WLAN doesn't issue IP-Address

OnTheRoad · October 28, 2024, 2:50pm

My first project using OpenWrt is a router for a motorhome. I'm not deep into networking either.
HW: x86/64 mini computer
2 * Ethernet, 1 for WAN, 1 for LAN
wireless AX210NBW for wwan
wireless mt7921 for wlan
L860GL 4G modem

I've installed OpenWrt 23.05.5 and all drivers, HW is running.
Now there is a problem I just couldn't solve. No client trying to connect to the mt7921 (wlan) is getting an IP address. The connection shows up in Luci Wireless only as long as the device tries to get an address, then disappears again.
Maybe packages or parts of the driver are missing, I didn't find any applicable instruction for installing the mt7921. I searched for mt7921 (or so) in opkg and then installed kmod-mt7921-common, kmod-mt7921-firmware and kmod-mt7921e.
Another possibility is that one of the (automatically generated) entries in the configuration files is messed up.

# cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd09:b1e1:a75b::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.57.1'
	option netmask '255.255.255.0'
	option ipбassign '60'

config interface 'wan'
	option device 'eth1'
	option proto 'dhcp'

config interface 'wan6'
	option device 'eth1'
	option proto 'dhcpv6'

config interface 'wwan'
	option proto 'dhcp'
	option device 'radio1.network1'

config interface '4G_Modem'
	option device '/dev/ttyACM0'
	option proto 'xmm'
	option pdp 'ip'
	option apn 'internet'
	option delay '10'

config interface 'WoMoWLAN'
	option proto 'static'
	option device 'phy1-ap0'
	list ipaddr '192.168.57.1'

# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'pci0000:00/0000:00:13.2/0000:03:00.0'
	option band '5g'
	option cell_density '0'
	option htmode 'HT20'
	option disabled '0'
	option channel '52'

config wifi-device 'radio1'
	option type 'mac80211'
	option path 'pci0000:00/0000:00:14.0/0000:04:00.0'
	option channel 'auto'
	option band '2g'
	option htmode 'HT20'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan WoMoWLAN'
	option mode 'ap'
	option ssid 'xxxxxxxx'
	option encryption 'psk2'
	option key 'xxxxxxx'

config wifi-iface 'wifinet2'
	option device 'radio0'
	option mode 'sta'
	option network 'wwan'
	option ssid 'xxxxxxxx'
	option encryption 'psk2'
	option key 'xxxxxxxx'

# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'WoMoWLAN'
	option interface 'WoMoWLAN'
	option start '100'
	option limit '150'
	option leasetime '12h'

# cat /etc/config/firewall

config defaults
	option sym_flood '1'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'
	list network 'WoMoWLAN'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'
	list network 'wan6'
	list network 'wwan'
	list network '4G_Modem'

config forwarding
	option src 'lan'
	option dest 'wan'
	
config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '60'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

I could not yet connect via SSH terminal, therefore there could be typos here which are (hopefully) not in the original files, sorry.

I will most probably have some more questions in the course of this project. I hope I can post them in this forum (and also get them answered). Can an admin please advice whether to append these questions (which are probably not related to this problem) in this post, or open a new post for every question.
Thank you!

EDIT Solution summary:

1. (in 4 and 5) Two networks in wifi interface for radio1 (lan and WoMoWLAN). lan removed.
2a. (in 10) no subnet mask defined in interface WoMoWLAN. Defined 255.255.255.0.
2b. (in 10) do not reference radio devices in network config file. Created an empty bridge and referenced it in interface WoMoWLAN.
1. (in 15) same IP-address for lan and WoMowLAN creates a conflict. Changed address for WoMoWLAN.
1. (in 17) now lan and WoMoWLAN are in different subnets which is not desired for this project. Removed WoMoWLAN entirely and referenced lan instead.

Initially lan has been selected as interface, however the system created an extra interface which I renamed WoMoWLAN, not understanding what it would cause. Not brave enough to just delete it....

brada4 · October 28, 2024, 2:54pm

You have to specify "lan" network in access point definition (only one network)

OnTheRoad · October 28, 2024, 3:00pm

Sorry, I do not fully understand. Sorry.
Could you please tell what to change in which file?

lleachii · October 28, 2024, 3:01pm

Only pick 1.

psherman · October 28, 2024, 3:02pm

On the network line above, there should o my be one network. Either lan or WoMoWLAN. Remove the one you don’t plan to use (probably lan?).

OnTheRoad · October 28, 2024, 3:04pm

That's fast answers! Respect!
I'll try in a moment and let you know whether it's working.

OnTheRoad · October 28, 2024, 4:13pm

I removed the 'lan' network from the interface.
Unfortunately it didn't change anything.

So for my understanding:
br-lan bridges all physical ethernet ports, but wireless devices must not be in this list.
lan and wlan are "bridged" by having the same ip-address.
the wan and lan side is "bridged" through the firewall.
Is this about correct? (even if I did not get the correct wording)

lleachii · October 28, 2024, 4:21pm

No.

The reason you don't list wireless PHYs in the network config is because you bridge SSIDs to networks in the wireless config:

option network 'WoMoWLAN'

This creates a bridge connecting the WoMoWLAN SSID to Ethernet.

Yes (I guess). Once interfaces are bridged, you only number the bridge, not individual interfaces.

Firewalls don't "bridge"
LAN and WAN should not be "connected" whatsoever (that would be a security issue)
The firewall has a rule allowing LAN to access (or forward to) WAN (i.e., the Internet)

OnTheRoad · October 28, 2024, 4:28pm

Thank you! Now I got a better understanding.

psherman · October 28, 2024, 4:54pm

Now that I have a chance to review your config a bit more completely, I see some issues:

You don't have a subnet mask/size defined.
You shouldn't be using radio devices in the network file.

I recommend creating an empty bridge like this:

config device
	option name 'br-womowlan'
	option type 'bridge'
	option bridge_empty '1'

Then edit your network interface like this:

config interface 'WoMoWLAN'
	option proto 'static'
	option device 'br-womowlan'
	list ipaddr '192.168.57.1'
	option netmask '255.255.255.0'

Restart and test again.

OnTheRoad · October 28, 2024, 7:38pm

That did work!
Now both Windows and Android devices get an IP-Address.

It is quite slow though, and there is no access to the internet or Luci when connected wireless. It works OK when connected through ethernet.

psherman · October 28, 2024, 7:40pm

Let's review the latest full config.

OnTheRoad · October 28, 2024, 9:10pm

Here are the latest versions of the config files:

# cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd5c:3e41:fe5e::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config device
	option name 'br-womowlan'
	option type 'bridge'
	option bridge_empty '1'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.57.1'
	option netmask '255.255.255.0'
	option ipбassign '60'

config interface 'wan'
	option device 'eth1'
	option proto 'dhcp'

config interface 'wan6'
	option device 'eth1'
	option proto 'dhcpv6'

config interface 'wwan'
	option proto 'dhcp'
	option device 'phy0-sta0'

config interface '4G_Modem'
	option device '/dev/ttyACM0'
	option proto 'xmm'
	option pdp 'ip'
	option apn 'internet'
	option delay '10'
	option auth 'auto'

config interface 'WoMoWLAN'
	option proto 'static'
	option device 'br-womowlan'
	list ipaddr '192.168.57.1'
	option netmask '255.255.255.0'

# cat /etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'pci0000:00/0000:00:13.2/0000:03:00.0'
	option channel 'auto'
	option band '5g'
	option htmode 'HE40'
	option disabled '0'
	option cell_density '0'

config wifi-device 'radiol'
	option type 'mac80211'
	option path 'pci0000:00/0000:00:14.0/0000:04:00.0'
	option channel 'auto'
	option band "5g'
	option htmode "HE80"
	option disabled '0'
	option cell_density '0'

config wifi-iface 'default_radiol'
	option device 'radiol'
	option network 'WoMoWLAN'
	option mode 'ap'
	option ssid 'xxxxxxxx'
	option encryption 'psk2'
	option key 'xxxxxxx'
	option wpa_disable_eapol_key_retries '1'

config wifi-iface 'wifinet2'
	option device 'radio0'
	option mode 'sta'
	option network 'wwan'
	option ssid 'xxxxxxxx'
	option encryption 'psk2'
	option key 'xxxxxxxx'

# cat /etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option nonegcache '0'
	option cachesize '1000'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option ednspacket_max '1232'
	option filter_aaaa '0'
	option filter_a '0'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'WoMoWLAN'
	option interface 'MoMoWLAN'
	option start '100'
	option limit '150'
	option leasetime '12h'

cat /etc/config/firewall

config defaults
	option syn_flood '1'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	list network 'lan'
	list network 'WoMoWLAN'

config zone
	option name 'wan'
	option input 'REJECT'
	option output 'ACCEPT'
	option forward 'REJECT'
	option masq '1'
	option mtu_fix '1'
	list network 'wan'
	list network 'wan6'
	list network 'wwan'
	list network '4G_Modem'

config forwarding
	option src 'lan'
	option dest 'wan'
	
config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping"
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

There were indeed a few typos from OCR in the previous versions... I corrected them.
And the system made some changes, too. So it's good to review the latest versions here.

lleachii · October 28, 2024, 9:15pm

Both networks cannot be identically numbered 192.168.57.0/24. You'll need to change one (you've been having bad luck with this today).

OnTheRoad · October 28, 2024, 9:37pm

That does work fine! Thank you so much!

Now there is just the question, how to get both lan and wlan into one network. Or let me put that different: can devices connected via ethernet and wireless devices communicate with each other? That's what I want.

Next I need get the SSH connection to work (which doesn't, even via ethernet), then I can stay in the warm house and continue to work wireless. I hope.

lleachii · October 28, 2024, 10:40pm

Then change the SSID's network to LAN, don't use WoMoWLAN. Then they'll be the same network.

Not sure why you made a separate network if you wanted them combined.

OnTheRoad · October 28, 2024, 10:53pm

The system created it after the setting up wlan. During the setup I did choose lan. Later, when I first saw it, I thought it is necessary this way.
Tomorrow I'll try lan, discarding WoMoWLAN if it works.
To be honest, I never would have solved this without the help of you guys. Kudos to you!

lleachii · October 28, 2024, 10:54pm

Really, I've only seen that for a WWAN, not LAN. Interesting.

OnTheRoad · October 29, 2024, 10:38am

I have changed to use lan only. Everything works as before, on one IP for ethernet and wireless. So easy - if one knows it...
And now I think I finally understand how everything works together.
Thank you again!

psherman · October 29, 2024, 2:25pm

It is actually the default configuration of OpenWrt - a single lan subnet that is used for both Ethernet and WiFi.

Glad it’s all working again, though.