From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <moeller0@gmx.de>
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21])
	(using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(Client CN "mout.gmx.net",
	Issuer "TeleSec ServerPass DE-1" (verified OK))
	by huchra.bufferbloat.net (Postfix) with ESMTPS id 1527B21F1DB
	for <cerowrt-devel@lists.bufferbloat.net>;
	Mon, 24 Feb 2014 05:29:26 -0800 (PST)
Received: from u-089-cab204a2.am1.uni-tuebingen.de ([134.2.89.3]) by
	mail.gmx.com (mrgmx002) with ESMTPSA (Nemesis) id
	0LdYxu-1WzY8Z3xNy-00ihu8 for <cerowrt-devel@lists.bufferbloat.net>;
	Mon, 24 Feb 2014 14:29:21 +0100
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Sebastian Moeller <moeller0@gmx.de>
In-Reply-To: <CACCCjEVE+Un+M2vKm=SaHw-7-mPqVCByxZToQX-Xmz43j2YUYg@mail.gmail.com>
Date: Mon, 24 Feb 2014 14:29:23 +0100
Content-Transfer-Encoding: quoted-printable
Message-Id: <FD42C948-91EA-42D4-A585-9BC95BCDED59@gmx.de>
References: <CACCCjEXdFP40pa_4L3gAK8kyCq_Qj2tZF-VEFqNGp9=jS4JpYg@mail.gmail.com>
	<20140223172140.GB24483@lists.bufferbloat.net>
	<530A4791.8080903@ashtonfam.org>
	<CACCCjEXibgeepGo67ZSfx21NwRik8C+5x4Z5J7kroSGY1oPETA@mail.gmail.com>
	<128185AE-918F-4944-BB45-B5D20A1AD1E5@gmx.de>
	<CACCCjEVE+Un+M2vKm=SaHw-7-mPqVCByxZToQX-Xmz43j2YUYg@mail.gmail.com>
To: Vincent Frentzel <zcecc22@c3r.es>
X-Mailer: Apple Mail (2.1510)
X-Provags-ID: V03:K0:tbu7BXVZ3UDlIqN6NLwjqM36AVqr6ZzzBpfQZil5Ep6OTggkSN2
	e00RRNzEgtWB6RV2iyj7v8wjxCnX0oJ0lbK+xvbvzXkZ2G186aUKSnpCNp+Rw8d6Ldvw7ou
	5rySjIS+dlvpsbVNna3zs36V0Q5akUDWoIuj+m6R0ovhjEvDjG2NgG4jiilEovQwjZzrO6s
	F9VlB18JRI9TXQFPuncNg==
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] saner defaults for config/firewall
X-BeenThere: cerowrt-devel@lists.bufferbloat.net
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Development issues regarding the cerowrt test router project
	<cerowrt-devel.lists.bufferbloat.net>
List-Unsubscribe: <https://lists.bufferbloat.net/options/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=unsubscribe>
List-Archive: <https://lists.bufferbloat.net/pipermail/cerowrt-devel>
List-Post: <mailto:cerowrt-devel@lists.bufferbloat.net>
List-Help: <mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=help>
List-Subscribe: <https://lists.bufferbloat.net/listinfo/cerowrt-devel>,
	<mailto:cerowrt-devel-request@lists.bufferbloat.net?subject=subscribe>
X-List-Received-Date: Mon, 24 Feb 2014 13:29:26 -0000

Hi Vincent,


On Feb 24, 2014, at 11:05 , Vincent Frentzel <zcecc22@c3r.es> wrote:

>=20
>=20
>=20
>         I could be totally out for lunch here, but shouldn't that be =
se00 (secure ethernet) instead of eth0.1? At least on 3.10.28-14 neuter =
"ifconfig" nor /etc/config/network mentions eth0.1 at all. Could you =
post both of these (so the result of calling ifconfig on a terminal on =
the router and the content of /etc/config/network ;), I am sure you know =
what I meant, just dying to be verbose for the sake of people stumbling =
over the archive of the mailing list)
>=20
>=20
> Hi Sebastian,
>=20
> Understood. I will come back to you with the ifconfig.
>=20
> For info, I did try both se00 and eth0.1.

	Ah, okay, so I was out for lunch then ;)

> The reason I stuck with eth0.1 was that barrier breaker usually uses =
eth0.1 for br-lan with vlan enabled (eth0.1 appears in Luci in cerowrt).

	Why do you need vlan at all for bridging (honest question, I =
really do not know whether that is requirement in current openwrt or =
not)?

> So in cero I just reenabled the vlan and used a type "bridge" on the =
network section (I renamed this section se99 instead of se00).=20
>=20
> I then added se99 it to the "lan" zone of the firewall. In the =
wireless config I specified network as "se99" instead of sw10 and sw00. =
I confirmed that the setup was correct in the web interface where eth0.1 =
sw00 and sw10 appeared under the new bridged interface ( there was the =
nice icon with the iface in brackets).
>=20
> I went on to modify the dhcp config of se00 and changed se00 =
occurences for se99 and commented out entries for sw10/sw00. --> this =
would give me dhcp running on my new bridge.
>=20
> After a dnsmasq restart dnsmasq.conf shows the dhcp ranges line with =
interface se99. (I was expecting to see br-se99 but maybe that file is =
alias aware, could be wrong here).
>=20
> After a network restart I lost connectivity on cable. Wireless was =
working.

	Did you confirm that both radios are bridged now?

>=20
> I played a tad more and eventually lost wifi as well and had to =
reflash the router via tftp/factory image (maybe there is a reset trick =
you could give me to avoid this step).

	Caveat, I am a simple cerowrt user, so don't expect too much; I =
have found o alternative to the tftp method if the router can not be =
reached over any of the interfaces anymore.

>=20
> Are you running cerowrt in bridge mode?

	No, I stick to the default routed mode. I fully bought not =
Dave's reasoning here and hope that we end up being able to make all =
essential services work over routing ;) (At home I have a smb-server on =
the wired segment and two notebooks that occasionally want to reach that =
server, running samba server on the router is sufficient for name =
resolution to work, mind you the notebooks are both macs so I have no =
idea whether that would work with windows clients...)

> If yes could you share your network/firewall/dhcp config? Is there =
another file I should have edited and missed?

	Sorry, I have no idea.

Best Regards
	Sebastian

>=20
> Cheers,
> V