I'm seeing an issue that I haven't found a post about - so starting a new thread (as suggested in another threat).
I have a Netgear R7800 running hnyman's build from master.
I have 1 - 5GHz SSID and 2 - 2.4 GHz SSID's being broadcast.
I noticed on initial boot there was a problem on the second 2.4Ghz SSID... it was not allowing my ESP based devices (wifi) to get IP's. Two non-esp based wifi devices were fine as are two wired devices. After looking all over I restarted dnsmasq
and they got IP's and everything was back to normal.
After a restart (had a random restart this week after 1 week up) I saw the same thing happen again. I get one of the below errors for each of the devices that fail to get an IP:
daemon.warn dnsmasq-dhcp[1925]: no address range available for DHCP request via br-IOT
The wired, and other wifi devices are fine - so it is not all devices effected, just the ones running custom firmware (ESP-Home).
The DHCP Server is active for this interface ( Ignore Interface
is not checked) but Dynamic DHCP
is unchecked as well. All devices are setup with static leases. I copied the exact settings from my previous router (TEW-673GRU) which I did not have this problem with.
Especially when restarting dnsmasq
causing everything to come up and work. This only seems to happen after a reboot. When I restart dnsmasq
I do see some messages in the kernel log:
[ 89.810162] ath10k_pci 0001:01:00.0: Invalid peer id 4 or peer stats buffer, peer: 00000000 sta: 00000000
[ 134.603196] ath10k_pci 0000:01:00.0: htt tx: fixing invalid VHT TX rate code 0xff
[ 155.036645] ath10k_pci 0000:01:00.0: Invalid VHT mcs 15 peer stats
Would this have anything to do with it?
For the 2.4 GHz I have the wireless set to N, channel 1, 40 MHz channel width.
Is the VHT message just about it changing the width to 20 instead of 40?
So, any idea's?
Thanks and Cheers! - sorry for the book...
DeadEnd
Please copy the output of the following commands and post it here using the "Preformatted text </>
" button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
Okay, here we go:
cat /etc/config/network:
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'xxxx:xxxx:xxxx::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth1.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option delegate '0'
option ipaddr 'x.x.x.x'
list dns 'x.x.x.x'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
option peerdns '0'
list dns 'x.x.x.x'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option peerdns '0'
list dns 'xxxx::xxxx:xxxxxxxx:xxxx'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '6t 4 3 2'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '0t 5'
option vid '2'
config switch_vlan
option device 'switch0'
option vlan '3'
option ports '6t 1'
option vid '3'
config interface 'IOT'
option proto 'static'
option ifname 'eth1.3'
option delegate '0'
option force_link '0'
option ipaddr 'x.x.x.x'
option netmask '255.255.255.0'
list dns 'x.x.x.x'
option type 'bridge'
config interface 'WireGuard'
option proto 'wireguard'
option private_key 'xxxxxxxxxxxxxxxxxxxxxxxxx'
option listen_port 'xxxxx'
list addresses 'x.x.x.x'
config wireguard_WireGuard
option description '1'
option public_key 'xxxxxxxxxxxxxxxxxxxxxxxxx'
list allowed_ips 'x.x.x.x'
option route_allowed_ips '1'
config wireguard_WireGuard
option description '2'
option public_key 'xxxxxxxxxxxxxxxxxxxxxxxxx'
list allowed_ips 'x.x.x.x'
option route_allowed_ips '1'
config wireguard_WireGuard
option description '3'
option public_key 'xxxxxxxxxxxxxxxxxxxxxxxxx'
list allowed_ips 'x.x.x.x'
option route_allowed_ips '1'
config wireguard_WireGuard
option description '4'
option public_key 'xxxxxxxxxxxxxxxxxxxxxxxxx'
option route_allowed_ips '1'
list allowed_ips 'x.x.x.x'
cat /etc/config/wireless:
config wifi-device 'radio0'
option type 'mac80211'
option hwmode '11a'
