7572 questions

9026 answers

14571 comments

11782 members

0 votes
1,165 views 14 comments
by
Hi,

My company is looking for a LTE router solution for LTE failover connections. I'm currently testing RUTX09 with firmware RUTX_R_00.02.03.1 and have it attached to a Palo Alto PA-220 firewall in my lab. I can't seem to get Bridged Mode to work and can't find any documentation on how it's supposed to be done.

Currently I have one SIM card for MOB1S1A1 (default) interface and I have tested that it works in NAT mode. In Bridged mode I assume that I need to insert the MAC address of the firewall interface (MAC address of PA-220 IF) connected to LAN side of the RUTX09. What I'm not sure of is whether I should have the LAN (default) interface configured with "Bridge interfaces" and whether I should have eth0 and qmimux0 in br-lan. I've tried all possible combinations but the result is always that when I do a DHCP renew on the PA-220 I can see with tcpdump on RUTX09 that DHCP requests are coming in to interface eth0 and br-lan bridge but they don't seem to get passed to qmimux0.

If I could get more information or a sample configuration, I would be very grateful. Alternative if someone could explain how the bridging is done on RutOS (which components used, how DHCP queries are passed/relied), I can probably figure out the rest.

Best,
-Jyrki
by

I had bridge mode working just fine in firmware version RUTX_R_00.02.01.1, but can't get it to work in RUTX_R_00.02.03.1 - not sure if we're dealing with the same issue or if you're experiencing something else. If you haven't updated your modem firmware to the latest and greatest version, you might be able to get bridge mode working if you simply downgrade to the previous firmware version.

I've outlined my struggles in this post, if that's of any help. The steps provided in that post worked just fine for enabling bridge mode on RUTX_R_00.02.01.1.

1 Answer

0 votes
by
Thanks! Downgraded to RUTX_R_00.02.01.1 and now I got it working.

I may have found the problem with the new RUTX_R_00.02.03.1 firmware. It doesn't create a LAN_MOB1S1A1 interface to add to br-lan bridge. Thus the mobile and lan interfaces aren't bridged and therefor no traffic can flow through it.
by
Interesting! Did you manage to get it working with your workaround on RUTX_R_00.02.03.1, or are you sticking to RUTX_R_00.02.01.1 since it just works™ there?
by
And more importantly: care the check with modem firmware version you're on?
by
i so hope this is not the issue/cause, as it seems too basic to be so. If a simple upgrade(?) would break bridge-mode in such a way, how would that be missed during the testing? Or something very specific is configured on your device.

but i wont rule it out... :)

i'm not upgrading after reading the first experiences like this. I'm also using bridge mode and it works quite well on the previous fw version, although with some weird mtu configurations on my unifi setups with RUTX11. However, i'm plagued by random RUTX11 device reboots and random 4G connection drops which require me to reboot the thing once or twice a day. I'm so hoping this firmware will improve things, but i'm waiting just a bit longer it seems as "working most of the time" beats "not working at all" :)
by
Yes. Shame on me for pressing that upgrade button :/

Not sure what the appropriate way to report this is - kinda hoping that the Teltonika folks are hanging out here and will see it...?
by

Hello,

mobile can't be directly bridged to eth, because it do not have layer 2 header.

So LAN_MOB1S1A1 is not missing.

RUTX_R_00.02.03.1 firmware is using arp proxy to accept packets from LAN host.
So when you enable bridge mode, you should get dhcp configuration on dnsmasq with lease of mobile IP, br-lan with proxy arp, and two routing tables 42 and 43.
Modem firmware should not be problem, because it's another independent system.
As much as I tested it worked fine, even without MAC address.
Try to look over logread over ssh, it should show dnsmasq configuration, and proxy arp settings.
by

Simonas - thanks for looking at this.

Excuse me for asking, but would you be able to let me know which steps you perform on a factory reset router to enable bridge mode? I've tried doing it like this, which results in the router not leasing me any address (DHCP). Nor can I set a static IP (192.168.1.X) to reach the router (192.168.1.1). This means it's hard for me to understand what's going on inside the router since I can't SSH to it nor access the web interface... :/

I'm sure I'm missing something obvious here, but can't see what.

by
Your steps seem to be ok. Nothing special.

You can try to set static IP (i.e. 192.168.1.2) on your PC which you are using to configure RUTX.

Before setting bridge mode in WebUI, login via ssh and run logread -f, then you can see what is happening.

I just now tried it one more time, it worked flawlessly.

4G led is blinking, looks like that someone missed it, but network is fine.
by

Tried this:

  1. Reset the router
  2. Set a static IP of 192.168.1.2 for my computer (macOS, 10.15.4)
  3. Ran through the initial config/wizard, just clicked next (no changes to the defaults)
  4. Set the UI to advanced mode
  5. ssh'd to the router and executed logread -f

Then I performed two operations - the log can be found in this GitHub gist (IP obfuscated to AA.BB.CC.X).

  1. Move the MOB1S1A1 interface to the top of the interface list, save and apply
  2. Edit MOB1S1A1 to use bridge mode instead of NAT
I lose connection to the router ~10 seconds after the execution of step 2 above. I can't really tell if the logs look like expected, so any advice is more than welcome.
by

Hi,

your logs look fine. I can see that, you are getting IP configuration (Current settings retrieved:).
Proxy arp is enabled too (net.ipv4.conf.br-lan.proxy_arp = 1)

DHCP settings fine too:

(DHCP, IP range 192.168.1.100 -- 192.168.1.249, lease time 12h

DHCP, static leases only on AA.BB.CC.51, lease time 1h)

I can't see any problems.

by
Regarding DHCP: I thought enabling bridge mode was supposed to disable DHCP? Seems like it would mess with the router downstream otherwise?
by
It's not necessary to disable dhcp. You can use routers local network, just traffic to outside will be allowed only from device that has IP from ISP.
by
Semi-solved!

With some help from Simonas, we concluded that RUTX in bridge mode together with macOS requires some additional configuration on the client-side to work properly. I don't remember the minimal step-by-step guide to get it working, but that might be something other folks run into...

When trying a factory reset RUTX09 on firmware RUTX_R_00.02.03.1 together with a USG (or UDM Pro) it works just fine - only step needed post factory reset of the RUTX09 was enabling bridge mode. No need to re-order interfaces since there's nothing connected on the WAN side, nor is there a need for a specific MAC address in the bridge mode settings since there's only one device hooked up to the device.

Works for me, moving on!
by

I had the same problem, upgraded to firmware RUTX_R_00.02.04.1 and it would not connect in bridge mode, could only get it to work when i downgraded to RUTX_R_00.02.01.1. As posted before it didn't create the LAN_MOB1S1A1 connection. There must be a bug in the firmware to cause this. Hopefully its fixed soon.