OpenWrt Forum Archive

Topic: WAN Status reports wrong vlan in Luci

The content of this topic has been archived on 7 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
smjohnston
12 Nov 2017, 00:36

Hi, I am using OpenWrt Chaos Calmer 15.05
When logged into my TP-Link (TL-WDR4300 v1) through Luci (git-15.248.30277-3836b45) the overview page reports the IPv4 WAN Status as follows:

eth0.1     Type: static
Address: 192.168.15.1
Netmask: 255.255.255.248
Gateway: 192.168.15.1
Connected: 1h 8m 18

The main problem is the WAN Interface should be eth0.3 which has an address of 192.168.0.16...

I wanted to isolate 2 of the ports so, using Luci, I:
  -added vlan3
  -created a new interface called lan_2.
  -changed the physical settings for the wan interface to eth0.3
  -changed the physical settings for the lan_2 interface to eth0.2
  -created a new firewall zone lan2 -> wan [accept] [accept] [reject]
  -moved port 1 to vlan3 (the new wan vlan)
  -moved ports 4 and 5 to vlan2 (the new lan)

and restarted.. thats it.. so I am confused as to why it is reporting the wrong vlan for the wan.

I am relatively new to OpenWRT and I can not find the problem, or perhaps more accurately, can not recognize it when I am looking at it.

Any help would be greatly appreciated
Here are my config files for network, firewall, and dhcp:

root@Home:~# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdf4:70cb:fe2a::/48'

config interface 'lan_1'
        option force_link '1'
        option proto 'static'
        option ipaddr '192.168.15.1'
        option netmask '255.255.255.248'
        option gateway '192.168.15.1'
        option broadcast '192.168.15.7'
        option _orig_ifname 'eth0.1 radio0.network1 radio1.network1'
        option _orig_bridge 'true'
        option ifname 'eth0.1'

config interface 'lan_2'
        option proto 'static'
        option ipaddr '192.168.15.9'
        option netmask '255.255.255.248'
        option broadcast '192.168.15.15'
        option type 'bridge'
        option _orig_ifname 'eth0.2'
        option _orig_bridge 'true'
        option ifname 'eth0.2'
        option gateway '192.168.15.9'

config interface 'wan'
        option proto 'dhcp'
        option _orig_ifname 'eth0.3'
        option _orig_bridge 'false'
        option ifname 'eth0.3'
        option delegate '0'

config interface 'wan6'
        option proto 'dhcpv6'
        option _orig_ifname 'eth0.3'
        option _orig_bridge 'false'
        option ifname 'eth0.3'
        option reqaddress 'try'
        option reqprefix 'auto'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
        option mirror_source_port '0'
        option mirror_monitor_port '0'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '0t 2 3'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 1'
        option vid '3'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '2'
        option ports '0t 4 5'

root@Home:~# cat /etc/config/firewall

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option name 'lan1'
        option network 'lan_1'
        option family 'ipv4'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config forwarding
        option dest 'wan'
        option src 'lan1'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option src_ip 'fe80::/10'
        option src_port '547'
        option dest_ip 'fe80::/10'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config include
        option path '/etc/firewall.user'

config rule
        option src 'wan'
        option proto 'esp'
        option target 'ACCEPT'
        option dest 'lan1'

config rule
        option src 'wan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'
        option dest 'lan1'

config zone
        option input 'ACCEPT'
        option output 'ACCEPT'
        option name 'lan2'
        option network 'lan_2'
        option forward 'REJECT'

config forwarding
        option dest 'wan'
        option src 'lan2'

root@Home:~# cat /etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option localservice '1'

config dhcp 'lan_1'
        option interface 'lan_1'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option start '2'
        option limit '6'
        option ra_management '1'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'

config dhcp 'lan_2'
        option interface 'lan_2'
        option start '10'
        option limit '5'
        option leasetime '12h'

config host
        option name 'Shop'
        option mac 'c8:d3:a3:59:07:a9'
        option ip '192.168.15.10'

Post #2
smjohnston
12 Nov 2017, 02:45

I am not sure but I think this is a bug.
I upgraded to LEDE (which was incredibly easy) and started with a fresh configuration

I added a third vlan with one port and the cpu.
created an interface called lan_2
assigned eth0.3 to the new interface and created a dhpc server for it
saved and restarted.

same thing happened. suddenly the status page says my wan is eth0.1

does anyone know if this is a designed behavior... it seems wrong... any thoughts?

