My setup is this.
Openwrt1 -192.168.107.0/24 and 192.168.106.0/24 (DHCP on both)
WAN connection using DHCP over WISP.
All clients receive default gateway of the vlan IP on the cisco switch (xxx.2)
-Cisco 3750E with 3 routed vlans in each vlan the switch occupies the .2 (192.168.106.2, etc) address.
Openwrt2 - 10.10.10.0/24 DHCP
No WAN connection
All clients receive the 3750 address as the default gateway (10.10.10.2)
3750 has default route set to 192.168.106.1 and it works perfectly to WAN from 107.0/24 and 106.0/24 via the 106.1 default gateway
10.10.10.0/24 clients cannot get access to the WAN nor can it ping the openwrt1 router. All other services on the other subnets are accessible.
I tried adding allow all to the firewalls on both Openwrt routers, but I'm still missing something. Can anybody give me an idea as to what I might be missing?
Openwrt1 is on a recent snapshot, Openwrt2 is on current stable release.
I'm thinking the firewalls aren't liking packets from outside their zones, but I have no way of figuring out if that's true.
I find this very difficult to understand in text form. I'd recommend drawing a diagram of the network topology (complete with IP address and/or VLAN designations and providing the key config files for the two OpenWrt routers (/etc/config/network, /etc/config/firewall, /etc/config/dhcp -- best to do these with a reformatted text block within a "hide details" spoiler to help make it more readable). Also, it would be good to understand what you are trying to achieve with the network... it's not clear what you want to do with the 2nd router, and also why you have the cisco switch doing routing (or at least that's what it seems) -- smart switches can indeed do some limited routing, but it isn't always the best approach.
From a first glance you seem to be missing a route for 10.0.0.0/24 on OpenWrt1.
But as mentioned above, your post is very difficult to understand and you should have provided a schematic and the key configs (network/firewall) from the devices.
Thanks to both of you for the replies. I agree on all of your points, its definitely a difficult post to read.
I will add the diagrams as soon as I can put one together.
I have static routes from Openwrt1 subnets to openwrt2 subnet and from openwrt2 to openwrt1 via the addresses on the switch.
What I'm trying to accomplish specifically is to let the smart switch with 160GBPS fabric do all the routing between the different segments of my lan and not allow the much slower Openwrt devices be the bottle neck.
Specifcially with Plex they were slowing down when routing from WLAN to LAN segments.
I only keep it segmented because I have to control access to the 10.10.10.0/24 segment for work.
I had everything working using just the Openwrt boxes, but they were too slow to route multiple plex streams (kids...) and so I acquired the 3750 to do the limited routing I need.
I think it has something to do with either IPTables, or the openwrt devices default route's overriding the static routes, but I am not skilled enough to know how to tell.
I will add config files and routing tables as soon as I can.
The output of even one of these commands was too large to post. It doesn't look like I can attach a file, so I've added it to Pastebin. I hope that's OK.
Sooo upon further review of the commands requested I noticed that even though the static routes are represented in the web interface, they were not present when showing the routing table via the command line.
I've rebooted the openwrt routers a few times, and it's still not showing up. I have added the routes manually via ip route add xxxxx/24 via yyyyy and all is now working.
Much fuss over nothing apparently. Thanks for pointing me in the correct direction.
Now I guess I have to figure out why the routes are not showing up at boot time...
The routes will show up if the gateway address is in the remote subnet and not the local subnet.
(On the router with the 106.0 subnet) this worked
ip route add 10.10.10.0/24 via 10.10.10.2 (instead of 192.168.106.2)
If your problem is solved, feel free to mark the relevant post as the solution; and edit the title to add "[SOLVED]" to the beginning (click the pencil behind the topic).
I'm able to read the /etc/config/network file easier, so not sure...I am curious though, why did you set a metric?
I thought LAN was addressed as: network.lan.ipaddr='192.168.106.1' network.lan.netmask='255.255.255.0' - so how is there a gateway on LAN at 10.10.10.2?
How do you use a host IP in the same network, as a gateway to it's own subnet?
As a reminder, your're handing out a gateway of 192.168.106.2 via DHCP, so the routes should be on that device
Correct, it is not necessary. However I think it just works because it has higher metric and the lower metric of the directly connected wlan2 interface has precedence anyway.
Most likely this explains why routes were not installed too.
I'm not a routing specialist clearly. The gateway addresses are handled on the 3750 switch which is acting as the "Core" router. I think technically the gateway in the route shown should be 192.168.106.2 (which is the vlan 55 interface address for the 3750). I set a metric most likely because I thought it would help
I have read something on the wiki that unnecessary routes will be skipped. I'll have to look into this a little further because I still do not understand why they are skipped in this case.
Please keep in mind that ALL routes identified in the config files are being skipped on both Openwrt routers.
After changing the gateways, all of the default routes seem to be working properly, I'm not at the home office, so it will have to wait for me to see if it survives a reboot.
