Question about DHCP when using Dlink Dir-842 as Access Point

I've installed Luci manually as suggested on the latest snapshot but I'm still confused about DHCP. The 842 acts as an access point that extends the main router's (AVM Fritzbox 7490) WLAN which apparently means I'm using bridged mode.

'Interfaces > LAN > General Settings > Protocol' is set to static address. 'Network > Interface' shows WAN and WAN6 on eth.02 with Protocol: DHCP client and 'Network > DHCP and DNS' has all boxes checked. So is the DHCP server enabled or not?

What's also weird: after finishing configuration I set the router to 10.10.20.2 but when I attached it to my friend's network, it popped up under 10.10.20.109 having apparently been assigned an IP via the Fritzbox's DHCP server. Curiously enough I cannot access this IP via GUI or Putty which worked just fine when I still had the router set to 10.10.10.88 in my network. What now?

I would say the dumbAP fits better in your scenario.

By default is enabled on lan. In wan it is dhcp client.

Which is normal for dhcp client.

Was that a lan address? By default ssh and http are blocked from wan zone.

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \

So, I visited again today and took the router back to my place and connected it to my network. I could immediately access it at 10.10.10.88 which suggests setting it to 10.10.10.2 (my friend's network) did not work (my DCHP starts at .100 so it must be a static IP). Still, weird that being stuck at 10.10.10.88 would make it request an IP from her network's DHCP?! As you suggested, I will set it to dump AP but here's the info you requested:

root@dlink842:~# ubus call system board;
{
        "kernel": "4.19.123",
        "hostname": "dlink842",
        "system": "Qualcomm Atheros QCA956X ver 1 rev 0",
        "model": "D-Link DIR-842 C3",
        "board_name": "dlink,dir-842-c3",
        "release": {
                "distribution": "OpenWrt",
                "version": "SNAPSHOT",
                "revision": "r13625-d4dea7efcd",
                "target": "ath79/generic",
                "description": "OpenWrt SNAPSHOT r13625-d4dea7efcd"
        }
}
root@dlink842:~# uci export network; uci export wireless;
package network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd9c:622f:6368::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '10.10.10.88'
        option broadcast '10.10.10.255'
        option dns '10.10.10.1'
        option gateway '10.10.10.1'

config device 'lan_eth0_1_dev'
        option name 'eth0.1'
        option macaddr ''

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'

config device 'wan_eth0_2_dev'
        option name 'eth0.2'
        option macaddr ''

config interface 'wan6'
        option ifname 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '1 2 3 4 0t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '5 0t'

package wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ahb/18100000.wmac'
        option htmode 'HT20'
        option country 'DE'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid 'SSID'
        option encryption 'psk2'
        option key ''

root@dlink842:~# uci export dhcp; uci export firewall
package dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'
        option ignore '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

package firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fc00::/6'
        option dest_ip 'fc00::/6'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config rule
        option name 'Support-UDP-Traceroute'
        option src 'wan'
        option dest_port '33434:33689'
        option proto 'udp'
        option family 'ipv4'
        option target 'REJECT'
        option enabled 'false'

config include
        option path '/etc/firewall.user'

root@dlink842:~# head -n -0 /etc/firewall.user;
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.

root@dlink842:~# ip -4 address ; ip -4 ro li tab all ; ip -4 ru;
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
5: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    inet 10.10.10.88/24 brd 10.10.10.255 scope global br-lan
       valid_lft forever preferred_lft forever
default via 10.10.10.1 dev br-lan
10.10.10.0/24 dev br-lan scope link  src 10.10.10.88
broadcast 10.10.10.0 dev br-lan table local scope link  src 10.10.10.88
local 10.10.10.88 dev br-lan table local scope host  src 10.10.10.88
broadcast 10.10.10.255 dev br-lan table local scope link  src 10.10.10.88
broadcast 127.0.0.0 dev lo table local scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host  src 127.0.0.1
local 127.0.0.1 dev lo table local scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link  src 127.0.0.1
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

It's not strange, the lan has static ip 10.10.10.88.

Right, apparently last time I did not wait for the 90 seconds to pass closing the browser window prematurely not realizing the settings change was reverted since the 10.10.20. address could not reach anything in my 10.10.10. network. That said, if the router was still set to 10.10.10.88 when connected to my friend's 10.10.20. network it would automatically request an IP from that network via DHCP despite being set to static? Not bad.

If you connect the router to your friend's lan on wan port it will get settings from dhcp. wan port is configured to get settings from dhcp.

I've connected it to LAN1.

Then it will use the lan settings, i.e static IP 10.10.10.88

Right, that's what I expected but as I said, it did not. Anyway, now that I've set it to dumbAP as you suggested everything appears to be working just fine. Thanks!

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.