Post #3
123serge123
12 Nov 2017, 03:54

Show output of commands

ifconfig -a
swconfig dev switch0 show
Post #4
smjohnston
12 Nov 2017, 04:45

thanks 123serge123,

at the very end of the output it shows the vid for vlans 1 and 3 are reversed from what I intended but I don't think that matters in this case

Here is the output:

oot@Home:~# ifconfig -a
br-lan_2  Link encap:Ethernet  HWaddr 64:70:02:CB:FF:5E 
          inet addr:192.168.15.9  Bcast:192.168.15.15  Mask:255.255.255.248
          inet6 addr: fe80::6670:2ff:fecb:ff5e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:129174 errors:0 dropped:0 overruns:0 frame:0
          TX packets:170758 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10928806 (10.4 MiB)  TX bytes:200212885 (190.9 MiB)

eth0      Link encap:Ethernet  HWaddr 64:70:02:CB:FF:5E 
          inet6 addr: fe80::6670:2ff:fecb:ff5e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:540346 errors:0 dropped:0 overruns:0 frame:0
          TX packets:300183 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:301402119 (287.4 MiB)  TX bytes:214144167 (204.2 MiB)
          Interrupt:4

eth0.1    Link encap:Ethernet  HWaddr 64:70:02:CB:FF:5E 
          inet addr:192.168.15.1  Bcast:192.168.15.7  Mask:255.255.255.248
          inet6 addr: fe80::6670:2ff:fecb:ff5e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:187 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:22122 (21.6 KiB)

eth0.2    Link encap:Ethernet  HWaddr 64:70:02:CB:FF:5E 
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:129174 errors:0 dropped:0 overruns:0 frame:0
          TX packets:170758 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:10928806 (10.4 MiB)  TX bytes:200212885 (190.9 MiB)

eth0.3    Link encap:Ethernet  HWaddr 64:70:02:CB:FF:5E 
          inet addr:192.168.0.16  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::6670:2ff:fecb:ff5e/64 Scope:Link
          inet6 addr: fd00:f0f2:4963:9bf2:6670:2ff:fecb:ff5e/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:411098 errors:0 dropped:550 overruns:0 frame:0
          TX packets:129223 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:280725637 (267.7 MiB)  TX bytes:12707014 (12.1 MiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:9 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1
          RX bytes:668 (668.0 B)  TX bytes:668 (668.0 B)

root@Home:~# swconfig dev switch0 show
Global attributes:
        enable_vlan: 1
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        mirror_monitor_port: 0
        mirror_source_port: 0
        arl_age_time: 300
        arl_table: address resolution table
Port 0: MAC 64:70:02:cb:ff:5e
Port 1: MAC bc:ad:28:01:42:11
Port 1: MAC bc:ad:28:01:42:12
Port 1: MAC bc:ad:28:45:63:a6
Port 1: MAC bc:ad:28:1b:b1:83
Port 1: MAC 00:1c:f0:71:8d:1a
Port 1: MAC f0:f2:49:63:9b:f2
Port 1: MAC 28:57:be:cf:92:bb
Port 1: MAC 28:57:be:cf:91:6e
Port 1: MAC 28:57:be:cf:91:74
Port 1: MAC 88:15:44:49:f9:70
Port 1: MAC bc:ad:28:45:63:73
Port 1: MAC bc:ad:28:1b:b2:99
Port 1: MAC bc:ad:28:5d:3a:f4
Port 1: MAC 70:8b:cd:a4:bf:c7
Port 1: MAC 2c:30:33:65:03:a9
Port 1: MAC dc:ef:09:d2:ff:6c
Port 1: MAC bc:ad:28:45:63:2c
Port 4: MAC 3c:97:0e:6f:8d:d4

