I have a stable build (built on my own CentOS 6.2 box) of Backfire 10.3/rc6 30310 up and running with serial console access but I am banging my head against the wall trying to get simple network, wireless, dhcp and firewall stuff in place.  Amazingingly, I can build my own image, and install it. I just don't know how to use it

I have dropbear, ntpclient, system and fstab under control.  For instance, my usb stick mounts with ext4 filesystem, my dropbear is running on a non-common port and my public key is working. Even the led's are doing what I would expect.   

Can someone guide me to a post that would show me how to configure with UCI the basic 'stuff' for:

1. Connecting my ISP supplied bridge and getting a DHCP lease and getting the wan up.
2. Setting up NAT to allow lan and wlan access to the wan.
3. Setting up dnsmasq/dhcp to hand out leases to my 20 or 30 local hosts.
4. Setting up some port forwarding to certain hosts.

Oh and once I learn how to use UCI then i might just install Luci to 'see' how it all came out.

I have done all this with my WNDR3700v2 but using dd-wrt and the gui but I am so totally frustrated with the dd-wrt stability issues that I am intending to drop dd-wrt after about 6 years of blowing by brains out.

Thanks in advance.    I will buy the beer.   Canadian beer!

red6

TL-WR1043ND  ---  D-Link 825  ---  Netgear WNDR3700v2  ---  Asus WG-500 Premium V2  --- Cisco E2000 ---  Asus WL-520GC

OpenWrt Configuration - OpenWrt Wiki

Been thru many parts of the Wiki.  Things are looking up.   But how is it that I can ssh into the router, get access to the internet via the wan using an ip address or dns resolved ip but my clients on the lan or wlan can not see the wan? 

Hear is my /etc/config/network file...       Hmm?  Could this be a firewall configuration or lack thereof?

Code:

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto' 'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'

config 'interface' 'lan'
        option 'type' 'bridge'
        option 'ifname' 'eth0.1 eth1 wlan0'
        option 'proto' 'static'
        option 'netmask' '255.255.255.0'
        option 'ipaddr' '192.168.1.1'

config 'interface' 'wan'
        option 'ifname' 'eth0.2'
        option 'proto' 'dhcp'
        option 'macaddr' 'AA:BB:CC:AA:AA:FF'

config 'switch'
        option 'name' 'rtl8366rb'
        option 'reset' '1'
        option 'enable_vlan' '1'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '1'
        option 'ports' '1 2 3 4 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '2'
        option 'ports' '0 5t'

(Last edited by red6 on 9 Feb 2012, 21:34)

Define "clients on the lan or wlan can not see the wan"?

I should have used better terminology.  Hosts plugged into the lan ethernet ports or hosts connecting to the wireless radio can't access the internet.   Put ssh'ing into the router and using ping or nslookup shows the gateway as working because I can ping or wget to outside targets.

Execute "ifconfig ; route -n".

Here is '/etc/config/network' ...  (this time I have removed the wireless for now)

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto' 'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'

config 'interface' 'lan'
        option 'ifname' 'eth0.1'
        option 'type' 'bridge'
        option 'proto' 'static'
        option 'ipaddr' '192.168.1.1'
        option 'netmask' '255.255.255.0'

config 'interface' 'wan'
        option 'ifname' 'eth0.2'
        option 'proto' 'dhcp'
        option 'macaddr' '54:04:A6:1A:D2:42'

config 'switch'
        option 'name' 'rtl8366rb'
        option 'reset' '1'
        option 'enable_vlan' '1'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '1'
        option 'ports' '1 2 3 4 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '2'
        option 'ports' '0 5t'

Here is  output of 'ifconfig':

br-lan    Link encap:Ethernet  HWaddr F8:D1:11:2F:0D:86
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:799 errors:0 dropped:97 overruns:0 frame:0
          TX packets:626 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:84034 (82.0 KiB)  TX bytes:173273 (169.2 KiB)

eth0      Link encap:Ethernet  HWaddr F8:D1:11:2F:0D:86
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1215 errors:0 dropped:30 overruns:87592 frame:0
          TX packets:955 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:167252 (163.3 KiB)  TX bytes:204975 (200.1 KiB)
          Interrupt:4

eth0.1    Link encap:Ethernet  HWaddr F8:D1:11:2F:0D:86
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:815 errors:0 dropped:3 overruns:0 frame:0
          TX packets:626 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:85484 (83.4 KiB)  TX bytes:173273 (169.2 KiB)

eth0.2    Link encap:Ethernet  HWaddr 54:04:A6:1A:D2:42
          inet addr:xxx.113.67.36  Bcast:255.255.255.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:304 errors:0 dropped:0 overruns:0 frame:0
          TX packets:325 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:37272 (36.3 KiB)  TX bytes:26729 (26.1 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:20 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2227 (2.1 KiB)  TX bytes:2227 (2.1 KiB)

Here is output of  'route -n':

Kernel IP routing table
Destination     Gateway        Genmask         Flags Metric Ref    Use Iface
0.0.0.0           xxx.113.66.1  0.0.0.0         UG    0      0        0 eth0.2
xxx.113.66.0  0.0.0.0           255.255.254.0   U     0      0        0 eth0.2
192.168.1.0    0.0.0.0           255.255.255.0   U     0      0        0 br-lan

It looks quite normal.

Double check the ip addresses the client pcs get. See if they get ip addresses from the isp.

Just checked your query.  The PC's get local addresses from the router if I have DHCP on or I can set them up with a static ip such as 192.168.1.200 and a static DNS server such as 8.8.8.8 and they still cannot find the wan (internet).

SO.....

I just loaded openwrt-10.3.1 release 29592 for the D-link 825 into a brand new 825 and things are working nicely.   I think the switch configuration on the TP-Link is my problem.   One thing is for sure, my two internet connections here in my office are working okay!.

Here's what I want you to do.

Disconnect TL-WR1043ND from internet. Turn it off. Pull the ethernet cable out from the wan port.
Turn TL-WR1043ND on. Wait 2 minutes. Plug the ethernet cable back to the wan port.
Ping 8.8.8.8 and www.google.com within TL-WR1043ND.
Ping 8.8.8.8 and www.google.com from the clients.

1. Pinging 8.8.8.8. within TL-WR1043ND succeeds.
2. Pinging www.google.com within also succeeds.
3. Ping 8.8.8.8 from Window7 DOS command line fails.  Ping reports the icmp pkts being sent but none received.
4. Ping www.bell.ca from Windows 7 also fails.  But the DNS lookup works because an address gets resolved (and I have first flushed the dns cache using 'ipconfig /flushdns' to ensure my Windows machine doesn't know where to find www.bell.ca) .

Still stumped by this one.

www.bell.ca does not answer ping. That's all...

Greez !