1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

weird mac behaviour in shibby v114 on rt-ac66u

Discussion in 'Tomato Firmware' started by PetervdM, Oct 23, 2013.

  1. PetervdM

    PetervdM Network Guru Member

    hi all,

    i have a weird problem on shibby tomato-RT-AC66U_RT-AC6x--114-AIO-64K when using openvpn. the br0 mac address seems to be dependent on starting the gui configured openvpn server.
    this was OK in tomato-RT-AC66U_RT-AC6x--112-AIO-64K.

    this is ifconfig and brctl show in v112:

    Code:
    Tomato v1.28.0000 MIPSR2-112 K26AC USB AIO-64K
    ========================================================
     
    root@xxxxxxxxxx:tmp/home/root# ifconfig
    br0        Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              inet addr:xxx.xxx.xxx.254  Bcast:xxx.xxx.xxx.255  Mask:255.255.255.0
     
    eth0      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     
    eth1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DA
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    eth2      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DB
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
     
    tap21      Link encap:Ethernet  HWaddr 00:FF:DA:A9:4E:5A
              UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
     
    vlan1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    vlan2      Link encap:Ethernet  HWaddr C0:C1:C0:XX:XX:B1
              inet addr:xxx.xxx.217.34  Bcast:xxx.xxx.217.255  Mask:255.255.254.0
     
    root@xxxxxxxxxx:/tmp/home/root# brctl show
    bridge name    bridge id              STP enabled    interfaces
    br0            8000.ac220b30f8d8      no              vlan1
                                                            eth1
                                                            eth2
                                                            tap21
    
    the mac addres is the units mac address ac220b30f8d8, as it should be.

    this is ifconfig and brctl show in v114, no config changes made:
    Code:
    Tomato v1.28.0000 MIPSR2-114 K26AC USB AIO-64K
    ========================================================
     
    root@xxxxxxxxxx:/tmp/home/root# ifconfig
    br0        Link encap:Ethernet  HWaddr 00:FF:B9:B9:AF:97
              inet addr:xxx.xxx.xxx.254  Bcast:xxx.xxx.xxx.255  Mask:255.255.255.0
     
    eth0      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     
    eth1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DA
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    eth2      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DB
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
     
    tap21      Link encap:Ethernet  HWaddr 00:FF:B9:B9:AF:97
              UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
     
    vlan1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    vlan2      Link encap:Ethernet  HWaddr C0:C1:C0:XX:XX:B1
              inet addr:xxx.xxx.217.34  Bcast:xxx.xxx.217.255  Mask:255.255.254.0
     
    root@xxxxxxxxxx:/tmp/home/root# brctl show
    bridge name    bridge id              STP enabled    interfaces
    br0            8000.00ffb9b9af97      no              vlan1
                                                            eth1
                                                            eth2
                                                            tap21
    
    the mac address has changed to 00:FF:B9:B9:AF:97, the mac address of the openvpn adapter tap21.

    when i disable the autostart of the openvpnserver in the gui, everything is back to normal:
    Code:
    Tomato v1.28.0000 MIPSR2-114 K26AC USB AIO-64K
    ========================================================
     
    root@xxxxxxxxxx:/tmp/home/root# ifconfig
    br0        Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              inet addr:xxx.xxx.xxx.254  Bcast:xxx.xxx.xxx.255  Mask:255.255.255.0
     
    eth0      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     
    eth1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DA
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    eth2      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DB
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
     
    vlan1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    vlan2      Link encap:Ethernet  HWaddr C0:C1:C0:XX:XX:B1
              inet addr:xxx.xxx.217.34  Bcast:xxx.xxx.217.255  Mask:255.255.254.0
    
    after starting the openvpnserver from the gui the br0 mac address has changed again to the tap21 value:
    Code:
    root@xxxxxxxxxx:/tmp/home/root# ifconfig
    br0        Link encap:Ethernet  HWaddr 00:FF:D5:49:FC:A0
              inet addr:xxx.xxx.xxx.254  Bcast:xxx.xxx.xxx.255  Mask:255.255.255.0
     
    eth0      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     
    eth1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DA
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    eth2      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:DB
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    lo        Link encap:Local Loopback
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
     
