OPNsense Forum
Archive => 21.7 Legacy Series => Topic started by: joeyboon on November 25, 2021, 08:21:38 am
-
Hi,
I recently bought a Netgear LB2120 in order to have a simple way to have a backup internet connection. I got everything working. The Netgear is in bridgemode and the WAN4G interface I created on the OPNsense is getting a public IP, is able to ping and I've been able to add it to a gatewaygroup. However once a day the gateway fails. Turning on and of the interface fixes the problem.
First i thought this had to do withd DHCP lease time so I've been tinkering with that by adding dhcp-lease-time 14400 to DHCP client configuration -> Advanced -> Option Modifiers at the bottom of the interface settings. Tinkering around with this did not help. I also unchecked Disable State Killing on Gateway Failure in the advanced firewall settings.
Then I stumbled onto this (I'm using a T-mobile SIM) https://community.t-mobile.nl/4g-voor-thuis-568/faq-4g-voor-thuis-technische-vragen-269795 (https://community.t-mobile.nl/4g-voor-thuis-568/faq-4g-voor-thuis-technische-vragen-269795).
They state on the forum that every 24 hours T-mobile gives a physical/datalayer disconnect. "The WAN DHCP client should be able to detect such a disconnect and request a new IP immediately." This seems consistent with the problems I'm experiencing. Can anyone give me some pointers on how to make OPNsense request a new IP? Or switch the interface off an on again in case of failure?
Cheers!
-
After a bit more searching I found this Reddit post https://www.reddit.com/r/PFSENSE/comments/gxzs42/review_of_netgear_lb2120_4g_lte_and_pfsense/ (https://www.reddit.com/r/PFSENSE/comments/gxzs42/review_of_netgear_lb2120_4g_lte_and_pfsense/)
It states "Netgear created a non-standard TCP/IP implementation. For example, mobile ISP sends DHCP IP of 110.65.12.76, gateway of 110.65.12.1, subnet mask of /24. Netgear then modifies the subnet mask to /32 !!"
I think this is the problem! I changed my subnet with supersede subnet-mask option in the Option modifiers field of the advanced setting of the interface DHCP settings. Let's wait 24 hours and see :)
-
Hi,
Thanks for your post. I have a similar setup and struggle to make it work
Would you be able to share more detail about your configuration of opnsense and the lb2120 in bridge mode , especially the point-to-point settings and link to WAN ?
I am unable to make it work. The issue you described below did not occur in my case, so that I do not know where to look anymore. You can check my post below for the full description :
https://forum.opnsense.org/index.php?topic=26316.0
Thanks for any help you could provide
-
Hi,
Sure! First log in to your LB2120 (default IP is 192.168.5.1 and password is located on the back). Go to Settings -> Advanced -> LAN and select bridge.
(https://forum.opnsense.org/index.php?action=dlattach;topic=25727.0;attach=20400)
I had a horrible time when I connected the device to the wrong port of my switch and created a DHCP battle between my router and this modem ;) So connect the LB2120 to a port of your router (or switch if you know what your doing) that is not in use.
Then (in OPNSense) go to Interfaces -> Assignments and select the port you connected the LB2120 to. Give it a name, for example WANfailover. Press the plus sign.
Next click on the new interface. Enable the interface and check the Prevent interface removal option. In my case (I use T-Mobile NL) my provider does not use CGNAT (thank god), so I can also block private and bogon ranges. I then select DHCP and save the interface.
(https://forum.opnsense.org/index.php?action=dlattach;topic=25727.0;attach=20402)
Your interface should get a public IP assigned. And you can test if it works at Interfaces -> diagnostics -> ping and select the new interface and ping 8.8.8.8 for example.
Finally under system -> gateways -> single -> I selected the new gateway and changed the monitoring address to something useful. I also changed the priority to 255 so my router will not select this gateway over my regular one with priority 254).
Thats it! depending on how you want to use the new connection you now have to create a gatewaygroup etc.
PS: Today I added a networkcard to my router in order to connect the modem directly to my router. Before it was on a seperate VLAN via the switch I'm hoping this will solve my issue...
-
The issue seems solved! The combination of using the supersede subnet-mask option with the correct netmask for my provider and connecting the modem directly to the router (instead of the switch with a seprate VLAN) solved all issues.