Problem with subnet, dhcp and access point usage

Hi,
this is my first post here so please be gentle :slight_smile:

I would say that I am very familiar with linux, networking and the cli and understand the most of the OpenWrt configs as well. But after numerous tries of resetting OpenWrt, trying snapshot and stable and so on I can't find where my problem is :slight_smile:

The following steps have I performed:

  • I created a new bridge device (br-test)
  • I created a new interface (test) and set it to static with the ip 192.168.1.1 and the subnet 255.255.255.0 and enable the dhcp option in here
  • I attached this interface to the wireless adapter

My config looks like the following (With omiting lan, wan etc. for now):

# /etc/config/network

[...]

config device
	option type 'bridge'
	option name 'br-test'
	option bridge_empty '1'

config interface 'test'
	option proto 'static'
	option device 'br-test'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'

# /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	option ra_slaac '1'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'test'
	option interface 'test'
	option start '100'
	option limit '150'
	option leasetime '12h'

# /etc/config/wireless

[...]

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'test'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

To my understanding I should now get an ip address out of the range of 192.168.1.0/24 when I connect to OpenWrt Wifi. But unfortunately I don't :frowning:

Has anyone any idea where my mistake is? :slight_smile:

My Device is a Netgear EAX12 Repeater and I am running OpenWrt 23.05.4 r24012-d8dd03c46f

Thanks so far!

Sincerely,
Dirk

please post the complete config files thanks ...

1 Like

Hi,

yeah, of course, here you go:

# /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	option ra_slaac '1'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'test'
	option interface 'test'
	option start '100'
	option limit '150'
	option leasetime '12h'

# /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdb1:7633:017a::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan'

config device
	option name 'lan'
	option macaddr '34:98:b5:04:51:53'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device
	option type 'bridge'
	option name 'br-test'
	option bridge_empty '1'

config interface 'test'
	option proto 'static'
	option device 'br-test'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'

# /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
	option channel '1'
	option band '2g'
	option htmode 'HE20'
	option cell_density '0'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'test'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

config wifi-device 'radio1'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
	option channel '36'
	option band '5g'
	option htmode 'HE80'
	option disabled '1'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

Thanks again :slight_smile:

br-test = 192.168.1.1
br-lan = 192.168.1.1

this is a problem choose which ip addresses should have the two non-equal interfaces

ps: show guide (if you want to create a repeater)
https://openwrt.org/docs/guide-user/network/wifi/relay_configuration

Yeah, of course :slight_smile: Bad example haha.
Yesterday I also had the ip address of the lan interface changed and also tried it right now again => Still no ip assigning :frowning:

For reference, changed it now to this:

# /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdb1:7633:017a::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan'

config device
	option name 'lan'
	option macaddr '34:98:b5:04:51:53'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device
	option type 'bridge'
	option name 'br-test'
	option bridge_empty '1'

config interface 'test'
	option proto 'static'
	option device 'br-test'
	option ipaddr '192.168.10.1'
	option netmask '255.255.255.0'

When I assign the "lan" network I get an ip address from the pool 192.168.1.0/24. But the "test" network still does not do it :frowning:

What I want to try is to implement an AP in my existing network to have additional, separated IoT Networks for example which I can route from and to my home network.

It looks like both radios are disabled?

Thanks but no, I enabled the 2.4 one for testing :slight_smile: Otherwise I wouldn't have been able to connect in first place.
So yes, one is (now :wink: ) active, I can connect but my device gets stuck on "receiving ip address", so obviously some dhcp error.

edit: Corrected the config above accordingly :slight_smile:

Well your config showed otherwise.

So who knows what you are not telling us :frowning:

1 Like

Sorry, was a bit in a rush :slight_smile:
Thought I have enabled the radio before copying the config but must have been other way around :slight_smile: But now it is my actual config :smiley:

1 Like

so, nobody got an idea? :frowning:
I really tried everything but I only get dhcp on the default, already existing "lan" interface. Every custom created interface doesn't resolve an ip address from its pool :frowning:

this "Netgear EAX12" device has only:
1 ethernet port (br-lan)
1 2.4 GHz radio (probably assigned to br-test)
1 5.0 GHz radio (probably assigned to br-lan)

https://openwrt.org/toh/hwdata/netgear/netgear_eax12

can you post a diagram of the current network you have
or a hypothetical network diagram of the network you will create ...

if your intent is to offer internet to br-test how will this "Netgear EAX12" be connected to the internet?

or do you just want to do some general functionality tests without an internet connection?

what do you want to achieve?

so far you've said you want:

but the IP address of this router (192.168.1.1 without a default gateway) and we don't know anything about what is upstream of this ...

https://openwrt.org/docs/guide-user/network/switch_router_gateway_and_nat

for example it will be:

  1. a repeater of an existing network (wifi)
  2. a repeater of an existing network (lan - etherport)
  3. other

for now your br-test bridge is empty and it is therefore obvious that connecting a pc to the only ethernet port offers an ip address of the br-lan interface

regarding the 2.4 GHz wifi network on br-test please repost all the complete files as you have made changes after the first post and diagnose errors is really difficult ...

ps: some general tips that will allow you to choose what you want to achieve:

https://openwrt.org/docs/guide-user/network/singleportrouter

https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guest-wlan

https://openwrt.org/docs/guide-user/network/wifi/connect_client_wifi

https://openwrt.org/docs/guide-user/network/wifi/wifiextenders/bridgedap

1 Like

Hi and thank you for your in depth answer!

Regarding my goal:

I'm trying to build (atleast) one wifi SSID which serves an isolated network for some IoT devices.

At the moment it is just testing so I tried to let everything mostly basic, therefore there is no upstream or anything atm.

My (learning) goal at the moment is just the following: I want to create a new isolated network on this OpenWrt device for some IoT devices that can connect via wifi to it (and later route it to my main network selective per device).

As mentioned: If I assign the lan bridge (without any upstream!) to my wifi I get an ip address of the br-lan ip range.

If I assign br-test to it (with different ip range) I don't get an ip assigned when I connect via wifi.

So: I am just testing at the moment, I will later integrate it to my existing network :slight_smile:

Of course I can post the rest of my config later but I am currently not in reach of the device :slight_smile:

Maybe we should roll it the other way around: What would be the best way to achive my goal of an isolated network on this device? :slight_smile:

Thanks again!

Did you assign this new network to a firewall zone? Try assigning it to the lan firewall zone (remove it from any other zones, if applicable). Then restart and test again.

If it doesn’t work, please post all of the latest configs.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

if you follow this guide you should get what you asked for:

https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guest-wlan

or

https://openwrt.org/docs/guide-user/network/wifi/guestwifi/guestwifi_dumbap

ps: the only difference is that on this device for now you don't have a wan upstream

see also the question asked by @psherman

which is necessary for your br-test to work

in case you encounter problems as already requested by me and @psherman you will have to post the configuration files