Joined: 16 Nov 2015 Posts: 6414 Location: UK, London, just across the river..
Posted: Sat Jun 25, 2022 9:12 Post subject:
the-joker wrote:
FYI I have Filter WAN NAT Redirection checked (it's a default setting afaik) had this issue and solved by assigning unique MACs to my routers interfaces, via Networking tab, since by default br0 has all such interfaces aggregated under it and the way DD-WRT works causes this by default.
and this makes a sense..
Time ago when i created my vlans and br, i did that too as i had an assumption that it may happen with that many devices after...
i haven't used STP option yet...but i do have IGMP on the switch, i haven't got those spam reports yet...and i have another routers and switches and WAP connected to those vlans _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Sat Jun 25, 2022 11:01 Post subject:
I tried enabling STP once with the default br0 on my Broadcom, but given other defaults and topology with two switches, when STP was enabled, iirc it caused a lack of communication throughout the LAN clients beyond the unmanaged switches.
I didn't look to see what switches support maybe laziness, both unmanaged switches are different brands bought at different years, albeit both 8 port gigabit switches, the cheapest I could find at the time from D-Link, and one Netgear semi decent prosafe GS108.
I then later (on my current residence) wanted to replace both unmanaged switches with a single managed switch which would allow for a finer grained switch config and control over individual ports and traffic and this setup would have been live as soon as all the cabling was pulled and terminated thoughout the house. Problem is now due to a recent change on my personal circumstances, Im moving out of this property and no longer care about this setup at this property. Switch was tested and worked fine but now is back to being boxed.
I thought i had fixed this issue by changing the mac addresses in Networking hence changing the thread to solved however br1: received packet on eth1.3 with own address as source address is back again in logs!
root@R7800:~# ifconfig | grep HWaddr
br0 Link encap:Ethernet HWaddr 14:xx:xx:xx:08:97
br1 Link encap:Ethernet HWaddr 14:xx:xx:xx:08:98
eth0 Link encap:Ethernet HWaddr 14:xx:xx:xx:08:96
eth1 Link encap:Ethernet HWaddr 14:xx:xx:xx:08:95
eth1.3 Link encap:Ethernet HWaddr 14:xx:xx:xx:08:95
oet2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
oet3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
xx has been added/changed on forum post to keep macs private before someone says that's not an mac address lol.
If i change eth1.3 mac and reboot it goes back to the original address even though it has a different mac in field until i press apply on the networking page then it applies it that address, that then stays until a reboot it goes back again.
I have even tried using a mac address from an old broken R8000 so i know the mac is a working mac.
Confused by log output because br1 has a different mac to eth1.3 anyway?
eth1 has the same mac as eth1.3 but assigned to different bridges.
any further advice on this? _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Is there a cli command to try and force it to save the mac address for eth1.3?
No messages when i have a different mac saved but after reboot the original one is back.
would it be something like
nvram set eth1.3_hwaddr=AA:AA:AA:AA:AA:AA
nvram get eth1.3_hwaddr
mvram commit
reboot _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
No further help with this dam message in log then?
Turned it klogd off now as i am just getting pages after pages of this annoying message, i have changed mac addresses as advised and posted the hwaddr output, so is this now a bug LOL? _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Joined: 18 Mar 2014 Posts: 12840 Location: Netherlands
Posted: Mon Jul 25, 2022 13:53 Post subject:
foz111 wrote:
I can only assume this is some bug, last time i seen this message (after last upgrade) i noticed the USB had not mounted correctly and after applying settings on USB page i no longer had error messages in log.
Now the message has stopped after removing the Ethernet cable on the VLan port for a few minutes and reconnected it.
I have not ever seen this message until upgrading a few builds ago.
STP is disabled on br1
Joined: 16 Nov 2015 Posts: 6414 Location: UK, London, just across the river..
Posted: Mon Jul 25, 2022 17:05 Post subject:
egc wrote:
foz111 wrote:
I can only assume this is some bug, last time i seen this message (after last upgrade) i noticed the USB had not mounted correctly and after applying settings on USB page i no longer had error messages in log.
Now the message has stopped after removing the Ethernet cable on the VLan port for a few minutes and reconnected it.
I have not ever seen this message until upgrading a few builds ago.
STP is disabled on br1
Have you tried with STP on on br1?
I am trying to duplicate you problem but everything seems to work only thing I noticed is that the port numbering is backwards (I set port 4 on vlan3 but that is port 1 on the router) and I thought that was corrected some time ago
I do have 4 vlans with DNS & DHCP on separate (br) on my R7800 and ap & net isolation +
iptables -I FORWARD -i br+-o br+ -m state --state NEW -j REJECT
so, far ive never had such a message... i don't use STP and i do have those mac's changed
what i suspect is a compromised device that wants to push back...may be..
egc and yep R7800 ports still opposite/reversed, but its never been an issue, in the past BS did change those and reverted back as you mentioned...
and yep if you change MAC's some of those are reported different with ifconfig and nvram show | grep hwaddr ect.
but on GUI if you change those stay on reboot...oddly... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 08 May 2018 Posts: 14129 Location: Texas, USA
Posted: Mon Jul 25, 2022 17:31 Post subject:
egc wrote:
I am trying to duplicate you problem but everything seems to work only thing I noticed is that the port numbering is backwards (I set port 4 on vlan3 but that is port 1 on the router) and I thought that was corrected some time ago
Joined: 18 Mar 2014 Posts: 12840 Location: Netherlands
Posted: Mon Jul 25, 2022 18:13 Post subject:
I actually did not touch the MAC addresses so br0 br1 and eth1.3 all have the same MAC address.
In theory, as far as I understand, that should not pose a problem as br0 and br1 are on different subnets and eth1.3 does not have an ip address (as it is bridged to br1).