Modify ↓
#21623 closed defect (not_a_bug)
TP-LINK 3020 no internet on wan
| Reported by: | pavel.masloff@… | Owned by: | developers |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | packages | Version: | Trunk |
| Keywords: | wan tplink-3020 | Cc: |
Description
Hi guys,
I have a problem. I have been attempting to follow this tutorial https://www.loganmarchione.com/2015/02/openwrt-with-openvpn-client-on-tp-link-tl-mr3020-3/ on how to separate home network from the ISP network. And gotten to the point "Unbridge LAN interfaces". So currently my router is acting as an access point - it's bridged with the wan interface. So I cannot have Internet and connect to the router via ssh at the same time. So the internet works ok, however I don't have my home network. At this point I have the following settings:
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd0:e55f:6b69::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '10.80.1.1'
config interface 'WAN'
option proto 'dhcp'
option ifname 'eth0'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/ar933x_wmac'
option htmode 'HT20'
option txpower '18'
option country 'SI'
config wifi-iface
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'maslick-sr'
option encryption 'psk2+ccmp'
option key 'password123'
/etc/config/firewall
config defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' list network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wan6 WAN' config forwarding option src 'lan' option dest 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-IGMP' option src 'wan' option proto 'igmp' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fc00::/6' option dest_ip 'fc00::/6' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-MLD' option src 'wan' option proto 'icmp' option src_ip 'fe80::/10' list icmp_type '130/0' list icmp_type '131/0' list icmp_type '132/0' list icmp_type '143/0' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config include option path '/etc/firewall.user' config rule option src 'wan' option dest 'lan' option proto 'esp' option target 'ACCEPT' config rule option src 'wan' option dest 'lan' option dest_port '500' option proto 'udp' option target 'ACCEPT'
When I do
uci delete network.lan.ifname uci delete network.lan.type uci commit network /etc/init.d/network restart
and plug the router's wan port into the ISP network, I don't have internet, but can ssh to the router:
root@OpenWrt:~# uname -a
Linux OpenWrt 4.1.13 #1 Wed Jan 6 18:45:30 UTC 2016 mips GNU/Linux
root@OpenWrt:~# ifconfig
eth0 Link encap:Ethernet HWaddr 30:B5:C2:09:E4:10
inet6 addr: fe80::32b5:c2ff:fe09:e410%4566360/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1340 errors:0 dropped:433 overruns:0 frame:0
TX packets:845 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:102770 (100.3 KiB) TX bytes:273282 (266.8 KiB)
Interrupt:4
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1%2000514776/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:2392 errors:0 dropped:0 overruns:0 frame:0
TX packets:2392 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:162244 (158.4 KiB) TX bytes:162244 (158.4 KiB)
wlan0 Link encap:Ethernet HWaddr 30:B5:C2:09:E4:10
inet addr:10.80.1.1 Bcast:10.80.1.255 Mask:255.255.255.0
inet6 addr: fe80::32b5:c2ff:fe09:e410%4566072/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9133 errors:0 dropped:0 overruns:0 frame:0
TX packets:1183 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:724527 (707.5 KiB) TX bytes:291343 (284.5 KiB)
root@OpenWrt:~# logread Tue Jan 5 12:56:14 2016 daemon.notice netifd: Interface 'wan' is setting up now Tue Jan 5 12:56:14 2016 daemon.notice netifd: Network device 'eth0' link is down Tue Jan 5 12:56:14 2016 daemon.notice netifd: Interface 'wan' has link connectivity loss Tue Jan 5 12:56:14 2016 daemon.notice netifd: wan (4058): Command failed: Permission denied Tue Jan 5 12:56:14 2016 kern.info kernel: [ 2262.819313] eth0: link up (100Mbps/Full duplex) Tue Jan 5 12:56:14 2016 kern.info kernel: [ 2262.822434] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready Tue Jan 5 12:56:14 2016 daemon.notice netifd: Network device 'eth0' link is up Tue Jan 5 12:56:14 2016 daemon.notice netifd: Interface 'wan' has link connectivity Tue Jan 5 12:56:14 2016 daemon.notice netifd: Interface 'wan' is setting up now Tue Jan 5 12:56:14 2016 daemon.notice netifd: wan (4073): udhcpc (v1.24.1) started Tue Jan 5 12:56:14 2016 daemon.notice netifd: wan (4073): Sending discover... Tue Jan 5 12:56:17 2016 daemon.notice netifd: wan (4073): Sending discover... Tue Jan 5 12:56:20 2016 daemon.notice netifd: wan (4073): Sending discover... Tue Jan 5 12:58:05 2016 daemon.info hostapd: wlan0: STA 7c:d1:c3:f8:14:11 