Posted: Mon Mar 01, 2021 21:23 Post subject: Establishing PPPoE stops internal VLAN connectivity [SOLVED]
Asus RT-AC88U (AC-3100) / r45767
Everything works beautifully when Connection Type is set to DHCP (temporary double NAT behind existing router). But plugging in a separate modem and swapping to PPPoE kills both internal and external connectivity on the VLAN only - yet the main bridge works fine.
Quote:
nvram set vlan1ports="1 2 3 5 7*"
nvram set vlan2ports="4 7u"
nvram set vlan7ports="0 7"
nvram set port4vlans="7"
nvram set vlan7hwname=et0
nvram set rc_startup='
#!/bin/ash
PATH="/sbin:/usr/sbin:/bin:/usr/bin:${PATH}"
vconfig add eth0 7
ifconfig vlan7 192.168.7.1 netmask 255.255.255.0
ifconfig vlan7 up
rc restart
'
nvram set dnsmasq_options='
interface=vlan7
dhcp-option=vlan7,3,192.168.7.1
dhcp-range=vlan7,192.168.7.100,192.168.7.200,255.255.255.0,3600
interface=br0
dhcp-option=br0,3,192.168.1.1
dhcp-range=br0,192.168.1.100,192.168.1.200,255.255.255.0,3600
'
nvram set lan_proto="static"
# Set PPPoE credentials but do not use them yet: WAN DHCP is still enabled
nvram set ppp_username="<username>"
nvram set ppp_passwd="<password>"
nvram commit
After reboot, we do not yet have external connectivity but a device on the VLAN with an IP 192.168.7.x can ping the DD-WRT router at 192.168.7.1. Start pinging that router...
Quote:
nvram set wan_proto="pppoe"
nvram commit
Device is still reporting successful pings
Quote:
GUI: Status -> WAN -> Connect
Once PPPoE is established, pings stop: "Request timed out" / "Destination net unreachable"
At this point, PPPoE is running fine and devices on the main bridge have internal & external connectivity. But devices on the VLAN cannot even see their own gateway.
I've looked at iptables before and after connection is established and compared it to the chains when it works under DHCP. There are a few changes, mainly swapping 'vlan2' for 'ppp0', but even removing a couple of additional rules does not help.
Why would establishing a PPPoE connection break a VLAN?! And how can I fix it so that the VLAN has external connectivity?
Thank you.
Last edited by CtrlAltBeer on Tue Mar 02, 2021 16:10; edited 1 time in total
For whatever reason, it turns out that dnsmasq doesn't like VLANs. Or, at least, it didn't like the dnsmasq_options I had set for vlan7 above. br0 was always fine. And vlan7 was fine too, until PPPoE established a connection.
Instead, I've removed the dnsmasq config entries for vlan7 and under Setup -> Networking -> Network Configuration vlan7 I've 'Unbridged' it and entered the IP manually. Then at the bottom of the page I've added a DHCP service for that interface. Some guides tell you to do it this way; some guides tell you to do it through dnsmasq. For VLANs, I've found that the GUI wins over dnsmasq.
It's not what I would call perfect. When the router boot up, PPPoE connection happens pretty quickly but then 'rc restart' kills it again. So I have to wait for it to automatically reconnect. Without 'rc restart', the VLANs never connect at all: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=328309. But once it settles down, it's all good.
I was trying to do as much as possible through the CLI because I'd started down that route once I learnt that the VLAN page doesn't work, at least on this router. It's easier to rebuild after erasing, for one thing. But you don't always know that you're doing it right.
Scroll down to "VLAN Detached Networks (Separate Networks With Internet)" link.
Looks like you were trying to do it the old way, but I guess PPPoE does also have some part to play in this scenario as well as it being *this* particular router. Glad you got it figured out _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net