Hello everyone,
I've been trying over the last couple of days to troubleshoot on issue with WireGuard client connection speed, as reported by my Roku Ultra. I was able to get about 71Mbps on the Roku Ultra speed test, but somehow, over the last couple of days, it has fallen drastically.
To verify if the issue was caused by the recent adoption of the Protectli router, I decided to chain it to the previously used GL-MV1000, which always provided the above mentioned 70ish Mbps when going through WIreGuard connection. My paid for ISP speed is 200/100, but I intend to go gigabit in the near future, which was the reasoning behind the adoption of the x86/64 router.
Anyway, I don't know if it's the new blood pressure control med I began taking a few days ago, but I cannot seem to find why I cannot access the GL-MV1000 OpenWrt Luci interface from a computer connected to the LAN provided by the Protectli router.... I think I should be able to access Luci on the GL-MV1000 because it's the default gateway for the Protectli, no need for static routes, but since I currently can't and I'm currently a little liteheaded, I thought it would be faster to ask for help from you gentle folk. Services marked as disabled are in such state because of the testing circumstance I explained above.
TIA
Diagram below may help you noble friends to understand:
First guess:
You have enabled BCP38 in the innermost Protectii router, and that prevents packets to "local private IP addresses" like 192.168.8.x being sent from WAN of the Protectii.
Or something similar.
Double NAT may cause strange effects as you have private addresses also on the WAN side of the inner router.
Ps.
you might try accessing the IPv6 address of the router in case IPv4 fails.
Thanks for posting back in such short time.
I had to search bcp38 and openwrt to find out about what that is... Sorry for being such a newbie. As far I can remember, I haven't installed the bcp38 package, unless something else installed it for me... How can I find out if it is indeed running?
Funny thing is I have played with double NAT several times (granted with the routers above mentioned in reverse order) before and never got this unexpected behavior.
I tried ping6 from my Mac using the Gateway IPv6 address shown in the Overview page of my Protectli, but did not succeed. Forgot to mention that ping 192.168.8.1 from the Mac also fails.
Also, I can traceroute from the Mac to, say, 8.8.8.8, or cnn.com without any problem and, wait for it... one of the hops is 192.168.8.1, but I CANNOT traceroute to 192.168.8.1 directly.
LuCI system - software - installed packages. Is bcp38 on the list?
From SSH console: `opkg list-installed
But just think on similar lines:
any adblockers or similar, which would affect firewall?
If you connect PC directly to the outer router, can you then access LuCI there?
No, both Adblock and Banip were installed on the Protectli, but disabled as well...
And neither was installed on the GL-MV1000. I just realized that It may as well be something cached in the Mac. I'm about to reboot the damn thing and post back the result.
