Wired connected clients do not get access, but wireless clients do

andree · July 8, 2020, 11:55am

Hi,
I am new here, and I try to setup a Fritzbox 7312 (https://openwrt.org/toh/avm/fritz.box.wlan.7312) with the current Release 19.07.03 as a travelmate solution, where the connection to a hotspot is done via wifi and which is exposed to local clients in a segregated dhcp net again wireless via wifi as also wired via the single eth0 interface available at this fritzbox.
My wireless setup is working fine, I can connect wireless to openwrt@fritzbox7312, Luci is working which enables me to connect the fritzbox wireless with an available access point and finally I get access to the internet.
But connecting a client via the wired interface eth0 is not working. The client don't gets an IP adress assigned, if I configure the client with a static IP address in the same range it gets connected but I cannot access anything, neither SSH, not Luci or the internet.

enclosed by configs (network, wireless, firewall, dhcp), would be great if someone could provide me some guidance what I have to change to get the eth0 port running for local connected client.

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd8f:0492:98af::/48'

config atm-bridge 'atm'
	option vpi '1'
	option vci '32'
	option encaps 'llc'
	option payload 'bridged'
	option nameprefix 'dsl'

config dsl 'dsl'
	option tone 'bv'
	option annex 'j'
	option firmware '/lib/firmware/adsl.bin'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0'
	option proto 'static'
        option netmask '255.255.255.0'
	option ipaddr '192.168.2.1'
        option ip6assign '60'

config interface 'wan'
	option ifname 'dsl0.7'
	option proto 'pppoe'
	option delegate '0'
	option username 'username@online.de'
	option password 'password'
	option ipv6 'auto'

config device 'wan_dev'
	option name 'dsl0'
	option macaddr '00:24:FE:FF:37:BC'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config interface 'wwan'
	option proto 'dhcp'

config interface 'trm_wwan'
	option proto 'dhcp'

root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '11'
	option hwmode '11g'
	option path 'pci0000:00/0000:00:0e.0'
	option htmode 'HT20'
	option disabled '0'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

config wifi-iface 'radio0_HotelWLAN_'
	option network 'trm_wwan'
	option device 'radio0'
	option mode 'sta'
	option ssid 'HotelWLAN'
	option key 'key'
	option encryption 'psk2'
	option disabled '0'

root@OpenWrt:~# cat /etc/config/firewall

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	option network 'wan wan6 wwan trm_wwan'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

andree · July 9, 2020, 5:18pm

Some update:
By chance, I had a client connected via cable on eth0 during boot of openwrt and then it got an IP adress assigned via dhcp and internet access was working. With that it seems that the issue appears only if there is no client connected during boot and gets connected during runtime first. So some hot plug issue.

Any clue how to fix that ?

andree · July 10, 2020, 10:57am

I investigated that topic a little further and like to share my findings, so that it may help someone in case running into a similar issue in future.

First I was wondering if there is something special in my setup which differs from usual environments, and one thing what me came in mind was that my specific HW (Fritzbox 7312) do has only one single eth port (no further switch integrated into the device). However, I do not know if this contributing or even causing the issue finally.

After spending some time to look for similar issues, my consolidated outcome is the following:

udhcp is not responding to plug-events of network cable and that this may also do not make much sense in general since in typical case of switches behind physical ports such events would not appear.
https://dev.archive.openwrt.org/ticket/9367

However, use of netplug or ifplugd has been proposed as potential solutions.

Furthermore and even simpler to install, it has been recommended to use dhcpcd (which monitors link status out of the box) instead of udhcp by installing the available package.
https://lists.alpinelinux.org/~alpine/devel/<7edd13a1-bb39-60d7-c092-7694796260f0%40ustc.edu>
But accordant to https://unix.stackexchange.com/questions/4014/how-do-i-use-dhcpcd-in-openwrt-instead-of-udhcpc , the installation via

 # opkg update
 # opkg install dhcpcd

will not lead to a well working system since udhcpc is hardcorded into the helper scripts of ifup on OpenWRT and after installation of dhcpcd both programs gets executed together.

Finally, the issue could also be caused by some unnecessary but failing checks in dnsmasq init script, which results in dnsmasq not offering dhcp v4 adresses, with a simple workaround to set the "force" option to the "lan" section of /etc/config/dhcp and which is also confirmed to be used by the original firmware used by GL.iNet.

Eventhough all that feels for me like a bug in a release for a device with only a single eth port and I would be happy if this gets fixed in some future release for the Fritzbox7312, I am now able to handle it and do have some workarounds available.

With that i will close this issue. Whish you all fun with OpenWRT on your devices.

system · July 20, 2020, 10:57am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.