WPA: group key handshake completed (RSN) Tue Jan 5 12:59:58 2016 daemon.notice netifd: Interface 'loopback' is now down Tue Jan 5 12:59:58 2016 daemon.notice netifd: Interface 'loopback' is disabled Tue Jan 5 12:59:58 2016 daemon.notice netifd: Network device 'lo' link is down Tue Jan 5 12:59:58 2016 daemon.notice netifd: Interface 'loopback' has link connectivity loss Tue Jan 5 12:59:58 2016 daemon.notice netifd: Interface 'wifi' is now down Tue Jan 5 12:59:58 2016 daemon.notice netifd: Interface 'wifi' is disabled Tue Jan 5 12:59:59 2016 daemon.notice netifd: wan (4073): Received SIGTERM Tue Jan 5 12:59:59 2016 daemon.notice netifd: Interface 'wan' is now down Tue Jan 5 12:59:59 2016 kern.info kernel: [ 2487.385241] eth0: link down Tue Jan 5 12:59:59 2016 daemon.notice netifd: Interface 'wan' is disabled Tue Jan 5 12:59:59 2016 daemon.notice netifd: Network device 'eth0' link is down Tue Jan 5 12:59:59 2016 daemon.notice netifd: Interface 'wan' has link connectivity loss Tue Jan 5 13:00:02 2016 daemon.warn netifd: You have delegated IPv6-prefixes but haven't assigned them to any interface. Did you forget to set option ip6assign on your lan-interfaces? Tue Jan 5 13:00:02 2016 daemon.notice netifd: Interface 'loopback' is enabled Tue Jan 5 13:00:02 2016 daemon.notice netifd: Interface 'loopback' is setting up now Tue Jan 5 13:00:02 2016 daemon.notice netifd: Interface 'loopback' is now up Tue Jan 5 13:00:02 2016 daemon.notice netifd: Interface 'wan' is enabled Tue Jan 5 13:00:02 2016 kern.info kernel: [ 2491.260431] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready Tue Jan 5 13:00:02 2016 daemon.notice netifd: Network device 'lo' link is up Tue Jan 5 13:00:02 2016 daemon.notice netifd: Interface 'loopback' has link connectivity Tue Jan 5 13:00:04 2016 daemon.notice netifd: radio0 (4156): Configuration file: /var/run/hostapd-phy0.conf Tue Jan 5 13:00:04 2016 kern.info kernel: [ 2492.441110] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready Tue Jan 5 13:00:04 2016 daemon.notice netifd: radio0 (4156): wlan0: interface state UNINITIALIZED->COUNTRY_UPDATE Tue Jan 5 13:00:04 2016 daemon.notice netifd: radio0 (4156): Using interface wlan0 with hwaddr 30:b5:c2:09:e4:10 and ssid "maslick-sr" Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4018]: exiting on receipt of SIGTERM Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: started, version 2.75 cachesize 150 Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC loop-detect inotify Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: DNS service limited to local subnets Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: using local addresses only for domain lan Tue Jan 5 13:00:04 2016 daemon.warn dnsmasq[4274]: no servers found in /tmp/resolv.conf.auto, will retry Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: read /etc/hosts - 4 addresses Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: read /tmp/hosts/dhcp - 0 addresses Tue Jan 5 13:00:04 2016 daemon.info dnsmasq[4274]: read /tmp/hosts/odhcpd - 0 addresses Tue Jan 5 13:00:05 2016 daemon.notice netifd: radio0 (4156): wlan0: interface state COUNTRY_UPDATE->ENABLED Tue Jan 5 13:00:05 2016 daemon.notice netifd: radio0 (4156): wlan0: AP-ENABLED Tue Jan 5 13:00:05 2016 kern.info kernel: [ 2493.694210] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready Tue Jan 5 13:00:05 2016 daemon.notice netifd: Network device 'wlan0' link is up Tue Jan 5 13:00:05 2016 daemon.notice netifd: Interface 'wifi' is enabled Tue Jan 5 13:00:05 2016 daemon.notice netifd: Interface 'wifi' is setting up now Tue Jan 5 13:00:05 2016 daemon.notice netifd: Interface 'wifi' is now up Tue Jan 5 13:00:05 2016 daemon.notice netifd: Interface 'wifi' has link connectivity Tue Jan 5 13:00:05 2016 user.notice firewall: Reloading firewall due to ifup of wifi (wlan0) Tue Jan 5 13:00:06 2016 kern.info kernel: [ 2494.819360] eth0: link up (100Mbps/Full duplex) Tue Jan 5 13:00:06 2016 kern.info kernel: [ 2494.822512] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready Tue Jan 5 13:00:06 2016 daemon.notice netifd: Network device 'eth0' link is up Tue Jan 5 13:00:06 2016 daemon.notice netifd: Interface 'wan' has link connectivity Tue Jan 5 13:00:06 2016 daemon.notice netifd: Interface 'wan' is setting up now Tue Jan 5 13:00:06 2016 daemon.notice netifd: wan (4345): udhcpc (v1.24.1) started Tue Jan 5 13:00:06 2016 daemon.notice netifd: wan (4345): Sending discover... Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4274]: exiting on receipt of SIGTERM Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: started, version 2.75 cachesize 150 Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC loop-detect inotify Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: DNS service limited to local subnets Tue Jan 5 13:00:06 2016 daemon.info dnsmasq-dhcp[4357]: DHCP, IP range 10.80.1.100 -- 10.80.1.249, lease time 12h Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: using local addresses only for domain lan Tue Jan 5 13:00:06 2016 daemon.warn dnsmasq[4357]: no servers found in /tmp/resolv.conf.auto, will retry Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: read /etc/hosts - 4 addresses Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: read /tmp/hosts/dhcp - 0 addresses Tue Jan 5 13:00:06 2016 daemon.info dnsmasq[4357]: read /tmp/hosts/odhcpd - 0 addresses Tue Jan 5 13:00:06 2016 daemon.info dnsmasq-dhcp[4357]: read /etc/ethers - 0 addresses Tue Jan 5 13:00:08 2016 daemon.info hostapd: wlan0: STA 7c:d1:c3:f8:14:11 IEEE 802.11: authenticated Tue Jan 5 13:00:08 2016 daemon.info hostapd: wlan0: STA 7c:d1:c3:f8:14:11 IEEE 802.11: associated (aid 1) Tue Jan 5 13:00:08 2016 daemon.info hostapd: wlan0: STA 7c:d1:c3:f8:14:11 WPA: pairwise key handshake completed (RSN) Tue Jan 5 13:00:09 2016 daemon.notice netifd: wan (4345): Sending discover... Tue Jan 5 13:00:12 2016 daemon.notice netifd: wan (4345): Sending discover...
I have to point out that I have an optical cable connected to a Milan MIL-SM801G Ethernet/optics switch (provided by the ISP).
Any ideas?
Thanks in advance!
Attachments (0)
Change History (3)
comment:1 Changed 2 years ago by nbd
- Resolution set to not_a_bug
- Status changed from new to closed
comment:2 Changed 2 years ago by pavel.masloff@…
How can I do that?
comment:3 Changed 2 years ago by pavel.masloff@…
Wrire now I ve done the "Unbridge LAN interfaces" part and here is what I got:
/etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '10.80.1.1'
config interface 'WAN'
option proto 'dhcp'
option ifname 'eth0'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'platform/ar933x_wmac'
option htmode 'HT20'
option txpower '18'
option country 'US'
list ht_capab 'SHORT-GI-20'
list ht_capab 'SHORT-GI-40'
list ht_capab 'RX-STBC1'
list ht_capab 'DSSS_CCK-40'
config wifi-iface
option device 'radio0'
option network 'lan'
option mode 'ap'
option ssid 'maslick-sr'
option encryption 'psk2+ccmp'
option key 'password123'
/etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option localservice '1'
config dhcp 'lan'
option interface 'lan'
option leasetime '12h'
option dhcpv6 'server'
option ra 'server'
option start '10'
option limit '20'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
/etc/config/firewall
config defaults option syn_flood '1' option input 'ACCEPT' option output 'ACCEPT' option forward 'REJECT' config zone option name 'lan' list network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wan6 WAN' config forwarding option src 'lan' option dest 'wan' config rule option name 'Allow-DHCP-Renew' option src 'wan' option proto 'udp' option dest_port '68' option target 'ACCEPT' option family 'ipv4' config rule option name 'Allow-Ping' option src 'wan' option proto 'icmp' option icmp_type 'echo-request' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-IGMP' option src 'wan' option proto 'igmp' option family 'ipv4' option target 'ACCEPT' config rule option name 'Allow-DHCPv6' option src 'wan' option proto 'udp' option src_ip 'fc00::/6' option dest_ip 'fc00::/6' option dest_port '546' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-MLD' option src 'wan' option proto 'icmp' option src_ip 'fe80::/10' list icmp_type '130/0' list icmp_type '131/0' list icmp_type '132/0' list icmp_type '143/0' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Input' option src 'wan' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' list icmp_type 'router-solicitation' list icmp_type 'neighbour-solicitation' list icmp_type 'router-advertisement' list icmp_type 'neighbour-advertisement' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config rule option name 'Allow-ICMPv6-Forward' option src 'wan' option dest '*' option proto 'icmp' list icmp_type 'echo-request' list icmp_type 'echo-reply' list icmp_type 'destination-unreachable' list icmp_type 'packet-too-big' list icmp_type 'time-exceeded' list icmp_type 'bad-header' list icmp_type 'unknown-header-type' option limit '1000/sec' option family 'ipv6' option target 'ACCEPT' config include option path '/etc/firewall.user' config rule option src 'wan' option dest 'lan' option proto 'esp' option target 'ACCEPT' config rule option src 'wan' option dest 'lan' option dest_port '500' option proto 'udp' option target 'ACCEPT'
Note: See
TracTickets for help on using
tickets.
You need to remove eth0 from the lan bridge if you want to use it as a WAN interface.