Since upgrade to 24.10.1 I have had connection stability issues. Possible leasing issue

Glider · June 3, 2025, 11:00pm

Hi there! This is my first post. I will try and provide as much as information as possible. I am a complete newbie when it comes to using openwrt. I installed 23.05.3 in July 2024 and upgraded 3 weeks ago to 24.10.1. My device is TP Link Archer AX23 V1. All I have done to the device is that I run the router on bridge mode (using ISPs modem) and connected to Wan and created 2 wifis.

Initially I thought that it was my wifi that had the issue but then I tried with a cable as well. I only started having connectivity issues with Geforce Now since upgrading to the new firmware. The logs and chatgpt (please don't crucify me) suggest that it might be a leasing issue.

Wed Jun  4 00:27:47 2025 daemon.notice netifd: wan (19609): udhcpc: sending renew to server 192.168.1.1
Wed Jun  4 00:29:03 2025 daemon.notice netifd: wan (19609): udhcpc: sending renew to server 192.168.1.1
Wed Jun  4 00:30:03 2025 daemon.notice netifd: wan (19609): udhcpc: broadcasting renew
Wed Jun  4 00:30:11 2025 daemon.notice netifd: wan (19609): udhcpc: lease lost, entering init state
Wed Jun  4 00:30:11 2025 daemon.notice netifd: Interface 'wan' has lost the connection
Wed Jun  4 00:30:23 2025 daemon.notice netifd: wan (19609): udhcpc: lease of 192.168.1.206 obtained from 192.168.1.1, lease time 600
Wed Jun  4 00:30:23 2025 daemon.notice netifd: Interface 'wan' is now up
Wed Jun  4 00:30:24 2025 user.notice firewall: Reloading firewall due to ifup of wan (wan)

This is my wan interface config:

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option peerdns '0'
        list dns '9.9.9.9'

I tried adding option udhcpc_opts '-t 0 -T 10' under the wan interface (chatgpt advice), but it didn't work. Any advice?

psherman · June 3, 2025, 11:05pm

Your upstream router (the IPS one) likely the issue here if it is not actually renewing the lease when requested. However, let's also take a look at the 3 key files that could impact the renewal process on OpenWrt:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall

Glider · June 3, 2025, 11:20pm

Here you go! Also thank you for the instructions.

ubus call system board

{
        "kernel": "6.6.86",
        "hostname": "OpenWrt",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "TP-Link Archer AX23 v1",
        "board_name": "tplink,archer-ax23-v1",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "24.10.1",
                "revision": "r28597-0425664679",
                "target": "ramips/mt7621",
                "description": "OpenWrt 24.10.1 r28597-0425664679",
                "builddate": "[REDACTED_TIMESTAMP]"
        }
}

cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix '[REDACTED_IPV6_PREFIX]'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option peerdns '0'
        list dns '9.9.9.9'

config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '10'
        option name 'eth0.10'

config interface 'Guest'
        option proto 'static'
        option ipaddr '192.168.10.1'
        option netmask '255.255.255.0'
        list dns '9.9.9.9'
        option device 'br-Guest'

config device
        option name 'br-Guest'
        option type 'bridge'

cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config dhcp 'Guest'
        option interface 'Guest'
        option start '100'
        option limit '150'
        option leasetime '12h'

cat /etc/config/firewall

config defaults
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config zone
        option name 'guest'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        list network 'Guest'

config forwarding
        option src 'guest'
        option dest 'wan'

config rule
        option name 'Guest-DHCP'
        list proto 'udp'
        option src 'guest'
        option dest_port '67'
        option target 'ACCEPT'

config rule
        option name 'Guest-DNS'
        option src 'guest'
        option dest_port '53'
        option target 'ACCEPT'

Please let me know if you need anything else from me.

psherman · June 3, 2025, 11:26pm

Your upstream router and the downstream are on the same subnet. This conflict must be resolved by changing the subnet on one or the other to something non-overlapping. I'd recommend simply changing the OpenWrt device to something like 192.168.7.1.

In addition, your VLAN is incorrect and invalid for DSA syntax. That could also cause problems. Delete this:

Edit the br-Guest device to specify that it is an empty bridge:

config device
        option name 'br-Guest'
        option type 'bridge'
        option bridge_empty '1'

Then reboot and test again.

With respect to the guest network, if you want to have that running over ethernet to another AP, please indicate which port(s) should be setup as a trunk.

brada4 · June 3, 2025, 11:41pm

Cant find that in your configs?

Glider · June 4, 2025, 1:04am

I think it worked? I let it run for about an hour.

Apologies for link, it has a character limitation

Glider · June 4, 2025, 1:06am

No no, I tried this line, it didn't work and then deleted it, thus why you can't see it

psherman · June 4, 2025, 1:58am

Yes, I expect that these changes will have resolved the issue.

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks!

Glider · June 4, 2025, 2:00am

Thank you very much for your time and attention!

system · June 14, 2025, 2:00am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.