option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '48'
option legacy_rates '0'
option htmode 'VHT80'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'Mongo 5Ghz'
option encryption 'psk2'
option key 'xxx'
config wifi-device 'radio1'
option type 'mac80211'
option hwmode '11g'
option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
option htmode 'HT40'
option channel '1'
option legacy_rates '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'Mongo 2.4 Ghz'
option encryption 'psk2'
option key 'xxx'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid 'InternetOnly'
option encryption 'psk2'
option key 'xxx'
option network 'IOT'
cat /etc/config/dhcp:
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
list dhcp_option 'option:dns-server,xx.xx.xx.xx'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'IOT'
option interface 'IOT'
option leasetime '12h'
option dynamicdhcp '0'
list dhcp_option ' option:dns-server,x.x.x.x'
option start '100'
option limit '150'
## Removed all the config host lines as these are just the static leases
cat /etc/config/firewall:
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option input 'DROP'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled '0'
config include
option path '/etc/firewall.user'
config zone
option name 'IoT'
option network 'IOT'
option output 'ACCEPT'
option forward 'REJECT'
option input 'REJECT'
config zone
option name 'wireguard'
option network 'WireGuard'
option input 'ACCEPT'
option output 'ACCEPT'
option masq '1'
option forward 'ACCEPT'
config forwarding
option src 'lan'
option dest 'IoT'
config forwarding
option src 'wireguard'
option dest 'lan'
config forwarding
option src 'wireguard'
option dest 'IoT'
config forwarding
option src 'wireguard'
option dest 'wan'
config rule
option name 'Wireguard'
list proto 'udp'
option src 'wan'
option dest_port 'xxxxx'
option target 'ACCEPT'
config rule
option name 'DHCP IoT'
list proto 'udp'
option src 'IoT'
option dest_port '67-68'
option target 'ACCEPT'
config rule
option name 'DNS IoT'
option src 'IoT'
option dest 'lan'
list dest_ip 'x.x.x.x'
option dest_port '53'
option target 'ACCEPT'
config rule
option name 'NTP IoT'
option src 'IoT'
option dest_port '123'
option target 'ACCEPT'
config rule
option name 'MQTT IoT'
option src 'IoT'
option dest 'lan'
list dest_ip 'x.x.x.x'
option dest_port '1883'
option target 'ACCEPT'
config rule
option name 'Camera Blocking'
option src 'IoT'
list src_mac 'xx:xx:xx:xx:xx:xx'
list src_mac 'xx:xx:xx:xx:xx:xx'
list src_mac 'xx:xx:xx:xx:xx:xx'
list src_mac 'xx:xx:xx:xx:xx:xx'
list src_mac 'xx:xx:xx:xx:xx:xx'
list src_mac 'xx:xx:xx:xx:xx:xx'
option dest '*'
option target 'DROP'
config rule
option name 'garage'
list proto 'tcp'
option src 'IoT'
list src_mac 'xx:xx:xx:xx:xx:xx'
option dest 'wan'
option dest_port 'xxxx'
option target 'ACCEPT'
config rule
option name 'S4'
option src 'IoT'
list src_mac 'xx:xx:xx:xx:xx:xx'
option dest 'wan'
option target 'ACCEPT'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
option family 'any'
option reload '1'
config include 'bcp38'
option type 'script'
option path '/usr/lib/bcp38/run.sh'
option family 'IPv4'
option reload '1'
whew!
That was a bit!
Thanks!
DeadEnd
DeadEnd:
option force_link '0'
set this to 1 for "IOT" and try again
1 Like
That seems to have fixed it.
Any idea why this was needed?
Is the interface not coming online quick enough and so it is not being setup correctly?
1 Like
The doc says it's needed for static
1 Like
Okay cool... I wonder if I missed that when I was configuring... I checked the other interface and sure enough it is flagged. Must be a user error .
Thanks again!
DeadEnd
1 Like
You're welcome.
Please edit the post title adding "[solved]" at the beginning, it's a useful visual clue for future users
system
Closed
July 4, 2020, 7:07am
9
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.