Hi have a weird issue that I cannot wrap my head around.
I have two openwrt devices, a router and an accesspoint with an identical SSID config and use fast roaming between the two.
This mostly works fine, but I have two Google devices, a Nest mini and a Google alarm clock that lose the internet connection, but only on the accesspoint. If I reboot the accesspoint, or if I disconnect them and they get transferred to the router both devices are able to connect to the internet. But since I use fast roaming, they alway get pinned on the accesspoint which is closer and lose their internet connection.
Other devices connected to the accesspoint, say my phone or laptop, or Eufy devices work fine on the accesspoint no matter what.
The accesspoint has firewall, dhcp and dnsmasq disabled.
I do use adguardhome, but seeing they have no issues when connected through the router or after rebooting the accesspoint, I don't believe that's the issue. Disabling adguard also doesn't help.
I would recommend removing/disabling all 802.11r (as well as k and v, if applicable) from your systems.
Beyond that, we'd have to see your configs. Please post both your router and your AP:
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
I've redacted my VPN clients and most of my static leases, but kept the ones that are relevant to my wireless network. For now I've disabled my AX network on the accesspoint, forcing the Nest Mini to connect to the router, but the Lenovo Smart Clock connects on AX and N.
I've had this problem in the past and rebooting the AP would fix it for a long period. I haven't had this issue after upgrading to 24 directly after its releasse, but it's back and this time restarting the AP doensn't seem to help.
Router:
ubus call system board
{
"kernel": "6.6.73",
"hostname": "OpenWrt",
"system": "ARMv8 Processor rev 4",
"model": "Xiaomi Redmi Router AX6S",
"board_name": "xiaomi,redmi-router-ax6s",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.0",
"revision": "r28427-6df0e3d02a",
"target": "mediatek/mt7622",
"description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
"builddate": "1738624177"
}
}
cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
option ipv6 '0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.254'
option netmask '255.255.255.0'
option delegate '0'
option ipv6 '0'
config device
option name 'wan'
option macaddr 'd4:da:21:1c:97:ab'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option ipv6 '0'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config interface 'wg0'
option proto 'wireguard'
config wireguard_wg0
option description 'Removed my wg clients'
config device 'guest_dev'
option type 'bridge'
option name 'br-guest'
config interface 'guest'
option proto 'static'
option device 'br-guest'
option ipaddr '192.168.3.1/24'
cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/18000000.wmac'
option channel 'auto'
option band '2g'
option htmode 'HT20'
option country 'NL'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'my_wlan'
option encryption 'psk2'
option key ''my_wlan_pwd''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option ifname 'N'
list maclist '50:8B:B9:0B:D8:5A'
list maclist '18:DE:50:C4:12:62'
option macfilter 'deny'
config wifi-device 'radio1'
option type 'mac80211'
option path '1a143000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel 'auto'
option band '5g'
option htmode 'HE160'
option country 'NL'
option cell_density '0'
option txpower '21'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'my_wlan'
option encryption 'psk2'
option key ''my_wlan_pwd''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option ifname 'AX'
config wifi-iface 'wifinet2'
option device 'radio0'
option mode 'ap'
option ssid 'isolated_client'
option encryption 'psk2'
option key ''my_isolated_pwd''
option network 'lan'
option hidden '1'
option macfilter 'allow'
list maclist '24:0A:64:B2:C8:9B'
option ifname 'Toon'
config wifi-iface 'guest'
option device 'radio0'
option mode 'ap'
option network 'guest'
option ssid 'my_guest_wlan'
option encryption 'psk2'
option key 'guest_pwd'
option isolate '1'
option hidden '1'
option ifname 'Guest'
cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/skynet/'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option boguspriv '0'
list interface 'guest'
list interface 'lan'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
list dhcp_option '6,192.168.1.252'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config host
option mac '84:B8:B8:56:A6:B2'
option name 'LenovoSmartClock'
option dns '1'
option ip '192.168.1.170'
config host
option mac 'D4:F5:47:21:BC:99'
option name 'Nest-Mini-Keuken'
option dns '1'
option ip '192.168.1.175'
config host
option mac '24:0A:64:B2:C8:9B'
option dns '1'
option ip '192.168.1.197'
option name 'Toon'
config domain
option name 'openwrt-ax.skynet'
option ip '192.168.1.253'
config domain
option name 'openwrt.skynet'
option ip '192.168.1.254'
config dhcp 'guest'
option interface 'guest'
option start '100'
option limit '150'
option leasetime '1h'
cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
option flow_offloading '1'
option flow_offloading_hw '1'
option drop_invalid '1'
config zone 'lan'
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
list network 'wg0'
option log '1'
config zone 'wan'
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config forwarding 'lan_wan'
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule 'wg'
option name 'Allow-WireGuard'
option src 'wan'
option dest_port '51820'
option proto 'udp'
option target 'ACCEPT'
option enabled '0'
config zone 'guest'
option name 'guest'
option network 'guest'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config forwarding 'guest_wan'
option src 'guest'
option dest 'wan'
config rule 'guest_dns'
option name 'Allow-DNS-Guest'
option src 'guest'
option dest_port '53'
option proto 'tcp udp'
option target 'ACCEPT'
config rule 'guest_dhcp'
option name 'Allow-DHCP-Guest'
option src 'guest'
option dest_port '67'
option proto 'udp'
option family 'ipv4'
option target 'ACCEPT'
Accesspoint:
ubus call system board
{
"kernel": "6.6.73",
"hostname": "OpenWrt-AX",
"system": "ARMv8 Processor rev 4",
"model": "Xiaomi Redmi Router AX6S",
"board_name": "xiaomi,redmi-router-ax6s",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.0",
"revision": "r28427-6df0e3d02a",
"target": "mediatek/mt7622",
"description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
"builddate": "1738624177"
}
}
cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.253'
option netmask '255.255.255.0'
option gateway '192.168.1.254'
option delegate '0'
option ipv6 '0'
list dns '192.168.1.254'
config device
option name 'wan'
option macaddr 'd4:da:21:1c:ec:15'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option ipv6 '0'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/18000000.wmac'
option channel 'auto'
option band '2g'
option htmode 'HT20'
option country 'NL'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'my_wlan'
option encryption 'psk2'
option key 'my_wlan_pwd'
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option ifname 'N'
list maclist '18:DE:50:C4:12:62'
list maclist '50:8B:B9:0B:D8:5A'
config wifi-device 'radio1'
option type 'mac80211'
option path '1a143000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel 'auto'
option band '5g'
option htmode 'HE160'
option country 'NL'
option cell_density '0'
option txpower '21'
option disabled '1'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'my_wlan'
option encryption 'psk2'
option key 'my_wlan_pwd'
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option ifname 'AX'
list maclist '84:B8:B8:56:A6:B2'
option disabled '1'
cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option expandhosts '1'
option cachesize '1000'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
list interface 'lan'
option boguspriv '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
list network 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'wan'
list network 'wan'
list network 'wan6'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
edit: I've installed 24.10.1 and it seems better. Things that are different: WED is turned off, and I haven't updated any packages. I have an update OCD and regularly do an opkg upgrade of all packages, could that be causing problems?
