so for some reason im unable to reach my modem from my router at the moment. im having a complete brain fart on creating a route or a vlan to access it. any help would be fantastic.
Well, let's see, a little more information would be helpful as we don't know:
- Is the modem connected?
- What port is it connected to?
- What is the modem's address (yes, varies by brand)?
- Is the modem serving as a router or a bridge?
- If a bridge, does it have an accessible management interface?
- What are the IP addresses assigned in your device?
- What are your firewall rules?
- Do you have NAT on for all packets going out the interface to the modem?
Any of those could be the problem.
alright its a bridge modem my local area network is 10.0.0.1 modem is 192.168.100.1, 
sysctl.conf
kernel.panic = 60
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.ip_forward = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.igmp_max_memberships = 100
net.core.rmem_max = 2097152
net.core.wmem_max = 2097152
net.core.somaxconn = 65535
net.core.optmem_max = 25165824
net.core.default_qdisc = fq
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_syn_backlog = 16384
net.unix.max_dgram_qlen = 50
net.ipv4.neigh.default.gc_thresh1 = 4096
net.ipv4.neigh.default.gc_thresh2 = 8192
net.ipv4.neigh.default.gc_thresh3 = 16384
net.ipv4.neigh.default.gc_interval = 10
net.ipv4.neigh.default.gc_stale_time = 120
net.ipv4.neigh.default.proxy_qlen = 96
net.ipv4.neigh.default.unres_qlen = 6
net.ipv4.route.flush = 1
net.ipv4.tcp_rmem = 4096 87380 2097152
net.ipv4.udp_rmem_min = 16384
net.ipv4.tcp_wmem = 4096 65536 2097152
net.ipv4.udp_wmem_min = 16384
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 0
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rfc1337 = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_ecn = 1
net.ipv4.tcp_reordering = 3
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_fastopen = 3
net.ipv4.tcp_congestion_control = bbr
net.ipv6.conf.default.forwarding = 1
net.ipv6.conf.all.forwarding = 1
net.netfilter.nf_conntrack_tcp_loose = 0
net.netfilter.nf_conntrack_acct = 1
net.netfilter.nf_conntrack_checksum = 0
net.netfilter.nf_conntrack_max = 100000
net.netfilter.nf_conntrack_tcp_timeout_established = 1800
net.netfilter.nf_conntrack_tcp_timeout_close = 10
net.netfilter.nf_conntrack_tcp_timeout_close_wait = 10
net.netfilter.nf_conntrack_tcp_timeout_fin_wait = 20
net.netfilter.nf_conntrack_tcp_timeout_last_ack = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_recv = 20
net.netfilter.nf_conntrack_tcp_timeout_syn_sent = 20
net.netfilter.nf_conntrack_tcp_timeout_time_wait = 10
net.netfilter.nf_conntrack_udp_timeout = 60
net.netfilter.nf_conntrack_udp_timeout_stream = 180
net.bridge.bridge-nf-call-arptables = 0
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.ipv4.tcp_abort_on_overflow = 0
net.ipv4.tcp_orphan_retries = 2
net.ipv4.tcp_retries2 = 8
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 10
net.ipv4.tcp_keepalive_probes = 6
net.ipv4.tcp_fin_timeout = 7
net.ipv4.tcp_sack = 1
net.ipv4.tcp_dsack = 1
net.ipv4.tcp_fack = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_slow_start_after_idle = 0
net.ipv4.tcp_no_metrics_save = 0
idk give me a list of commands to give ya and ill post em
Your router need an IP address in the same network as the modem, i.e. in 192.168.100.0/24. This is accomplished by creating another interface in openwrt/lede and configure it with protocol=static address, IP address 192.168.100.2, and netmask 255.255.255.0. Configure if with the same physical interface as the wan interface which is connected to the modem, and add it to the wan zone. (Actually the last step isn't needed since the interface will already be in the wan zone since it shares physical interface with the wan interface, but it will be more apparent in the web interface when doing so thanks to the zone color.)
yeah i was doing that but i think i was using the br-lan interface, ill try it again using wan, but another question is should i use the vlan wan or the actual wlan ...so eth0.2 or eth0? i had it working once with the wan address on eth0.2 but then after a reboot something changed...fyi. thats why im having a brain fart. also what about adding eth0.2:1 or something to that nature would that work?