    tap21      Link encap:Ethernet  HWaddr 00:FF:D5:49:FC:A0
              UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
     
    vlan1      Link encap:Ethernet  HWaddr AC:22:0B:XX:XX:D8
              UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
     
    vlan2      Link encap:Ethernet  HWaddr C0:C1:C0:XX:XX:B1
              inet addr:xxx.xxx.217.34  Bcast:xxx.xxx.217.255  Mask:255.255.254.0
     
    
    it seems the mac address of br0 is now set to the lowest mac address of the bridge members.
    this behaviour poses a problem to me because of macaddress dependencies in my firewall, so i had to go back to v112.

    ps. the wan address C0:C1:C0:XX:XX:B1 is necessary because of a dependency settin in my cable modem and is set in the gui.

    psps. the openvpn mac address is dynamically set at the start of the openvpn service in the range 00:ff:xx:xx:xx:xx. that also is a minor problem to me. i had a wrt610n router before, running dd-wrt with a manual configuration and a script to start the openvpn service. i was able to fix the mac address in that setup with this code in the startup script:
    Code:
    #!/bin/sh
    sleep 5
    killall openvpn
    sleep 1
    openvpn --mktun --dev tap0
    sleep 1
    ifconfig tap0 hw ether fe:xx:xx:xx:xx:xx
    sleep 1
    ifconfig tap0 0.0.0.0 promisc up
    sleep 1
    brctl addif br0 tap0
    sleep 1
    ln -s /usr/sbin/openvpn /tmp/myvpn
    /tmp/myvpn /mnt/OVPN/server.conf
    
    i tried by replacing tap0 with tap21 but that didn't work
    if i could something like this get to work, it might solve both of my problems.

    can anyone confirm this behaviour?
    can anyone help me with a script similar to the one above?

    TIA, PetervdM
     
  2. pietja

    pietja Reformed Router Member

    On RT-N66U_RT-AC6x--114-AIO-64K i used the following "WAN Up" script to fix this.
    I had my OpenVPN server setup to use the TAP interface and Start with WAN.
    Code:
    sleep 5
    ifconfig tap21 down
    ifconfig br0 hw ether AC:22:0B:XX:XX:D8
    ifconfig tap21 hw ether AC:22:0B:XX:XX:D8
    ifconfig tap21 up
    This was working for me, but i changed to K26USB-1.28.RT-N5x-MIPSR2-114-AIO-64K because of the 5GHZ bandwidth problem.
     
    PetervdM likes this.
  3. Bird333

    Bird333 Network Guru Member

    Pulled from this thread. http://www.dd-wrt.com/phpBB2/viewtopic.php?t=148287 The bolded line below is the important one. This was causing Windows to detect a new network on reboots.

    You have to assign fixed mac address to tap0 interface on startup. Mac address have to be bigger then mac address of the eth0. Bridge interface takes mac address of the smallest member!

    Some good choices for private mac:
    ee:7c:29:a0:c2:67
    ee:61:5e:3c:c1:af
    ee:0a:02:c8:60:b5

    On my router i have this on rc_startup:
    openvpn --mktun --dev tap0
    ifconfig tap0 hw ether ee:3c:a0:f9:30:7b
    ifconfig tap0 0.0.0.0 promisc up
    brctl addif br0 tap0
     
  4. PetervdM

    PetervdM Network Guru Member

    this did the trick! i left out the br0 rule in favour of the real units ip address.
    thx
     
  5. somms

    somms Network Guru Member

    Unfortunately this bug introduced with V114 is too brutal it seems for me to overcome. In order to keep my OpenVPN TAP connections working properly without my windows networked PCs constantly prompting me whether a network is public or private after each reboot had to fall back to Shibby's V112 on all three of my wireless routers (1 local and 2 remote connected via OpenVPN TAP).
     
  6. Bird333

    Bird333 Network Guru Member

    I am running v114 with a tap connection. You need to have a high MAC address for your tap interface. I would suggest using one starting with 'ee'.
     
  7. shibby20

    shibby20 Network Guru Member

    this problem exist only in K26RT-AC branch. I will trey to fix it.
    Thanks.
     

Share This Page