Problems with routing when using MS Teams or Skype

Hi,
I have in my environment one router with OpenWrt and 4 VLAN (LAN, DMZ, Guest & WAN) configured on it.
The routing between the networks work's fine with the version 18.06.
After I updated my router from the version 18.06 to 19.07 I had a lot of problems with the routing.
It was so bad that I do a rollback to the Version 18.06. When I install the older version I said don't use the existing configuration. After the reboot I import a backup of the configuration who I know it works in the past with this version.
Now I have the problem that when I use MS Teams or Skype for calls from a PC who is connected with the guest network that my other client's from the LAN can't connect to server who stand in the DMZ.
When I'm finished with the calls the routing works.
I find no errors in the kernel or system log's of my router.
Has anybody a Idea what could be the solution to fix it?
Kind regards and thanks for your support

This issue sounds quite weird. Did you install all the packages you had installed on the initial 18.06 installation? Packages added by you are not migrated when you flash upgrade the router.
Post also the following:

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l  /etc/resolv.* /tmp/resolv.*; head -n -0 /etc/resolv.* /tmp/resolv.*
3 Likes

yup, weird... sounds like some sort of upnp(any fancy dnat rules by any chance?)/mcast/route/stalearp conflict...

testing with an alternate client on 'guest' will also help to narrow down the cause...

1 Like

That is for real crazy. I did today some tests.
When I have a call then I can reach the server with ping and also with traceroute. But I can't reach the services (http). I check also the rules for SNAT or Masquerading.
I have only one SNAT rule - lan2wan.

1 Like