I already have 1024 as metric and I did if down, if up.....
the default route is still wg0, but yes with the metric, if wg0 is down I can use wan to browse but it is not my question, it was not about that
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export pbr; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru
root@OpenWrt:~# ubus call system board; \
> uci export network; uci export pbr; \
> ip -4 addr ; ip -4 ro li tab all ; ip -4 ru
{
"kernel": "5.10.165",
"hostname": "OpenWrt",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Netgear Nighthawk X4S R7800",
"board_name": "netgear,r7800",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "22.03-SNAPSHOT",
"revision": "r20048-83a13b74f5",
"target": "ipq806x/generic",
"description": "OpenWrt 22.03-SNAPSHOT r20048-83a13b74f5"
}
}
package network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth1.1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option device 'eth0.2'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
option metric '1024'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '5 0t'
config device
option type 'bridge'
option name 'br-guest'
config interface 'guest'
option proto 'static'
option device 'br-guest'
option ipaddr '191'
option netmask '255.255.255.0'
config interface 'wg0'
option proto 'wireguard'
option force_link '1'
option mtu '1410'
option private_key '+JvM6Xk='
list addresses '10/16'
option metric '10'
config wireguard_wg
option public_key 'uLLdCF7EQ='
list allowed_ips '0.0.0.0/0'
option route_allowed_ips '1'
option endpoint_host '10.43'
option endpoint_port '1443'
option persistent_keepalive '25'
config wireguard_wg0
option public_key 'W9bzkcLvy4TA='
list allowed_ips '0.0.0.0/0'
option route_allowed_ips '1'
option endpoint_host '37'
option endpoint_port '51820'
option persistent_keepalive '25'
package pbr
config pbr 'config'
option verbosity '2'
option resolver_set 'none'
option ipv6_enabled '0'
list ignored_interface 'vpnserver'
list ignored_interface 'wgserver'
option boot_timeout '30'
option rule_create_option 'add'
option procd_reload_delay '1'
option webui_show_ignore_target '0'
list webui_supported_protocol 'all'
list webui_supported_protocol 'tcp'
list webui_supported_protocol 'udp'
list webui_supported_protocol 'tcp udp'
list webui_supported_protocol 'icmp'
option enabled '1'
option strict_enforcement '0'
config include
option path '/usr/share/pbr/pbr.user.aws'
config include
option path '/usr/share/pbr/pbr.user.netflix'
config policy
option name 'Plex/Emby Local Server'
option interface 'wan'
option src_port '8096 8920 32400'
option enabled '0'
config policy
option name 'Plex/Emby Remote Servers'
option interface 'wan'
option dest_addr 'plex.tv my.plexapp.com emby.media app.emby.media tv.emby.media'
option enabled '0'
config policy
option name 'PC_jim'
option src_addr '2:A8'
option interface 'wg0'
config policy
option name 'Pixel7'
option interface 'wan'
option src_addr ':B3'
config policy
option name 'HiSense'
option src_addr 'A0:5C'
option interface 'wan'
config policy
option name 'Formuler'
option src_addr '00:1:41'
option interface 'wan'
config policy
option name 'samsung.tv'
option src_addr 'D4:92'
option interface 'wan'
config policy
option name 'chromecast'
option src_addr ''
option interface 'wan'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
13: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
16: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 24.1/24 brd 24.122.140.255 scope global eth0.2
valid_lft forever preferred_lft forever
17: br-guest: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
inet 192.1/24 brd 192.255 scope global br-guest
valid_lft forever preferred_lft forever
25: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1410 qdisc noqueue state UNKNOWN group default qlen 1000
inet 10.1/16 brd 10.14.255.255 scope global wg0
valid_lft forever preferred_lft forever
default via 24..1 dev eth0.2 table pbr_wan
192.24 dev br-lan table pbr_wan proto kernel scope link src 19
1920/24 dev br-guest table pbr_wan proto kernel scope link src
default via 1.2 dev wg0 table pbr_wg0
192.16/24 dev br-lan table pbr_wg0 proto kernel scope link src 192.168.1.1
192.1/24 dev br-guest table pbr_wg0 proto kernel scope link src 1.1
default dev wg0 proto static scope link metric 10
default via 21 dev eth0.2 proto static src 24. metric 1024
10./16 dev wg0 proto static scope link metric 10
24.1/24 dev eth0.2 proto static scope link metric 1024
37.1.104 via 24.122.140.1 dev eth0.2 proto static metric 1024
192./24 dev br-lan proto kernel scope link src 192.168.1.1
192. dev br-guest proto kernel scope link src 192
broadcast 10. dev wg0 table local proto kernel scope link src 10
local 10. dev wg0 table local proto kernel scope host src 10.
broadcast 10. dev wg0 table local proto kernel scope link src 10
broadcast 24. dev eth0.2 table local proto kernel scope link src 24.
local 24. dev eth0.2 table local proto kernel scope host src 24.
broadcast 24. dev eth0.2 table local proto kernel scope link src 24.
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.1.0 dev br-lan table local proto kernel scope link src 192.168.1.1
local 192.168.1.1 dev br-lan table local proto kernel scope host src 192.168.1.1
broadcast 192. dev br-lan table local proto kernel scope link src 192.168.1.1
broadcast 192. dev br-guest table local proto kernel scope link src 192.
local 192 dev br-guest table local proto kernel scope host src 192.
broadcast 192. dev br-guest table local proto kernel scope link src 192.
0: from all lookup local
30000: from all fwmark 0x10000/0xff0000 lookup pbr_wan
30001: from all fwmark 0x20000/0xff0000 lookup pbr_wg0
32766: from all lookup main
32767: from all lookup default
root@OpenWrt:~#
I retracted a lot of ips
uci set network.wan.metric='5'
uci commit network
ifup wan
How is it now?
1 Like
got it, thank you
metric ''10'' was too much?
1 Like
Trendy's solution was to overcome the metric you left on the wan interface. It was a lower number thus winning the priority.
It's solved, it could be cleaned up but it works.
You also need to click "Save & Apply" after that.
Your network file still has:
config wireguard_wg0
option public_key 'W9bzkcLvy4TA='
list allowed_ips '0.0.0.0/0'
option route_allowed_ips '1'
option endpoint_host '37'
option endpoint_port '51820'
option persistent_keepalive '25'
Also, undo any manual routing/metric changes if you're using pbr.
I know
I re checked the box later, cause it did not work anyway
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.