RT-AX88U Vlan bridge/port questions

[torchddv]

Oops. nevermind. I'm deleting this post.

 

[torchddv]

OK, this is weird. I had other things to do for a few hours but left things on. When I came back, the computer plugged into eth4 had an IP address and can connect to the internet. I cannot ping a computer on br0 from br3 and vise-versa. I wonder what happened and why it took so long?

I was looking at the logs and can see services-start ran on boot. Looking at a listing of all iptables shows that firewall-start did it's thing correctly. I'm not sure how to verify when dnsmasq.conf.add got added, but I assume it must have at some point since the client eventually got an IP address in the correct subnet.

But as near as I can tell, nat-start never ran. Nothing in the log, and the iptables line it is supposed to add:

iptables -t nat -A POSTROUTING -s 192.168.150.0/24 -d 192.168.150.0/24 \
-o br3 -j MASQUERADE

does not appear in the nat rules list (iptables -t nat -L).

Any ideas why nat-start didn't run? Does that need to be in a separate script? Any reason it could not be added to the end of firewall-start?

 

[torchddv]

Using the terminal window, when I try to enter
iptables -t nat -A POSTROUTING -s 192.168.150.0/24 -d 192.168.150.0/24 \ -o br3 -j MASQUERADE
I get the error message "Bad argument ' -o' " . Which probably explains why nat-start failed. So I tried iptables -h and learned:

[!] --out-interface -o output name[+]
network interface name ([+] for wildcard)

Just to be sure I understand this error message correctly, the "Bad argument" is actually "br3", right? It being the argument for the -o option? Should the argument be "eth4" instead?

 

[ColinTaylor]

Using the terminal window, when I try to enter
iptables -t nat -A POSTROUTING -s 192.168.150.0/24 -d 192.168.150.0/24 \ -o br3 -j MASQUERADE
I get the error message "Bad argument ' -o' " . Which probably explains why nat-start failed. So I tried iptables -h and learned:

[!] --out-interface -o output name[+]
network interface name ([+] for wildcard)

Just to be sure I understand this error message correctly, the "Bad argument" is actually "br3", right? It being the argument for the -o option? Should the argument be "eth4" instead?

You have a syntax error. The "\" is the continuation character for when a command is split across multiple lines. If you're entering the command as a single line you should remove the \ character as it would become an escape character.

Bash Reference Manual

Bash Reference Manual

www.gnu.org

 

[torchddv]

You have a syntax error. The "\" is the continuation character for when a command is split across multiple lines. If you're entering the command as a single line you should remove the \ character as it would become an escape character.

Bash Reference Manual

Bash Reference Manual

www.gnu.org

Doh!

I copied it direct from the previously linked article. I guess his editor split the line. I am way outside my wheelhouse and floundering around in the dark here. Thanks for the help.

It works now. From the terminal anyway. The command was accepted without error message and appears in the nat table now. I'll make the change in the nat-start script, reboot and see what happens.

 

[torchddv]

I corrected the line in nat-start, and now that completes successfully, inserting the line into the nat table on reboot.

I wasn't sure if the dhcp service is handing out addresses on that subnet or not though. The client computer on br3 took some time before it could connect (but not nearly as long as yesterday -- minutes vs hours). There is no DHCP lease listed for that computer in the router's DHCP log (but there are new leases listed for all computers on the br0 network). Running ipconfig/all in a DOS window on the client shows the lease started yesterday, so it appears that machine just picked up where it left off rather than seeking a new lease.

ipconfig /renew on the client did restart the 24 hour lease on both client and in the DHCP lease log, so I think everything is working.