You should use the same as what's used on the wan interface, eth0.2 in your case apparently. Did you configure it with "Bring up on boot"?
yes i just left the default options which for me was bring up on boot checked. heres a picture of what i got.
still cant reach it 
Also maybe another piece of info to this puzzle is that i run a dhcp server on another device, with my dns as well. id like to manage it from there though.
You are using 192.168.100.1 for the modem interface, but that is the IP of your modem. Your interface needs a different IP in the same subnet, i.e. 192.168.100.2.
still nothing.
That's factually inaccurate, as no router must be on the same subnet the modem is in order to access it's [the modem's] status/config page. If traffic is failing to route to the modem correctly, this is not the cause.
- All cable modems run their local web server on 192.168.100.1/24, as well as the modem's rudimentary LAN DHCP server, and it doesn't matter what the LAN subnet is, navigating to 192.168.100.1 will always route without issue... the fact there's issues speaks to some other problem.
yeah thats what i thought @JW0914, but what is it?
Also maybe another piece of info to this puzzle is that i run a dhcp server on another device, with my dns as well. id like to manage it from there though.
i just need to add a route to it such as
route add ipaddres via ipaddress eth0.2
etc or something, but im having a complete brain fart, so im using the graphics utility.
or something like
ifconfig eth0.2:1
ifconfig eth0.2:1 192.168.100.1
but ifconfig eth0.2:1 192.168.100.1 gives me operation not permitted.
I don't have a clue, as the only thing that would normally cause issues is if you're running a DHCP server with 192.168.100.1 within that server's subnet (regardless of netmask) or LAN traffic is vid or pvid tagged.
Does your system or firewall logs show any activity when you try to navigate to 192.168.100.1?
- It could be it's an issue on the modem side, which should be resolved by unplugging the modem for 30s (power and LAN cable], plugging the LAN cable in, and finally power.
A modem in bridge mode wouldn't have any LAN DHCP server enabled. And I didn't read cable modem anywhere, they seams to be some kind of monstrosities. It seems they usually don't have any bridge mode.
before the device acquires an ip address from the isp the address 192.168.100.10 appears, after that its replaced with the wan address, and the bridge is engaged. then the user interface is accessible at 192.168.100.1 just like with dhcp on lede/opnewrt is ignored and forwarded to another dhcp, but the default gateway is still the lede/openwrt user interface. I tried restarting the firewall, i dont know where to read firewall logs on openwrt to be honest and i forward syslogs to another local address.
Also when i run ifconfig should modem be present along side the interfaces? because if so its not. i guess i could try a reboot
lol after a reboot, it forwards 192.168.100.1 go the luci interface.
All cable modems run a rudimentary LAN DHCP server to allow devices to access the internet without a router or switch (i.e. connecting a PC directly to a modem via ethernet, which, while possible, is never recommended unless a PC's firewall has been configured to reject all inbound traffic); however, this is completely separate from the web server cable modem's utilize for their status/config page at 192.168.100.1.
@sycohexor You may want to try logging requests via iptables, similar to the below:
/etc/firewall.user:
iptables -N LOG-modem
iptables -A INPUT -d 192.168.100.1 -j LOG-modem
iptables -A OUPUT -d 192.168.100.1 -j LOG-modem
iptables -A LOG-modem -j LOG --log-prefix "<[[--- Modem Traffic ---]]> : " --log-level 4
/etc/init.d/firewall reload
- This will log traffic to the kernel log (as well as system log)
ok i got it guys, after a reboot and setting the address to 192.168.100.2 its accessible now at 192.168.100.1. woot woot, thanks for all your help. how do i mark this as solved? had to have been a firewall issue or something
Edit the title, adding [Solved] to the beginning of the title
ok wait one last thing, now when i run ifconfig eth0.2 it just shows the inet address of the static 192.168.100.2, why is that?
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.