UPnP bug in OpenWrt

vgaetera · September 8, 2019, 3:40pm

I suppose, those might be relevant to the problem:

CONFIG_KERNEL_IP_PNP
CONFIG_PACKAGE_kmod-nf-nathelper
CONFIG_PACKAGE_kmod-nf-nathelper-extra
CONFIG_PACKAGE_libnatpmp
CONFIG_PACKAGE_libupnp
CONFIG_PACKAGE_libupnpp
CONFIG_PACKAGE_natpmpc

But I don't use this feature.

AlanDias17 · September 8, 2019, 4:47pm

Alright I'll give it a try

AlanDias17 · September 9, 2019, 2:17pm

Okay so I tried adding those modules except the last

CONFIG_PACKAGE_libupnpp
CONFIG_PACKAGE_natpmpc

because they were taking so much space & couldn't build the final image (Even though I excluded as many as not so important modules I could)
So I'm outta options. Whereas I tried LEDE version build 17.1.06 from here [UPDATE] LEDE 17.01.6 custom builds for TP-LINK WR841N(D) WR941N(D) WR743N(D) WR741N(D) WR740N(D) All Versions
in his LEDE build UPnP worked!
So I just want to make it work in the latest OpenWrt build

kbhuinfo · September 13, 2019, 5:44am

Isn't a resource/perf issue? 841 is low end he, which does not guarantee basic stability - qbittotrent can be beyond threshold.

AlanDias17 · September 13, 2019, 1:35pm

I did the tests & it's fine for my daily internet speed. It'll only struggle if my speed is beyond 10 MBPS. UPnP gives me 501 Action Failed error. I think it's bcz I'm behind double NAT.

stangri · September 13, 2019, 8:29pm

You should have opened with that. Do you have any sort of control over the higher link router?

AlanDias17 · September 14, 2019, 10:06pm

My ISP is lying to me. I've been after them about this double NAT issue since two years & they said everything is fine on their side. They never block any port, that's what they say (lie). In fact they are basically putting pressure on me to buy a static public IP from them. But that's a story for another day; I'll try to look into it.
Although, on LEDE UPnP module works flawlessly. It just doesn't work on latest build of OpenWrt

lleachii · September 15, 2019, 4:15pm

If you don't have a public IP, then that's the issue. This [slightly] conflicts with your first post (since it doesn't make much scene for an ISP to double NAT 2+ public IPs.

This struck my curiosity, since "public" and "NAT" are different things. Although, it's possible they're using a NAT pool with their publicly-issued IPs at a customer aggregation router, it just wastes more public IPs. Are you sure your IP doenst begin with 100.x.x.x?

This would more align with ISP using Carrier-grade NAT.

Then, that doesn't seem to be an issue; and you likely do have a public IP address. For testing, did you re-install that previous version?

AlanDias17 · September 15, 2019, 8:04pm

On WAN the IP starts with 172 & if I google "What Is My IP Address" it starts with 103.
Yes I've tested LEDE version last week, UPnP absolutely works.
Here's my post where one user had the similar problem & tried Stun server to fix it.
UPNP bug in OpenWrt

slh · September 15, 2019, 8:34pm

172.16.0.0/12 (172.16.0.0 to 172.31.255.255) would be a private IP (RFC1918). While this range could be used for cgNAT, your ISP would deserve a whack over the head if they steal this range from their customers - that's what 100.64.0.0/10 is reserved for.

That however doesn't change the fact that you don't have a globally routable ('public') IP, but are behind some kind of (cg)NAT, which means there is no way to open ports to the outside or to access your router from the open internet. In the least bad case, you'd at least have an IPv6 prefix (DS-Lite) as well, which might give you at least the opportunity to use your device's IPv6 address instead.

AlanDias17 · September 15, 2019, 8:39pm

Agreed. BUT is there a way I can compile older version of UPnP module with the latest OpenWrt build?

slh · September 15, 2019, 8:40pm

You can build it, but it won't (can't) work (without a public IP address).

AlanDias17 · September 15, 2019, 8:42pm

Then how come it works in LEDE version?

shm0 · September 28, 2019, 10:50am

Maybe a bit off topic...
But I leave this here for people that have to use a double NAT setup.
For example if you have to use your ISP router and your OpenWRT box behind it.

UPNP also passes the public IP as info to the clients.
(I'm sure PS4 uses this info)
In a double NAT setup this will not work. (Because a private IP is passed over to the clients)
To fix this, change/add
option external_ip 'your public ip address'
to your miniupnpd conf.
It also possible to modify the miniupnpd init script to automatically get the public IP address.
And enable DMZ mode on your ISP router. (to the IP address of your OpenWRT box)
Or forward all high ports (1024-65535) to your OpenWRT box.
But for cgNAT, your ISP has to open/forward the ports or to give a public IP.

AlanDias17 · September 28, 2019, 7:56pm

Thank you that was very informative shm0. Probably it won't work in my case but I'll definitely try & update the forum.

AlanDias17 · September 30, 2019, 4:03pm

Finally it worked! Just added
option external_ip 'your public ip address'
in my miniupnpd conf. Thank you so much

shm0 · September 30, 2019, 8:52pm

I'm glad you got it working!

system · October 10, 2019, 8:52pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.