[SOLVED] Lost Web Interface - What Now?

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Fri Dec 24, 2021 20:12    Post subject: [SOLVED] Lost Web Interface - What Now? Reply with quote
I put bld r47900 on a Netgear R6700v3, from stock Netgear FW V1.0.4.106_10.0.80

Linux 4.4.294 #4763 SMP Mon Dec 20 05:24:28 +07 2021 armv7l

It's set up very similar to the very old DD-WRT router it replaced, AP/Gateway, wifi, but this router adds USB so plus Samba and DLNA. It has web gui access enabled, including over wifi. It was first deployed yesterday. I accessed the web gui several times yesterday.

Today, could not access the web GUI. Tried different browsers and different systems. It is still routering, still providing wifi, samba and DLNA are still working. It responds to a ping on its IP, and can telnet to it.

[Time Lapse] Power cycling it, I have web GUI access back.

At this point I'm a bit lost. What to do next? Is there some setting I should look at? Or some way to determine what is happening?

One thing I forgot to do when putting DD-WRT on it, is not using the CLI to do an nvram erase. Is that relevant? If so and I do it now, do I have to reconfigure the entire router again or can I save a config backup, clear it, and reload the config backup?


Last edited by mono on Wed Jan 05, 2022 17:14; edited 1 time in total
Sponsor
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Fri Dec 24, 2021 20:18    Post subject: Reply with quote
If you do a hard reset via CLI, it would be best to re-configure from scratch and not use an nvrambackup.bin file. You can take screenshots of each page and copy/paste any large text areas that will not show in doing so and save them for reference.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Wildlion
DD-WRT Guru


Joined: 24 May 2016
Posts: 1284

PostPosted: Fri Dec 24, 2021 20:20    Post subject: Reply with quote
if you can telnet into it... look for the http processes using ps.. if they have died... just restart with:

httpd -n -p 80


if this command fails or httpd dies again just reboot.. but look at logs if you can to see if there is any reason
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Fri Dec 24, 2021 20:36    Post subject: Reply with quote
Thanks for your replies. So is clearing NVRAM what you would do next or is there something else I should be looking at first?

It just seems strange that the web gui did work, including after a power cycle and reboot(s), then a ~dozen hours later it's stopped working with no config changes ("that I can recall") made since last GUI access. It was wired not wifi (didn't try wifi) access that I noticed failing, also wired to samba still worked.

Wildlion wrote:
if you can telnet into it... look for the http processes using ps.. if they have died... just restart with:

httpd -n -p 80


if this command fails or httpd dies again just reboot.. but look at logs if you can to see if there is any reason


This is possibly beyond my skill level. I don't know what "using ps" is or how to ID the http processes, nor how to tell if they have died. Once I get a telnet prompt after login, would just typing httpd -n -p 80 do the trick?

I will be rebooting and considering swapping old router back into service for the time being. Logs, I have to enable it making them right? Then how to see them? Is there any penalty leaving it logging a long time if it takes longer?

I will research the answers to these questions myself but it is a bit of a learning curve mountain to climb, looks like I need to put the old router back into service if nobody knows more about what would make the GUI process die.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Fri Dec 24, 2021 21:21    Post subject: Reply with quote
Via telnet or ssh: 'ps' or 'ps | grep http' (although, you shouldn't have to go *that* far). I literally log into the webUI, close out the browser window, and log in randomly several times over the course of days without issue. Sounds like a browser extension or other problem. It also could be the tcp recycle / reuse setting in sysctl that has been discussed. Of course, a hard reset 'nvram erase && reboot' will definitely tell you if it's corrupted nvram.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 0:03    Post subject: Reply with quote
Okay the GUI is still working right now, did a practice run and telnet ps | grep http gives me:

17642 root httpd -n -p 80
17693 root grep http

I also enabled logging and tried that at the CLI and with telnet, so am able to retrieve logs now.

Something I saw HERE got me wondering...

My old router, its IP Filter setting had Max Ports 4096. This router, Max Ports is 32768. Old router was used for P2P, and I had P2P running last night, would the higher max ports value potentially be an issue? The TCP and UDP timeouts were the same on both old and new router.

I'm sure it's not a browser extension, been using this browser setup for ages with the old DD-WRT router and when the web GUI wouldn't load, after power cycling the router, simply clicking refresh yet another time in the browser make it load.

I've started making screenshots of the setup in case NVRAM needs cleared, but want to give it a try with adjusted lower values for Max Ports, and for TCP/UDP timeouts even lower than the defaults that worked fine on the ancient router that was running DD-WRT v24-sp2

I'll have to look into that tcp recycle/reuse setting, have no idea what it is, or is it possibly not even present in the GUI for r47900 on an R6700 and only a command line variable parameter?
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Sat Dec 25, 2021 1:28    Post subject: Reply with quote
Go to http://your.router.ip.address/Sysctl.asp and look for:
Code:
tcp_tw_recycle
tcp_tw_reuse

and set them both to 0, save, ensure they stayed at 0 and then reboot the router.

P.S. That wiki applies to antique Broadcom MIPS and low-resource devices for the most part and there are settings in that wiki that have already been tweaked in builds since it was written as best I can gather. It was the same thing for all of the tweaks that Steve Jenkins recommended for the E4200v1 and others.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 2:40    Post subject: Reply with quote
Thanks. I never would have touched a single setting on that config page if someone didn't tell me to, way above my pay grade.

I set those... well recycle was already 0 but changed reuse from 1 to 0, saved, rebooted and both now still 0.

I didn't have any performance gripes with my old router (as far as applies to being limited to 4096 connections I mean) so may wait and see if the web GUI fails to load again, then put it back to the 32K default and wait and see.
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 20:33    Post subject: Reply with quote
This morning, web GUI still working after 10 hours uptime running P2P. Shut down P2P, rebooted router, mostly sitting idle since then.

Now approx 5 hrs later, web GUI gone again. Can anyone make sense of the attached log? Thanks!



R6700.txt
 Description:

Download
 Filename:  R6700.txt
 Filesize:  23.68 KB
 Downloaded:  54 Time(s)

kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Sat Dec 25, 2021 21:39    Post subject: Reply with quote
I don't see where httpd has died in the syslog, but I do see where it was restarted (manually?), although not sure what commands were used to do so. Is cron enabled on the Administration tab? Were you trying to access wirelessly with wireless webUI access disabled? This is probably something that is going to require specific configuration information to determine what is breaking. Are you using phone tethering as your WAN or sharing USB via IP or something?
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 22:13    Post subject: Reply with quote
Dec 25 14:53:47 R6700 auth.info login[4313]: root login on 'pts/0'

I logged in as shown on the log line above, then (not knowing what to do) issued telnet command httpd -n -p 80 and at the prompt it listed httpd server started, then can't bind to any address.

Cron is enabled.

I have never tried to access it wirelessly, always wired, but wireless is not disabled either, manually enabled it for both radios, IIRC.

There is no phone tethering, WAN is only straight to a cable modem. Not sure what sharing USB via IP is, I have a USB flash drive mounted, being shared through Samba and DLNA, nothing more.

There isn't anything advanced I'm trying to do with this router. Almost everything not mentioned has been left at the defaults. It's just a gateway/AP for a bunch of wifi clients (maybe dozen or so, I lost track) and besides the cable modem, single port connection to a GbE switch for the wired network.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Sat Dec 25, 2021 22:32    Post subject: Reply with quote
Because it probably never died. What exactly is meant by losing webUI access needs to be determined. I do not use the same browser for DD-WRT router access as I do for the rest of my internet surfing and I use private browsing mode, cache cleared, no add-ons or extensions, no saving of passwords, nada and I am not having issue on current releases on any devices. So, I honestly do not know what exactly is the problem here, but if it can't bind to an address, that may mean that httpd never died (ps | grep http would've shown if it had died or not). The httpd process is one of the few that will only run in one instance and one instance only, if I am not mistaken. This is very curious because in the past hour I have opened and closed a browser to access 3 different DD-WRT webUIs without a hitch.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 23:08    Post subject: Reply with quote
When I lost web gui access, I did a PS | grep http and it showed:
2078 root httpd -n -p 80
3083 root grep http

Lose Web GUI access means when I type the IP into the browser URL field, or use a shortcut, browser just shows "Connecting..." and never shows any sign of a connection, eventually times out, same as if I had input a lan IP that doesn't exist. At that point I can still ping the IP or telnet into it.

I can click refresh over and over, and the web GUI never loads, until I power cycle (or last time, used telnet reboot command) the router, then just clicking refresh one more time, brings up the web GUI immediately.

Same system and browser, 5 hours later today doing exact same thing, web gui won't load until telnet reboot command, then loads fine.

I have tried a different browser on same system, and a different system. All methods tried, work fine for my other DD-WRT routers and other devices.

Looking through what I wrote below, I did have USB over IP enabled, not sure if it appeared as enabled when I enabled USB support for Samba or if I manually enabled it. In either case, I disabled USB over IP, saved/rebooted, and Samba still works. Maybe that's it, would be nice!

