Routing to ONU subnet only

Hi all
Have next setup:

  • ONU terminal, that have own subnet 192.168.101.0/24, DHCP client for fiber ISP (172.xxx.xxx.xxx), but work as bridge (ONU is FD600-511G-X)
  • Xiaomi 3G with OpenWRT, that is DHCP server for lan, 192.168.1.0/24

Adding interface for ONU subnet (lan2) (static IP 192.168.101.2)
setup ipv4 rule to 192.168.101.2

config interface 'lan2'
	option proto 'static'
	option device 'wan'
	option netmask '255.255.255.0'
	option gateway '192.168.101.1'
	option ipaddr '192.168.101.2'

config rule
	option out 'lan2'
	option dest '192.168.101.2/24'
	option lookup 'local'

problem next: when I enable lan2 interface, I miss internet traffic from WAN, but ONU web ui is appear

Correct me please, where Im wrong, to setup routing only local traffic to ONU subnet, and internet to WAN

Whats that ououou you talk about?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

I would add a new interface using the same ethN interface you use for wan and configure that new interface with a static address 192.168.101.2 and add this to the wan firewall zone...

2 Likes

Already did, "lan2" in my config

Well, did you add it to the wan firewall zone?

No need to specify a gateway here, after all you only want to reach 192.168.101.1 via this interface.

add trafic rule, but got same: when interface lan2 run - WAN not working

config rule
	option name 'xPON'
	option dest 'lan'
	list dest_ip '192.168.101.1'
	option target 'ACCEPT'
	list proto 'all'
	option src '*'

haha, this is help, and now works, even without firewall rules

1 Like

So in retrospect this is clear, the second (default) gateway definition overruled the actual desired default gateway definition and hence all internet traffic was routed via 192.168.101.2 only to get stranded at the ONU... You actually gave all the required information even in the first post, but I still managed to miss it. Anyway if it works now, all is well I guess?

Correct, I just edit interface lan2 to remove gateway from it config and all works for now

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.