Router cascade problems

roemmic9 · November 18, 2016, 8:35pm

Hi there,

I have been using a router cascade with an openwrt based router behind a fritzbox which I must use for internet access.
Now I wanted to replace my old openwrt based router with the turris omnia and I am seeing weird problems.

I used to be able to access the configuration webpages of my fritzbox from a computer connected to the openwrt router. The fritzbox has the ip 192.168.178.1. The turris omnia has the ip 192.168.1.1 and my computer behind the turris has 192.168.1.50. When I ping the fritzbox (192.168.178.1) everything appears to be fine, but the http webpage of the fritbox configuration does not load. When I revert back to my other openwrt based router (which assigns the same ip to my computer) everything is fine. I have no idea why the webpage should not load if I can ping the fritzbox.
For ipv6 access I set my fritzbox up for prefix delegation and enabled dhcpv6. This used to work just fine with my old openwrt router. The turris omnia has been set to dhcp for ipv6 wan. An ip adress and dns server are assigned and everything appears to be fine, but computers behind the turris omnia can not reach any ipv6 host on the internet (network is unreachable).

Any hints or ideas? Thanks for your help.

Ondrej_Caletka · November 18, 2016, 9:34pm

The only guess is a firewall inside the FritzBox allowing admin access only from the external address of former router not from the address of Omnia.

This could mean the DHCPv6 PD pool was depleted on the FritzBox side. Check the status of Omnia using command ifstatus wan6. You should see the assigned prefix under the "ipv6-prefix" item.

But both is just a guess.

roemmic9 · November 18, 2016, 10:45pm

Hi, thank you for your help.

I did check the status of the Omnia with the “ifstatus wan6” command. I can see that a \62 prefix has been assigned to the wan6 interface. All computers behind the Omnia receive ipv6 adresses. However, I can not reach any ipv6 host on the internet - I always get the error “network unreachable”.

The other problem (fritzbox configuration page not accessible) just vanished into thin air after a reboot of all devices.

Ondrej_Caletka · November 19, 2016, 10:32am

Can you try tracerouting from the Omnia and from the computer behind omnia? It would determine which device is responsible for that. Have you done some special setup regarding to IPv6? There should be visible assignment to the lan interface in the output of ifstatus wan6 command, like this:

    "ipv6-prefix": [
            {
                    "address": "2001:db8:ff05:4::",
                    "mask": 62,
                    "class": "wan6",
                    "assigned": {
                            "lan": {
                                    "address": "2001:db8:ff05:4::",
                                    "mask": 62
                            }
                    }
            }
    ],

If there is no such assignment, the filters in OpenWRT native IPv6 stack will block any IPv6 traffic originating from the lan interface.

roemmic9 · November 20, 2016, 11:43am

Thanks again for your help. I did a trace and the last reachable hop for ipv6 traffic is the fritzbox. So the omnia does not appear to be the problem.

FuelFlo · November 20, 2016, 1:19pm

To your fritzbox problem. This might be the problem: https://www.heise.de/netze/meldung/Neue-Top-Level-Domain-box-bringt-manche-Netze-durcheinander-3491185.html

Unfortunately I only found an article in german. Sorry. So basically the problem is, that .box became an official top level domain, so the DNS resolver might be trying to resolve that address outside of your network. And you might wanna put the IP of the fritz box into the hosts file on the turris.

Flo