I have a ZBT WG3526 running LEDE Reboot 17.01.4 r3560-79f57e422d / LuCI lede-17.01 branch (git-17.290.79498-d3f0685). The Kernel version is 4.4.92.
It has a good hardware configuration, everything is working, but if I add some custom firewall rules the boot time increases significantly. It goes from seconds to 4 or 5 minutes. If I delete these custom rules, it comes back to seconds again.
you have to check your firewall rules, one by one. It seems that a boot process has network timeouts due to your custom firewall rules.
can you list your custom rules?
so you are using a VPN network.
what do you want with the custom rules. as far as I can see, the first ones allow the VPN network to access some local networks, but the last one does masquerading for the VPN network source addresses??
Isn't that rule for internet traffic (outgoing traffic through VPN).
I think the last rule should be
iptables -t nat -A POSTROUTING -o -j MASQUERADE
where is the name of VPN IP device.
can you give us a view of your network (local, internet)?
All sites are connected by site-to-site VPNs.
The last rule is to permit internet access only for the default network as we have some internal subnets used to make tests eventually.
I have a Tp-Link WDR4300 running Openwrt 15.05.1 at the Site2 with the same rules, but the boot time is ok.
This rule tells all outbound traffic to masquerade with the IP assigned to the LEDE's interface; NOT JUST INTERNET. This rule conflicts with the six other rules. Make the Masquerade rule more specific, specify the correct interface, etc.; and verify the order of all seven rule(s).
I don't know why some rules were not copied... They are about open traffic to some addresses that uses Dynamic IP, so I was using DNS to get the IP... It was the main cause. I removed these rules and it came back to normal boot time again.