        igmp_snooping: 0
        igmp_v3: 0
Port 0:
        mib: MIB counters
RxBroad     : 11
RxPause     : 0
RxMulti     : 292
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 4574
Rx128Byte   : 95474
Rx256Byte   : 48153
Rx512Byte   : 25806
Rx1024Byte  : 1051
Rx1518Byte  : 2425
RxMaxByte   : 122748
RxTooLong   : 0
RxGoodByte  : 215372199 (205.3 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 195
TxBroad     : 51508
TxPause     : 0
TxMulti     : 189469
TxUnderRun  : 0
Tx64Byte    : 54
Tx128Byte   : 185028
Tx256Byte   : 63995
Tx512Byte   : 113570
Tx1024Byte  : 53102
Tx1518Byte  : 2424
TxMaxByte   : 122756
TxOverSize  : 0
TxByte      : 303769094 (289.6 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

        enable_eee: ???
        igmp_snooping: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow
Port 1:
        mib: MIB counters
RxBroad     : 51501
RxPause     : 0
RxMulti     : 189459
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 48953
Rx128Byte   : 51935
Rx256Byte   : 20235
Rx512Byte   : 112714
Rx1024Byte  : 52747
Rx1518Byte  : 125135
RxMaxByte   : 0
RxTooLong   : 0
RxGoodByte  : 288352981 (274.9 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 17
TxBroad     : 2
TxPause     : 0
TxMulti     : 93
TxUnderRun  : 0
Tx64Byte    : 2105
Tx128Byte   : 82159
Tx256Byte   : 43749
Tx512Byte   : 848
Tx1024Byte  : 335
Tx1518Byte  : 34
TxMaxByte   : 0
TxOverSize  : 0
TxByte      : 13242298 (12.6 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

        enable_eee: 0
        igmp_snooping: 0
        pvid: 2
        link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
        mib: No MIB data
        enable_eee: 0
        igmp_snooping: 0
        pvid: 1
        link: port:2 link:down
Port 3:
        mib: No MIB data
        enable_eee: 0
        igmp_snooping: 0
        pvid: 1
        link: port:3 link:down
Port 4:
        mib: MIB counters
RxBroad     : 12
RxPause     : 0
RxMulti     : 22
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 1927
Rx128Byte   : 82347
Rx256Byte   : 43738
Rx512Byte   : 854
Rx1024Byte  : 343
Rx1518Byte  : 44
RxMaxByte   : 0
RxTooLong   : 0
RxGoodByte  : 13260212 (12.6 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 0
TxBroad     : 5
TxPause     : 0
TxMulti     : 15
TxUnderRun  : 0
Tx64Byte    : 2497
Tx128Byte   : 13155
Tx256Byte   : 4399
Tx512Byte   : 24944
Tx1024Byte  : 707
Tx1518Byte  : 125137
TxMaxByte   : 0
TxOverSize  : 0
TxByte      : 200929475 (191.6 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

        enable_eee: 0
        igmp_snooping: 0
        pvid: 3
        link: port:4 link:up speed:1000baseT full-duplex txflow rxflow auto
Port 5:
        mib: MIB counters
RxBroad     : 0
RxPause     : 0
RxMulti     : 0
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 0
Rx128Byte   : 0
Rx256Byte   : 0
Rx512Byte   : 0
Rx1024Byte  : 0
Rx1518Byte  : 0
RxMaxByte   : 0
RxTooLong   : 0
RxGoodByte  : 0
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 0
TxBroad     : 16
TxPause     : 0
TxMulti     : 37
TxUnderRun  : 0
Tx64Byte    : 7
Tx128Byte   : 16
Tx256Byte   : 19
Tx512Byte   : 9
Tx1024Byte  : 2
Tx1518Byte  : 0
TxMaxByte   : 0
TxOverSize  : 0
TxByte      : 10404 (10.1 KiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

