Bridge eth0 and eth2 for lan and internet access on OpenWRT

1

0

I have installed and configured an OpenWRT Router on top of a virtual machine in virtualbox according to this guide. But I have configured three interfaces instead of two to the guest machine.

eth1 is set up as a Bridged adapter for internet access.

eth0 and eth2 is set up as internal network interfaces.

For those not familiar with virtualisation, this would be exactly the same as a physical machine with 3 NIC, whereas one is connected to the external lan and the other two to anything else (computer, tv-box etc).

Problem is that I can't bridge eth0 and eth2 properly. I get DHCP on both interfaces, but only internet on one of them (eth0). Also, the one without internet can't ping the gateway (192.168.1.1) or any other host, so I assume it is a routing problem or something.

Heres the routers config:

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config interface 'lan'
    option gateway '192.168.1.1'
    option type 'bridge'
    option proto 'static'
    option ipaddr '192.168.1.1'
    option netmask '255.255.255.0'
    option ip6assign '60'
    option _orig_ifname 'eth0 eth2'
    option _orig_bridge 'true'
    option ifname 'eth0 eth2'

config interface 'wan'
    option ifname 'eth1'
    option proto 'dhcp'

config interface 'wan6'
    option ifname 'eth1'
    option proto 'dhcpv6'

config globals 'globals'
    option ula_prefix 'fd43:be0a:1a40::/48'


root@OpenWrt:~# cat /etc/config/dhcp

config dnsmasq
    option domainneeded '1'
    option boguspriv '1'
    option filterwin2k '0'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan/'
    option domain 'lan'
    option expandhosts '1'
    option nonegcache '0'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases'
    option resolvfile '/tmp/resolv.conf.auto'
    option localservice '1'

config dhcp 'lan'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option dhcpv6 'server'
    option ra 'server'
    option ra_management '1'

config dhcp 'wan'
    option interface 'wan'
    option ignore '1'

config odhcpd 'odhcpd'
    option maindhcp '0'
    option leasefile '/tmp/hosts/odhcpd'
    option leasetrigger '/usr/sbin/odhcpd-update'

Output of brctl show:

root@OpenWrt:~# brctl show
bridge name bridge id       STP enabled interfaces
br-lan      7fff.080027133027   no      eth0
                                        eth2

And ifconfig:

root@OpenWrt:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 08:00:27:13:30:27
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fd43:be0a:1a40::1/60 Scope:Global
          inet6 addr: fe80::a00:27ff:fe13:3027/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6116 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6305 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:549793 (536.9 KiB)  TX bytes:9147104 (8.7 MiB)

eth0      Link encap:Ethernet  HWaddr 08:00:27:13:30:27
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6211 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9142 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:642539 (627.4 KiB)  TX bytes:13486722 (12.8 MiB)

eth1      Link encap:Ethernet  HWaddr 08:00:27:84:95:30
          inet addr:192.168.0.44  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe84:9530/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8215 errors:0 dropped:12 overruns:0 frame:0
          TX packets:4269 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:8732792 (8.3 MiB)  TX bytes:455021 (444.3 KiB)

eth2      Link encap:Ethernet  HWaddr 08:00:27:FA:D4:2F
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6 errors:0 dropped:0 overruns:0 frame:0
          TX packets:45 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:516 (516.0 B)  TX bytes:2752 (2.6 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:66 errors:0 dropped:0 overruns:0 frame:0
          TX packets:66 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:5701 (5.5 KiB)  TX bytes:5701 (5.5 KiB)

Output of route:

root@OpenWrt:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.0.1     0.0.0.0         UG    0      0        0 eth1
192.168.0.0     *               255.255.255.0   U     0      0        0 eth1
192.168.0.1     *               255.255.255.255 UH    0      0        0 eth1
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan

How can i properly bridge eth0 and eth2 for internet / LAN access just like a normal router LAN interface would? Seems like I am missing something.

Update: Just had a look at the arp table in OpenWRT and noticed that the DFGW 192.168.1.1 does not have an entry. Could this be one of the problems?

root@OpenWrt:~# arp
IP address       HW type     Flags       HW address            Mask     Device
192.168.1.147    0x1         0x2         08:00:27:cc:b8:55     *        br-lan
192.168.0.44     0x1         0x0         00:00:00:00:00:00     *        br-lan
192.168.0.40     0x1         0x2         78:24:af:41:89:b9     *        eth1
192.168.1.215    0x1         0x2         08:00:27:df:61:b1     *        br-lan
192.168.0.1      0x1         0x2         10:da:43:c3:6e:66     *        eth1
192.168.0.1      0x1         0x0         00:00:00:00:00:00     *        br-lan
192.168.1.2      0x1         0x2         08:00:27:c3:58:80     *        br-lan

hrdy

Posted 2017-02-21T15:45:13.553

Reputation: 65

The OpenWRT setup looks fine to me. How are eth0 and eth2 handled in virtualbox? How do you want to use them outside of the VM? How do you figure you "don't have internet" on eth2? Maybe you want veth-pairs for both, and use the other end outside the virtual machine to whatever your purpose is? – dirkt – 2017-02-21T16:30:55.320

Eth0 is used as a internal network with all the other VMs. Eth2 is a bridged adapter for a physical network outside the setup. Both set ups works separately. I have checked by swapping the settings in the network configuration. But can't get them both to work at the same time. – hrdy – 2017-02-21T16:45:02.370

So eth2 is bridged twice, once inside the VM and once outside? Maybe that is the problem. Can you replace one bridge with a different construction? Like a veth-pair, with each end separately bridged? Or is it already one? – dirkt – 2017-02-21T17:32:10.413

Not sure what a veth-pair is. Will have too look that up. As it is now, the network interface is just set to manual up on the Ubuntu host and then configured as a bridged adapter in Virtualbox for the VM. And in the Vemyra holding OpenWRT eth0 and eth2 is set to be bridged together as one bridge called be-lan. As I said earlier, the setup works for either VMs or External network if the bridge only contains one interface. But when adding two interfaces to the bridge, only one (the first one) works. – hrdy – 2017-02-21T18:34:38.507

Just read up on veth-pair and does not seem like something that will work for this scenario unless you have a good idea about how to do it? The interface connected as an "Bridged interface" in VB towards the vm seems to be the only solution afaik. And I don't have enough knowledge about OpenWRT to whip up a solution inside there either. Any advise is more than welcome! – hrdy – 2017-02-21T19:20:39.860

So isn't there anything more to creating a bridge in OpenWRT? No routing or gateway manipulation needed? Only add interface to bridge and then it should work? Seems too easy almost.. – hrdy – 2017-02-22T07:23:15.470

Alright. I testet to use eth2 as another "Internal network" instead of a bridge and the same happens there. So the problems is not with eth2 being bridged two times. Have to be something in the OpenWRT configuration. So now both eth0 and eth2 is configured as "Internal Network". The first as "intnet" and the second as "routerInternal". And then I set up one machine per network in VB to test. Both gets IP but only one has access to internet. Also, the one without internet still can't pint the GW 192.168.1.1. Seems more and more like a routing problem. But anything Ive tested so far fails. – hrdy – 2017-02-22T07:36:04.063

Also, the router itself can not ping the client that is without internet. One of them is 192.168.1.215. This is the one connected to eth2. Gets IP and DFGW thru the DHCP of OpenWRT but not connectivity whatsoever. – hrdy – 2017-02-22T08:18:45.570

The interest in OpenWRT seems very limited when trying to get support on a matter. Is there any other Router software that might be better for me to try out? I've been looking around a little, but can't find anything that seems as good as OpenWRT. – hrdy – 2017-02-24T06:42:57.520

Answers

0

Just solved this one on my own. Turns out I overthinked the whole solution. Only one interface is needed. I assigned the physical interface of the host to the VM's as well. So instead of creating one bridge for the internal network of the VM's i just used the same interface for everything. All Virtual and physical machines now share the same LAN connected to the OpenWRT assigning IP's and serving as a DNS-forwarder. Not sure how I didn't think of this solution earlier.

hrdy

Posted 2017-02-21T15:45:13.553

Reputation: 65

Asked: 2017-02-21T15:45:13.553

Viewed: 1 900 times

Active: 2017-02-24T15:58:52.193