I can get the ip, but when I run ping 8.8.8.8 it cannot successful, but when I nslookup www.netgear.com it can work right it is so sranger.
who can help me.
thanks, water
You can try traceroute to look where problem is located. Dns entry can be cached by local system.
I guess your default route is not set up correctly,or you miss a static route if your device is not known by other router (e.g. main-router does not know subnet from client behind r64)
thanks for replying frank. after I capture the packets out of wwan0, the NAT have the errors the src port is always 53 which is use for dns, so when I ping 8.8.8.8 through LAN PC. after NAT the dest address is always dns gateway. do you have met this problem?
best wishes, Water
I guess you have errors on every port except your firewall is wrong setup. Maybe connection quality is not the best…have you connected antenna to right connector? Can you read out signal strengh?
Nat (masquerade) has to be setup on outgoing interface.
i do not see interface for this rule:
2233 165K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0 /* !fw3 */
can you ping 8.8.8.8 over this interface? then nat should work
i’m not sure…working some time with nftables where is much more readable. But first try to get direct connection working before forwarding
yeah, it can work right when I run ping on board use ssh terminal. but when I do everything at LAN PC all fail except nslookup. I think the reason why dns request successful is I run the dnsmasq on board and everything on board is normal. so the final reason I think is at NAT but I cannot see the error on it. I need to learn more.
Nat is also used if connection is done from board. So if all is working from board but not lan you have problem with routing/forwarding.
Do you use second gmac patches? Can you show “ip a” output?
hi frank,
before is normal when I use ethernet wan, but now I only have LTE, so I want to change to LTE.
ip a log is for you.log.txt (2.7 KB)
thanks, Water
If you create connection via lte you need to add default route to next hop (isp router) on r64,else you cannot work over it, else there should be no difference. Maybe a mtu change is needed,but ping should work without it
hi frank,
the default route setting may right. root@OpenWrt:~# ip route
default via 10.36.230.145 dev wwan0 proto static src 10.36.230.146
10.36.230.144/30 dev wwan0 proto kernel scope link src 10.36.230.146
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
root@OpenWrt:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.36.230.145 0.0.0.0 UG 0 0 0 wwan0
10.36.230.144 0.0.0.0 255.255.255.252 U 0 0 0 wwan0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br-lan
root@OpenWrt:~#
you have forwarding enabled? i guess this should be done in openwrt by default.
i wonder about the subnet 10 for public internet…your packets need a public ip-address before leaving your private net…and 10.x.x.x is private subnet
Mhm, i guess because of ipv4 shortage you get a /30 adress (in subnet 2 addresses customer/peer+net+broadcast).
So i guess your nat is not ist up correctly on wwan0,if it is working locally (no nat needed for local access,but for different subnet)
maybe, but I see some product can work right in the same subnet before.
yeah, I know we don’t need do NAT in the local.
What does work and what does not work? Maybe you need a tcp mtu adjustment if only protocols with larger packets affected (http for example).
If ping works from client,routing and nat is ok.
yeah, client is always fail to do access internet.
I will try to debug it with my little knowledge of it. hhh… anyway thanks for your reply, That’s the fun I get when I visit wikis
wishes, Water
hi frank,
I have accessed internet successful. the root cause is I cannot set the wwan0 into th network, even if I set the iptables rule right.
wishes, Water