WDS client not accessible from LAN

Installing and Using OpenWrt Network and Wireless Configuration
1

I am trying to set-up a network printer that does not have wifi using ethernet plug into WDS client router. I set up WDS bridge using the instructions at https://openwrt.org/docs/guide-user/network/wifi/atheroswds. I tested this connection with my computer plugged into the router. When I connect to the client router I can access my servers on the main LAN. For example server 192.168.1.12 which is connected to the WDS AP is accessible from my computer plugged into the WDS client router. However my computer is inaccessible from the server. If I ssh into the server I cannot even ping the client router which I am plugged into.

Is there some sort of firewall setting that is blocking the host from accessing the client?

How can I bridge these two devices seamlessly so they can all see each other?
edit: I can ping all devices if I ssh into the main router (192.168.1.1)

2

It seems your WDS config is wrong somewhere. Can you post your entire config? /etc/config/network, /etc/config/wireless and /etc/config/dhcp.

3

All devices should be able to see each other, there is no firewall involved in this kind of setup. I think there is something wrong with your config.

4

Here is those files. Since I tried this on two routers and both have same problem I am thinking it might be a problem on the host somewhere so I included those files too.

HOST /etc/config/wireless 
config wifi-device 'wifi0'
	option type 'qcawifi'
	option macaddr 'xx:xx:xx:xx:xx:xx'
	option hwmode '11g'
	option txpower '23'
	option channel '6'
	option htmode 'HT20'

config wifi-iface
	option device 'wifi0'
	option network 'lan'
	option mode 'ap'
	option blockdfschan '1'
	option encryption 'psk-mixed'
	option wds '1'
	option ifname 'ath0'
	option disablecoext '1'
	option key 'XXXXXXX'
	option ssid 'XXXXXXX'
	option wpa_group_rekey '0'
	option athnewind '1'

config wifi-device 'wifi1'
	option type 'qcawifi'
	option channel 'auto'
	option macaddr 'xx:xx:xx:xx:xx:xx'
	option disabled '0'
	option hwmode '11a'
	option txpower '23'
	option htmode 'VHT80'

config wifi-iface
	option device 'wifi1'
	option network 'lan'
	option mode 'ap'
	option blockdfschan '1'
	option encryption 'psk-mixed'
	option ifname 'ath1'
	option ssid 'XXXXXXX'
	option key 'XXXXXXX'
	option wds '1'
	option athnewind '1'
HOST /etc/config/network 
config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'

config interface 'lan'
	option ifname 'eth1'
	option force_link '1'
	option type 'bridge'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option hostname 'GL-B1300-43e-5G'
	option ieee1905managed '1'
	option ipaddr '192.168.1.1'
	option stp '1'

config interface 'wan'
	option ifname 'eth2'
	option proto 'dhcp'
	option hostname 'GL-B1300-43e-5G'
	option metric '10'

config interface 'wan6'
	option ifname 'eth0'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0t 1 2 3 4'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0t 5'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '1'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '2'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '3'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '4'
	option mode 'dscp'
	option status 'enable'

config switch_ext
	option device 'switch0'
	option name 'QosPtMode'
	option port_id '5'
	option mode 'dscp'
	option status 'enable'

config interface 'tethering'
	option proto 'dhcp'
	option ifname 'eth2'
	option metric '30'
HOST /etc/config/dhcp 
config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option localservice '1'
	option sequential_ip '1'

config dhcp 'lan'
	option interface 'lan'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '100'
	option limit '100'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'

config domain 'localhost'
	option name 'console.gl-inet.com'
	option ip '192.168.1.1'
WDS-CLIENT /etc/config/wireless 
config wifi-device 'radio0'
	option type 'mac80211'
	option hwmode '11g'
	option path 'platform/10300000.wmac'
	option htmode 'HT20'
	option channel '6'
	option country '00'
	option legacy_rates '1'
	option __toggle 'Disable'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'
	option disabled '1'

config wifi-iface
	option ssid 'XXXXXXX'
	option encryption 'psk2'
	option device 'radio0'
	option mode 'sta'
	option bssid 'xx:xx:xx:xx:xx:xx'
	option key 'XXXXXXX'
	option wds '1'
	option network 'lan'
WDS-CLIENT /etc/config/network 
config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd8:faa8:21c0::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.1.56'
	option stp '1'
	option gateway '192.168.1.1'
	option dns '192.168.1.1'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr 'xx:xx:xx:xx:xx:xx'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0 6t'
WDS-CLIENT /etc/config/dhcp 
config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	list server '192.168.1.1'

config dhcp 'lan'
	option interface 'lan'
	option ra 'server'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'
5

Does lan contain all of the networks? Make sure it covers Client from main and AP on the device itself. There should be no problem with firewall because all of the networks are being kept in single zone so whether the firewall is active or not does not make a difference. After all the config seems okay, there must be something else going on.

6

Do you really need to activate STP? I do not think you need it in this kind of setup.

7

I am not sure what you mean. "lan" on the main or the client?
Please tell me what and how to check.
Thank you.

8

I don't think so either but does it damage? I want to be able to have it working as a wifi client and plugged in client eventually and then I will need it I believe.

9

You need to see on the 2nd router that all of the Wi-Fi networks (STA and AP) along with any physical ports (from where you would like to connect to 2nd router) are in the same zone (mostly it would be lan). This is how the WDS setup works. It does not interfere with firewall in anyway but to be on the safe side, disable firewall and stop it and then you should check again whether you can ping across your network and access it from all sides.

10

everything is in lan network but still not working.
Also I dont know if this is related but I cannot use hostnames as addresses only IP from the 2nd router. For example if I ssh into the 2nd router :

root@OpenWrt:~# ping color_printer
ping: bad address 'color_printer'
root@OpenWrt:~# ping 192.168.1.194
PING 192.168.1.194 (192.168.1.194): 56 data bytes
64 bytes from 192.168.1.194: seq=0 ttl=64 time=5.330 ms

but on a computer connected to the main router :

PING color_printer.lan (192.168.1.194) 56(84) bytes of data.
64 bytes from COLOR_PRINTER.lan (192.168.1.194): icmp_seq=1 ttl=64 time=12.2 ms
11

I believe there's an option in the DHCP and DNS config that forces hostnames to have a suffix in there name such as .lan. This could be the reason why you cant use just the hostname because you also need to put that suffix to be able to ping.

About your WDS config I don't think you can solve your problems without reconfiguration. Please reset your WDS client router and reconfigure it from scratch. If you copied any code the last time, don't do it now. Preferably write all the config again or do it from LuCI.

12

I couldn't solve it any other way. I took your advice and reset my routers. Don't know if it is what helped but I reset the main router and realised it was an older version of openwrt so I upgraded it to 18.06.1 and now it all works well from the WDS point. There seem to maybe be other issues but I will look into those and if needed will post a seperate topic for those.

Thanks a lot. :smile:

13

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.