LAN routing problem on R7000P after r44251

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
extin
DD-WRT Novice


Joined: 09 Feb 2022
Posts: 2

PostPosted: Wed Feb 09, 2022 16:42    Post subject: LAN routing problem on R7000P after r44251 Reply with quote
I'm having a problem, where LAN traffic is not routed corretly to a virtual machine running on my server.

Any firmware after r44251 simply doesn't route some packets correctly. I can ping the VM ok, but I cannot access the Home Assistant server running on the VM port 8123. I can access the server hosting the VM and any other physical device on LAN but not the VM.

I can access the VM through Internet, so the VM seems to have some access to the network, but from inside LAN, all I can do is ping it.

I've tried resetting to factory settings after flash but nothing but reverting to max r44251 seems to work.

Any advice?
Sponsor
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Sun May 22, 2022 14:39    Post subject: Reply with quote
Welcome to forums.

Without knowing your exact setup would be hard to tell, but such 2 year old build you cant restore any backups when moving to current build, after reset a full reconfiguration would be needed from scratch.

Much has changed in DD-WRT since then, so it may jus be a case of making some adjustmnets to your configuration.

Please post screenshots of the setup and the output of iptables -vnL attached to your reply.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
extin
DD-WRT Novice


Joined: 09 Feb 2022
Posts: 2

PostPosted: Mon Jul 04, 2022 14:26    Post subject: Reply with quote
the-joker wrote:
Welcome to forums.

Without knowing your exact setup would be hard to tell, but such 2 year old build you cant restore any backups when moving to current build, after reset a full reconfiguration would be needed from scratch.

Much has changed in DD-WRT since then, so it may jus be a case of making some adjustmnets to your configuration.

Please post screenshots of the setup and the output of iptables -vnL attached to your reply.


Thanks for the reply and sorry for taking so long for me to reply. Didn't get a notification of the reply and forgot the thread.

Decided to move routing to an OPNsense router and ran into the same problem. Monitoring OPNsense firewall logs revealed, that TCP/SA packets from VM were dropped. Little searching pointed to an asymetric routing problem. OPNsense FW setting "Bypass firewall rules for traffic on the same interface" fixes things in OPNsense. I guess something is wrong in my VM -> LAN config that causes LAN packets showing up at the firewall.

This is purely speculation since I haven't tested, but maybe something changed in the SPI firewall of dd-wrt after build r44251 that triggers some FW rule if packet is routed asymetrically? Maybe I would have caught this if I'd turned on FW logging when I were figuring this out Embarassed

And forgot to mention, I did try newer builds after a full reset so I'm quite confident it's not a config issue.
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Mon Jul 04, 2022 14:30    Post subject: Reply with quote
Thanks for coming back to us, my previous post stands however.

Help us help you better, else, hands tied cannot type, blindfolded eyes cannot see.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157

PostPosted: Wed Jul 06, 2022 3:53    Post subject: Reply with quote
Is the VM guest bridged or NAT'd wrt the primary network?

Many OSes these days (and even servers/appliances) have firewalls that will NOT allow access by a different *private* network other than the one on which it is hosted. The fact a *public* IP from remote access works is yet another sign this is a firewall problem, NOT a routing problem.

That said, why a change in firmware on the dd-wrt router would make a difference, I don't know. Maybe you're running an OpenVPN server w/ the more recent firmware, and so the remote access is NOT via a public IP anymore, but yet another *private* IP, that of the tunnel (e.g., 10.8.0.0/24). Hard to know for sure, just speculating.

_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Wed Jul 06, 2022 12:28    Post subject: Reply with quote
Im wondering if there are any similarities between the subjects on the thread here.
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum