Dear all,
a few days ago I set up a TP-Link TL-WR1043ND with OpenWrt Attitude Adjustment 12.09-rc1. The router itself works like a charm, but I have a configuration issue that I cannot seem to tackle. That is, I did my homework, but failed miserably...
My setup looks like the following:
+------+
ADSL---| WAN |
| WLAN | (wl) laptop1
| LAN1 |------desktop1
| LAN2 |------desktop2
| LAN3 |------printer
| LAN4 |------switch-----+--NAS
+------+ `--laptop2
router `--desktop3Everything directly attached to the router works perfectly (including ADSL and wireless). However, everything behind the switch on LAN port 4 cannot reach the router (no DHCP lease, no ping, no nothing - just physical connection). The clients behind the switch can see each other, though, and if I remove the switch, NAS, laptop2, desktop3 connect in an instant with the same configuration.
My first guess was that OpenWrt's default VLAN settings demand more capabilities than the switch offers: it is a rather old and cheapish Intellinet SoHo-switch, and I was afraid that VLANs require a bit of intelligence of the device. On the other hand, it's sturdy and worked well for years behind a DD-WRT'ed Linksys WRT54GL, which AFAICS was supposed to use exactly the same VLAN settings (up to numbering). I tried switching VLAN off, both via Enable VLAN functionality in LuCI or
uci set network.@switch[0].enable_vlan4k=0
uci set network.@switch[0].enable_vlan=0
uci commit network.@switch[0]but to no avail.
Here's the output of uci show:
<DDNS settings>
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded=1
dhcp.@dnsmasq[0].boguspriv=1
dhcp.@dnsmasq[0].localise_queries=1
dhcp.@dnsmasq[0].local=/lan/
dhcp.@dnsmasq[0].domain=lan
dhcp.@dnsmasq[0].expandhosts=1
dhcp.@dnsmasq[0].authoritative=1
dhcp.@dnsmasq[0].readethers=1
dhcp.@dnsmasq[0].leasefile=/tmp/dhcp.leases
dhcp.@dnsmasq[0].resolvfile=/tmp/resolv.conf.auto
dhcp.@dnsmasq[0].rebind_protection=1
dhcp.@dnsmasq[0].rebind_localhost=1
dhcp.lan=dhcp
dhcp.lan.interface=lan
dhcp.lan.start=100
dhcp.lan.limit=150
dhcp.lan.leasetime=12h
dhcp.wan=dhcp
dhcp.wan.interface=wan
dhcp.wan.ignore=1
dropbear.@dropbear[0]=dropbear
dropbear.@dropbear[0].PasswordAuth=on
dropbear.@dropbear[0].Port=<SOMEPORT>
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood=1
firewall.@defaults[0].input=ACCEPT
firewall.@defaults[0].output=ACCEPT
firewall.@defaults[0].forward=REJECT
firewall.@zone[0]=zone
firewall.@zone[0].name=lan
firewall.@zone[0].network=lan
firewall.@zone[0].input=ACCEPT
firewall.@zone[0].output=ACCEPT
firewall.@zone[0].forward=REJECT
firewall.@zone[1]=zone
firewall.@zone[1].name=wan
firewall.@zone[1].network=wan
firewall.@zone[1].input=REJECT
firewall.@zone[1].output=ACCEPT
firewall.@zone[1].forward=REJECT
firewall.@zone[1].masq=1
firewall.@zone[1].mtu_fix=1
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src=lan
firewall.@forwarding[0].dest=wan
firewall.@rule[0]=rule
firewall.@rule[0].name=Allow-DHCP-Renew
firewall.@rule[0].src=wan
firewall.@rule[0].proto=udp
firewall.@rule[0].dest_port=68
firewall.@rule[0].target=ACCEPT
firewall.@rule[0].family=ipv4
firewall.@rule[1]=rule
firewall.@rule[1].name=Allow-Ping
firewall.@rule[1].src=wan
firewall.@rule[1].proto=icmp
firewall.@rule[1].icmp_type=echo-request
firewall.@rule[1].family=ipv4
firewall.@rule[1].target=ACCEPT
firewall.@rule[2]=rule
firewall.@rule[2].name=Allow-DHCPv6
firewall.@rule[2].src=wan
firewall.@rule[2].proto=udp
firewall.@rule[2].src_ip=fe80::/10
firewall.@rule[2].src_port=547
firewall.@rule[2].dest_ip=fe80::/10
firewall.@rule[2].dest_port=546
firewall.@rule[2].family=ipv6
firewall.@rule[2].target=ACCEPT
firewall.@rule[3]=rule
firewall.@rule[3].name=Allow-ICMPv6-Input
firewall.@rule[3].src=wan
firewall.@rule[3].proto=icmp
firewall.@rule[3].icmp_type=echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type router-solicitation neighbour-solicitation router-advertisement neighbour-advertisement
firewall.@rule[3].limit=1000/sec
firewall.@rule[3].family=ipv6
firewall.@rule[3].target=ACCEPT
firewall.@rule[4]=rule
firewall.@rule[4].name=Allow-ICMPv6-Forward
firewall.@rule[4].src=wan
firewall.@rule[4].dest=*
firewall.@rule[4].proto=icmp
firewall.@rule[4].icmp_type=echo-request echo-reply destination-unreachable packet-too-big time-exceeded bad-header unknown-header-type
firewall.@rule[4].limit=1000/sec
firewall.@rule[4].family=ipv6
firewall.@rule[4].target=ACCEPT
firewall.@include[0]=include
firewall.@include[0].path=/etc/firewall.user
<LuCI stuff>
network.loopback=interface
network.loopback.ifname=lo
network.loopback.proto=static
network.loopback.ipaddr=127.0.0.1
network.loopback.netmask=255.0.0.0
network.lan=interface
network.lan.ifname=eth0.1
network.lan.type=bridge
network.lan.proto=static
network.lan.ipaddr=192.168.1.1
network.lan.netmask=255.255.255.0
network.wan=interface
network.wan.ifname=eth0.2
network.wan._orig_ifname=eth0.2
network.wan._orig_bridge=false
network.wan.proto=pppoe
network.wan.username=<USER>
network.wan.password=<PASS>
network.@switch[0]=switch
network.@switch[0].name=rtl8366rb
network.@switch[0].reset=1
network.@switch[0].enable_vlan4k=1
network.@switch[0].enable_vlan=1
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device=rtl8366rb
network.@switch_vlan[0].vlan=1
network.@switch_vlan[0].ports=1 2 3 4 5t
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device=rtl8366rb
network.@switch_vlan[1].vlan=2
network.@switch_vlan[1].ports=0 5t
system.@system[0]=system
system.@system[0].zonename=Europe/Berlin
system.@system[0].timezone=CET-1CEST,M3.5.0,M10.5.0/3
system.@system[0].conloglevel=8
system.@system[0].cronloglevel=8
system.@system[0].hostname=ProjectiveOrigin
<NTP/LED stuff>
ucitrack.@network[0]=network
ucitrack.@network[0].init=network
ucitrack.@network[0].affects=dhcp radvd
ucitrack.@wireless[0]=wireless
ucitrack.@wireless[0].affects=network
ucitrack.@firewall[0]=firewall
ucitrack.@firewall[0].init=firewall
ucitrack.@firewall[0].affects=luci-splash qos miniupnpd
ucitrack.@olsr[0]=olsr
ucitrack.@olsr[0].init=olsrd
ucitrack.@dhcp[0]=dhcp
ucitrack.@dhcp[0].init=dnsmasq
ucitrack.@dropbear[0]=dropbear
ucitrack.@dropbear[0].init=dropbear
ucitrack.@httpd[0]=httpd
ucitrack.@httpd[0].init=httpd
ucitrack.@fstab[0]=fstab
ucitrack.@fstab[0].init=fstab
ucitrack.@qos[0]=qos
ucitrack.@qos[0].init=qos
ucitrack.@system[0]=system
ucitrack.@system[0].init=led
ucitrack.@system[0].affects=luci_statistics
ucitrack.@luci_splash[0]=luci_splash
ucitrack.@luci_splash[0].init=luci_splash
ucitrack.@upnpd[0]=upnpd
ucitrack.@upnpd[0].init=miniupnpd
ucitrack.@ntpclient[0]=ntpclient
ucitrack.@ntpclient[0].init=ntpclient
ucitrack.@samba[0]=samba
ucitrack.@samba[0].init=samba
ucitrack.@tinyproxy[0]=tinyproxy
ucitrack.@tinyproxy[0].init=tinyproxy
uhttpd.main=uhttpd
uhttpd.main.listen_http=0.0.0.0:80
uhttpd.main.listen_https=0.0.0.0:443
uhttpd.main.home=/www
uhttpd.main.rfc1918_filter=1
uhttpd.main.max_requests=3
uhttpd.main.cert=/etc/uhttpd.crt
uhttpd.main.key=/etc/uhttpd.key
uhttpd.main.cgi_prefix=/cgi-bin
uhttpd.main.script_timeout=60
uhttpd.main.network_timeout=30
uhttpd.main.tcp_keepalive=1
uhttpd.px5g=cert
uhttpd.px5g.days=730
uhttpd.px5g.bits=1024
uhttpd.px5g.country=DE
uhttpd.px5g.state=Berlin
uhttpd.px5g.location=Berlin
uhttpd.px5g.commonname=OpenWrt
wireless.radio0=wifi-device
wireless.radio0.type=mac80211
wireless.radio0.macaddr=64:70:02:40:99:7a
wireless.radio0.hwmode=11ng
wireless.radio0.htmode=HT20
wireless.radio0.ht_capab=SHORT-GI-40 DSSS_CCK-40
wireless.radio0.channel=2
wireless.radio0.txpower=27
wireless.radio0.country=US
wireless.@wifi-iface[0]=wifi-iface
wireless.@wifi-iface[0].device=radio0
wireless.@wifi-iface[0].network=lan
wireless.@wifi-iface[0].mode=ap
wireless.@wifi-iface[0].ssid=<SSID>
wireless.@wifi-iface[0].encryption=psk2
wireless.@wifi-iface[0].key=<KEY>Any ideas on how to approach this problem? I don't need VLANs, and I don't mind buying a new switch in case it helps. But I'd really like to understand what's wrong first...
Thanks in advance,
Alexander