        enable_eee: 0
        igmp_snooping: 0
        pvid: 3
        link: port:5 link:up speed:1000baseT full-duplex txflow rxflow auto
Port 6:
        mib: No MIB data
        enable_eee: ???
        igmp_snooping: 0
        pvid: 0
        link: port:6 link:down
VLAN 1:
        vid: 1
        ports: 0t 2 3
VLAN 2:
        vid: 3
        ports: 0t 1
VLAN 3:
        vid: 2
        ports: 0t 4 5

Post #5
123serge123
12 Nov 2017, 07:14
smjohnston wrote:

the vid for vlans 1 and 3 are reversed from what I intended but I don't think that matters in this case

It MAY be problem.
To simplify situation rearrange your config in assumption that vlan N == vid N.
You can see that pvid of ports == vlan N by default (not vid N as you intend)

Post #6
smjohnston
12 Nov 2017, 07:36

I did as you suggested 123serge123.
No difference after a reboot other than we now have:

VLAN 1:
        vid: 1
        ports: 0t 2 3
VLAN 2:
        vid: 2
        ports: 0t 4 5
VLAN 3:
        vid: 3
        ports: 0t 1

which is aesthetically pleasing but...
seeing the status page still reporting the wrong vlan for my wan is giving me an eye tic.

WHERE THE HELL is it getting that assignment?

Thanks.

Post #7
123serge123
12 Nov 2017, 08:06

Ok
As I understand now your config:
lan_1 -> eth0.1 (ports 2 3) - static 192.168.15.1
lan_2 ->br-lan_2(eth0.2 (ports 4 5)) - static 192.168.1.9
wan -> eth0.3 (ports 1)- dhcp ??.??.??.??
but LUCI shows that wan interface is eth0.1 with static 192.168.15.1?

Post #8
smjohnston
12 Nov 2017, 21:55

exactly it.
the wan -> eth0.3 is attached to another router which has a dhcp reservation alloted to it...
so everything except the status page SEEMS to be functioning as expected...

and this happens every time I try to do it from scratch.

So bug?

Post #9
123serge123
14 Nov 2017, 02:49

Pls clean LUCI and browser cache then show screenshots.

Post #11
smjohnston
15 Nov 2017, 04:46

Also..
I forgot to mention I did the whole thing from scratch again the other night. This time I got everything working and displaying properly right up until I enabled the first dhcp server on the new lan.. once the dhcp server was enabled it started showing my lan interface as my wan... perhaps that helps narrow it down.

Post #12
123serge123
15 Nov 2017, 18:03

Remove gateway option for both lan_1 and lan_2.

Post #13
smjohnston
16 Nov 2017, 03:12

thank you that worked :-) but why? even after flushing caches etc..
you can see below the default gateway passed to clients on the 192.168.1.0 /29 is still the one I set in lan_1.

user@userxtc ~ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.15.1    0.0.0.0         UG    100    0        0 enp0s25
link-local      *               255.255.0.0     U     1000   0        0 enp0s25
192.168.15.0    *               255.255.255.248 U     100    0        0 enp0s25

What is different about hard coding it that would cause the wrong vlan to be displayed as the WAN?

Is there a deliberate behavior here I do not understand?

Thanks again for the help.

Post #14
123serge123
17 Nov 2017, 11:59
smjohnston wrote:

thank you that worked :-)

Ok

but why? even after flushing caches etc..

I'm not expert of LUCI/lua programming sad but I can see code smile.
You may suggest your way of determining wan interface to developers.

Good luck!

The discussion might have continued from here.