I'll list what I see changed from the r47900 defaults. I hope this formats well...

Setup Tab /Basic Setup:
Router Name: R6700
IP: 192.168.0.1
Time Zone: New York

- Nothing else changed on Setup Tab

Wireless Tab / Basic Settings:
wl0 - Network Name & Mode NG-Mixed, wireless GUI access enabled

wl1 - Network Name & Mode AC/N-Mixed, channel width 80MHz, wireless GUI access enabled

Wireless Tab / Security:

Both wl0 & wl1 - WPA2-PSK AES & set a key

- Nothing else changed under Wireless Tab

Services /Services:

Set two IPs as static leases with no lease expiration input
System Log enabled
Telnet enabled

Services /USB:

Core USB Support Enabled
USB Storage Support Enabled
USB OVER IP was enabled, either it auto-enabled or I did it manually thinking it was needed for Samba or DLNA
I have now disabled USB over IP
. After reboot, Samba still works
Automatic Drive Mount Enabled
Use SES Button to remove drives enabled

Further down on Services/USB tab just shows it recognizes the EXT2 formatted USB flash drive assigned to sda1


Services /NAS:

Enabled Samba
Server String R6700
Workgroup: WORKGROUP
Set file sharing for mnt/sd1, name R6700, public, read/write access
Set users admin/pw, Access Shares R6700, and Samba checkmarked

MiniDLNA enabled
Enable Subtitles enabled
MiniDLNA Share set to /mnt/sd1, audio, video, images

- Nothing else changed under Services tab

Security Tab: Nothing Changed
Access Restrictions Tab: Nothing Changed

NAT/QoS Port Forwarding
Set one port for P2P box

- Nothing else changed under NAT/QoS tab, have not set up any QoS yet.

Administration Tab /Management:

Set User/PW,
Reduced IP Filters to 8192 ports, TCP Timeout 600s, UDP Timeout 60s - these were left at defaults and only changed after webgui access lost

Administration Sysctl: tcp_tw_reuse set to 0
- Nothing else changed under entire Admin tab.


Last edited by mono on Sat Dec 25, 2021 23:28; edited 1 time in total
mono
DD-WRT Novice


Joined: 09 Dec 2006
Posts: 31

PostPosted: Sat Dec 25, 2021 23:26    Post subject: Reply with quote
In the log I keep seeing the following loop for a time update, I guess it's set to do this once an hour?

Is "possible DNS-rebind attack detected: aB.ns.charter.com" significant? I was going to set DNS servers anyway but then this loss of web gui issue came up and further configuration ground to a halt.

Dec 25 09:12:12 R6700 daemon.warn dnsmasq[1483]: possible DNS-rebind attack dete
cted: aB.ns.charter.com
Dec 25 10:01:45 R6700 daemon.debug ntpclient[2845]: Connecting to 2.pool.ntp.org
[69.164.198.192] ...
Dec 25 10:01:45 R6700 daemon.info ntpclient[2845]: Time set from 2.pool.ntp.org
[69.164.198.192].
Dec 25 10:01:45 R6700 daemon.info process_monitor[2092]: cyclic NTP Update succe
ss (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Dec 25 10:12:13 R6700 daemon.warn dnsmasq[1483]: possible DNS-rebind attack dete
cted: aB.ns.charter.com
Dec 25 11:01:45 R6700 daemon.debug ntpclient[3141]: Connecting to 2.pool.ntp.org
[108.61.73.244] ...
Dec 25 11:01:46 R6700 daemon.info ntpclient[3141]: Time set from 2.pool.ntp.org
[108.61.73.244].
Dec 25 11:01:46 R6700 daemon.info process_monitor[2092]: cyclic NTP Update succe
ss (servers 2.pool.ntp.org 212.18.3.19 88.99.174.22)
Dec 25 11:03:00 R6700 daemon.info dnsmasq-dhcp[1483]: DHCPREQUEST(br0) 192.168.0
.132 94:de:80:2d:91:b3
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 12825
Location: Texas, USA

PostPosted: Sun Dec 26, 2021 0:06    Post subject: Reply with quote
NTP updates every hour by default, there is an nvram setting that you can manipulate to change it to whatever interval you choose. NOW, are you sure that you are pointing your browser to http://your.router.ip.address or is your browser defaulting to https? That is the only other thing I can think of because a lot of modern browsers are defaulting to https or https-only, which is a browser-specific setting/quirk. I probably should have thought of this sooner. EmbarassedRolling Eyes
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum