Kalcifer

Kalcifer , 5 months ago to Selfhosted in Backing-up Single Board Computer

Did you forget to complete your reply, or did it perhaps glitch out?

Kalcifer OP , 5 months ago to homelab in Does Avahi work over a bridged network?

Afaik, an mDNS reflector is only needed to cross subnets -- both subnets and mDNS function on layer 3. Bridging occurs on layer 2, and since mDNS functions in layer 3 (ipv4 multicast is layer 3), the bridge itself is invisible to it.

Kalcifer OP , 5 months ago to homelab in Does Avahi work over a bridged network?

👀

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

I'm now encountering another issue where I can't ping any external IP's. I don't mean that DNS isn't resolving (I set that on Router B to use Router A as the DNS resolver), but the I can't ping, say, google.com, for example, from a device on Router B. I can see the ICMP requests in Wireshark, but they just say "no response".

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Alright, I now am able to ping a device on Router B from a device on Router A, but I'm still not able to ping a device on Router A from a device on Router B.

Here's the firewall settings for Router B:

lan zone:

• Input: accept
• Output: accept
• Forward: accept
• Masquerading: false (unchecked)
• MSS clamping: false (unchecked)
• Covered Networks: lan
• Allow forward to destination zones: wan, wan6, wwan
• Allow forward from source zones: wan, wan6, wwan

wan zone:

• Input: accept
• Output: accept
• Forward: accept
• Masquerading: false (unchecked)
• MSS clamping: true (checked)
• Covered Networks: wan, wan6, wwan
• Allow forward to destination zones: lan
• Allow forward from source zones: lan

EDIT:

Scratch that! apparently it is working. I could've sworn that I checked the ping. Maybe I subconciously applied something else.

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

If you WireShark this, I bet B is successfully sending packets to A and A’s devices, and A’s packets make it all the way to B but B doesn’t forward it to its own LAN, and it stops there.

Yep that's exactly what I see.

Can you post the output of ip ro and ip a on both routers? (Feel free to redact your public IP/ISP stuff if it shows up)

I would only be able to for one router. Router A is a tp-link AX73 which doesn't support OpenWRT. Router B, however, is a tp-link Archer C7 and is flashed with OpenWRT.

Kalcifer OP , 5 months ago to Selfhosted in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Indeed it is not. Do you, by chance, have any suggestions -- troubleshooting, alternatives, etc.?

Kalcifer OP , 5 months ago (edited 5 months ago) to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Hrm, I still have the same issue. Here's the firewall settings:

lan zone:

• Input: accept
• Output: accept
• Forward: accept
• Masquerading: false (unchecked)
• MSS clamping: false (unchecked)
• Covered Networks: lan
• Allow forward to destination zones: wan, wan6, wwan
• Allow forward from source zones: unspecified

wan zone:

• Input: accept
• Output: accept
• Forward: accept
• Masquerading: false (unchecked)
• MSS clamping: true (checked)
• Covered Networks: wan, wan6, wwan
• Allow forward to destination zones: unspecified
• Allow forward from source zones: lan

EDIT: I didn't see your edit, as I hadn't refreshed the page.

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Ok, so, I'm ending up with an issue where I can ping Router A from a device on Router B, but I get Destination Port Unreachable if I try to ping a device on Router A. Likewise, I can ping Router B from a device on Router A, but I get Destination Port Unreachable if I try to ping a device on Router B.

I have the route added to Router A (192.168.1.0/24 via 192.168.0.2), I have masquerading turned off for wan on Router B.

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Ah, I see. You’re using 2 wifi access points as a bridge to each other.

Yeah, this is a requirement for how I am trying to implement it.

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

Alright, I'll give your suggestion a go.

Make B have its own subnet, say, 192.168.1.0/24, assuming that A is on 192.168.0.0/24. Enable DHCP and everything, it’s now it’s own full network.

Done.

Make B a client of A with a static IP, like 192.168.0.2. That makes B present on A’s network.

Done.

Add a route on A for B’s network: 192.168.1.0/24 via 192.168.0.2.

I think I set this right: Network->Routing->Add->(Interface: wwan, Route type: unicast, Target: 192.168.0.1/24, Gateway: 192.168.1.1)

Disable NAT on B, just set A as the default route.

How would I go about doing this? I can't find any definitive information on how to disable NAT in OpenWRT.

The only thing missing would be to handle broadcasts so stuff like Bonjour/Avahi works correctly.

I do need this. I believe this would then require an mDNS reflector, right (it wasn't required before as relayd was bridging the networks)?

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

OP - how is router B cabled?

For the bridge, it's set up over a wifi connection to Router A. For the Nextcloud server, it's just connected to one of the LAN ports on Router B.

Kalcifer OP , 5 months ago to homelab in [WORKAROUND] Nextcloud portforward stops working when it is moved to a bridged network

That’s… interesting. Router B shouldn’t be involved at all with this, it should be blindly forwarding the packets. That’s a layer 3 error!

Indeed! I'm quite stumped.

How’s the bridge set up?

I set it up using this guide.

Have you made sure router B doesn’t do DHCP [...]?

Yup, it's disabled.

Have you made sure router B [...] doesn’t take the IP of router A by accident?

Yep, it's set to be static.

Kalcifer , 5 months ago to Selfhosted in Backing-up Single Board Computer

[...] so there are other possibilities than a standard desktop computer.

Would you mind elaborating? I'm curious to know what you're referring to.

Kalcifer OP , 5 months ago to homelab in Does Avahi work over a bridged network?

I’m not familiar with how Avahi works, but I assume it uses broadcast packets.

It does, yeah; multicast DNS uses multicast packets e.g. 224.0.0.251 (ipv4).

Do you actually have routing between two networks, or is it just a wireless bridge?

It's just a wireless bridge.

Do broadcast packets transit the bridge?

They do.