global eth0.1849
       valid_lft forever preferred_lft forever
8: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state U                                                                                                                                                             P group default qlen 1000
    inet 192.168.29.13/24 brd 192.168.29.255 scope global eth0.2
       valid_lft forever preferred_lft forever
9: eth0.3@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state U                                                                                                                                                             P group default qlen 1000
    inet 192.168.4.10/24 brd 192.168.4.255 scope global eth0.3
       valid_lft forever preferred_lft forever
11: eth0.4@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state                                                                                                                                                              UP group default qlen 1000
    inet 192.168.1.4/24 brd 192.168.1.255 scope global eth0.4
       valid_lft forever preferred_lft forever
15: pppoe-wanc: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1460 qdisc fq_code                                                                                                                                                             l state UNKNOWN group default qlen 3
    inet 59.95.92.171 peer 10.212.192.1/32 scope global pppoe-wanc
       valid_lft forever preferred_lft forever
default via 192.168.29.1 dev eth0.2 table 1 metric 10
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 1 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 1 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 1 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 1 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 1 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 1 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 1 proto static scope link metric 10
default via 192.168.4.1 dev eth0.3 table 3 metric 20
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 3 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 3 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 3 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 3 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 3 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 3 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 3 proto static scope link metric 10
default via 10.212.192.1 dev pppoe-wanc table 5 metric 30
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 table 5 proto static metric 5
10.146.24.0/22 dev eth0.1849 table 5 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc table 5 proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan table 5 proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 table 5 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 table 5 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 table 5 proto static scope link metric 10
default via 10.146.24.1 dev eth0.1849 proto static src 10.146.27.73
default via 192.168.29.1 dev eth0.2 proto static src 192.168.29.13 metric 10
default via 192.168.4.1 dev eth0.3 proto static src 192.168.4.10 metric 20
default via 10.212.192.1 dev pppoe-wanc proto static metric 30
10.0.0.0/8 via 10.146.24.1 dev eth0.1849 proto static metric 5
10.146.24.0/22 dev eth0.1849 proto kernel scope link src 10.146.27.73
10.212.192.1 dev pppoe-wanc proto kernel scope link src 59.95.92.171
192.168.0.0/24 dev br-lan proto kernel scope link src 192.168.0.1
192.168.1.0/24 dev eth0.4 proto kernel scope link src 192.168.1.4
192.168.4.0/24 dev eth0.3 proto static scope link metric 20
192.168.29.0/24 dev eth0.2 proto static scope link metric 10
broadcast 10.146.24.0 dev eth0.1849 table local proto kernel scope link src 10.1                                                                                                                                                             46.27.73
local 10.146.27.73 dev eth0.1849 table local proto kernel scope host src 10.146.                                                                                                                                                             27.73
broadcast 10.146.27.255 dev eth0.1849 table local proto kernel scope link src 10                                                                                                                                                             .146.27.73
local 59.95.92.171 dev pppoe-wanc table local proto kernel scope host src 59.95.                                                                                                                                                             92.171
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0                                                                                                                                                             .1
broadcast 192.168.0.0 dev br-lan table local proto kernel scope link src 192.168                                                                                                                                                             .0.1
local 192.168.0.1 dev br-lan table local proto kernel scope host src 192.168.0.1                                                                                                                                                             
broadcast 192.168.0.255 dev br-lan table local proto kernel scope link src 192.1                                                                                                                                                             68.0.1
broadcast 192.168.1.0 dev eth0.4 table local proto kernel scope link src 192.168                                                                                                                                                             .1.4
local 192.168.1.4 dev eth0.4 table local proto kernel scope host src 192.168.1.4                                                                                                                                                             
broadcast 192.168.1.255 dev eth0.4 table local proto kernel scope link src 192.1                                                                                                                                                             68.1.4
broadcast 192.168.4.0 dev eth0.3 table local proto kernel scope link src 192.168                                                                                                                                                             .4.10
local 192.168.4.10 dev eth0.3 table local proto kernel scope host src 192.168.4.                                                                                                                                                             10
broadcast 192.168.4.255 dev eth0.3 table local proto kernel scope link src 192.1                                                                                                                                                             68.4.10
broadcast 192.168.29.0 dev eth0.2 table local proto kernel scope link src 192.16                                                                                                                                                             8.29.13
local 192.168.29.13 dev eth0.2 table local proto kernel scope host src 192.168.2                                                                                                                                                             9.13
broadcast 192.168.29.255 dev eth0.2 table local proto kernel scope link src 192.                                                                                                                                                             168.29.13
0:      from all lookup local
1001:   from all iif eth0.2 lookup 1
1003:   from all iif eth0.3 lookup 3
1005:   from all iif pppoe-wanc lookup 5
2001:   from all fwmark 0x100/0x3f00 lookup 1
2003:   from all fwmark 0x300/0x3f00 lookup 3
2005:   from all fwmark 0x500/0x3f00 lookup 5
2061:   from all fwmark 0x3d00/0x3f00 blackhole
2062:   from all fwmark 0x3e00/0x3f00 unreachable
32766:  from all lookup main
32767:  from all lookup default
ls: /tmp/resolv.*/*: No such file or directory
lrwxrwxrwx    1 root     root            16 Dec  6 07:31 /etc/resolv.conf -> /tm                                                                                                                                                             p/resolv.conf
-rw-r--r--    1 root     root             0 Feb  3 12:05 /tmp/resolv.conf
-rw-r--r--    1 root     root           347 Feb  3 12:05 /tmp/resolv.conf.auto
-rw-r--r--    1 root     root             0 Feb  3 12:05 /tmp/resolv.conf.ppp
==> /etc/resolv.conf <==

==> /tmp/resolv.conf <==

==> /tmp/resolv.conf.auto <==
# Interface BSNLVOIP
nameserver 172.30.249.11
nameserver 172.30.249.33
search voip.bsnl.com
# Interface wan6
nameserver 2405:201:300f:c5::c0a8:1d01
# Interface wanc_6
nameserver 2001:4490:3ffe:13::4
# Interface wan
nameserver 192.168.29.1
# Interface wanb
nameserver 192.168.4.1
# Interface wanc
nameserver 218.248.114.1
nameserver 218.248.114.65

==> /tmp/resolv.conf.ppp <==
head: /tmp/resolv.*/*: No such file or directory
root@OpenWrt:~#

My two cents:

  • If you only have one real WAN interface and one VoIP interface, you do not need MWAN at all. One interface gives you access just to the VoIP servers, and the other one to the internet.

  • As you are using VLANs between the ONT and the router, you can probably use a single ethernet cable.

1 Like

This route is wrong, the gateway is invalid for that interface.

all this can be merged into assigning the BSNLVOIP interface to lan zone.

This is not necessarily a problem, the administrator of those two might have denied the reply to pings.
Another thing worth mentioning is that vlan 4 and 131 are on the same interface, untagged and tagged. Unless you are 100% sure that there is no crosstalk, it would be better to have them both tagged.

use ifname @wanc

uci set network.wanc.keepalive='6 10'
uci commit network
ifup wan
1 Like

You have made it complicated.

Factory reset the ONT, and connect LAN to WAN of R6220. By defaults, unconfigured ONT acts as a bridge and will forward any packets (tagged/untagged)

On the R6220, under switch settings, set the correct VLAN tags on WAN port.

Create a bridge interface to handle the VOIP VLAN and bridge VOIP VLAN and one LAN port and connect your IP phone to the LAN port on the R6220.

Having similar problems with OpenWrt.

daemon.warn pppd[2652]: Timeout waiting for PADO packets
daemon.err pppd[2652]: Unable to complete PPPoE Discovery

Meanwhile, Windows, as well as pfsense can connect without any issues.

I have 3 Internet connections from 3 different providers. That's why I am using mwan3. One connections goes to WAN, Second to LAN Port 1 (wanb). The third one is: Internet to Lan 2 (wanc) and Voice to LAN 3 (BSNL Voice). Previously, I had kept both Internet and Voice on the same LAN Port 2 of openwrt (I had done VLAN Binding 131/1849 on the ONT) but changed it because it was also not working.

This route is wrong, the gateway is invalid for that interface.

I'll change that. Thanks.

all this can be merged into assigning the BSNLVOIP interface to lan zone.

OK.

vlan 4 and 131 are on the same interface, untagged and tagged. Unless you are 100% sure that there is no crosstalk, it would be better to have them both tagged.

I made a Virtual Interface Using VLAN 4 so that I could access the ONT in Bridge Mode.

use ifname @wanc

How do I do it using Luci UI?

uci set network.wanc.keepalive='6 10'
uci commit network
ifup wan

Does this have to be changed?

PPPOE connection problem - #4 by vgaetera

I would want resetting the ONT to be the last option...

But I would definitely follow your recommendation if nothing else works.

Thanks.

This is not necessarily a problem, the administrator of those two might have denied the reply to pings

But I am able to ping both when doing it directly from the ONT.

use the box at the bottom for manual input.

Verify that ping leaves from the correct interface with tcpdump.
tcpdump -i eth0.1849 -evn icmp

BSNL FTTH provides decent bandwidth, even with low-end OLT on their side, it's enough to get work done. Any reason for using 3 connections?

root@OpenWrt:~# tcpdump -i eth0.1849 -evn icmp
-ash: tcpdump: not found
root@OpenWrt:~# 

Factory reset the ONT, and connect LAN to WAN of R6220. By defaults, unconfigured ONT acts as a bridge and will forward any packets (tagged/untagged)

I tried this. It does not work. So I have to my previous configuration. Could it be that my ONT is not working appropriately in Bridge Mode? I have noticed that the WAN connections status shows different Mac Addresses when in Bridge Mode and Route mode.

BSNL FTTH provides decent bandwidth, even with low-end OLT on their side, it's enough to get work done. Any reason for using 3 connections?

The second connection (from Airtel) is my work horse. The BSNL connection is more of Nostalgic value. I wish to retain /upgrade it just for the sake of doing so (it is not very reliable here).
The third connection was just a make shift arrangement and I am really not bothered about it.

1 Like

You can try connecting ONT directly to your PC and using Dail-Up on Windows to check if ONT is configured in bridge, after setting VLAN tag on the network interface in adapter properties. If it prompts for user/password, it's working as expected.