connecting pcwrt to AT&T Pace 5031NV router

[tecoripa]

I’ve had the pcwrt router for several months now, with a basic home netork configuration:

AT&T Pace 5031NV router -> pcwrt router -> home devices
Wireless is turned off on the AT&T router, and all my devices connect via wired or wireless interfaces to the pcwrt router, with addresses assigned on the default pcwrt private network. Up to now, this has sufficed.

However, I’d now like to configure the AT&T router as a bridge, so that I can make selected devices accessible to outside traffic. This means that
a) I need to configure a server on my home network to get the dynamic public IP assigned to the AT&T router and send it to the OpenDNS server to keep my OpenDNS public static IP always pointing to my AT&T dynamic public IP;
b) I need to configure the AT&T router to function as a bridge, to allow external traffic to get to the pcwrt router, where it can be properly routed (via NAT?) to the correct server.

Has anyone managed to get a fairly standard configuration like this working the the Pace 5031NV router? I’ve tried some things suggested on the AT&T forums, with no luck. Suffice to say, this router is… peculiar.

thanks in advance.

[support]

By a) do you mean to keep OpenDNS current with your public IP address assigned by AT&T? If so, no specific setup is needed beyond setting up Dynamic DNS on the pcWRT. And that’s needed only if you use OpenDNS Home instead of OpenDNS Family Shield.

For b), you can usually set up the pcWRT as a DMZ host in the AT&T router. Refer to our blog post here for reference: https://www.pcwrt.com/2017/01/configure-att-nvg510-dmzbridge-to-the-pcwrt/. I think the setup should be similar.

[tecoripa]

Thank you.

For A) I’ll give it a try; I had some issues setting it up when I first got the router, but I’m more familiar with it now, and will look at setting up Dynamic DNS again.

For B), the Pace 5031NV router has quite a bit of a different user interface, and I’m not sure about IP passthrough being an option, although it does have some DMZ forwarding settings that others have had some luck with. I’ll take a look again tonight, and report back.

[support]

Let us know if you run into any problems.

[tecoripa]

So I was able to get my AT&T router set up as a bridge, and the pcwrt router now responds to the public WAN dynamic IP address, so that’s all good.

The final piece that I’m struggling with is Dynamic DNS: whenever I try to set up the OpenDNS Home configuration, as listed in the five steps in this forum post:

How to set up OpenDNS

… I run into a similar problem others have had. I get this error message on the router when I try to save and enable my Dynamic DNS settings on the router:

Failed to update Dynamic DNS, please check your network connection

When I go to the following test API URL, substituting my credentials and IP in the URL,

https://[USERNAME]:[PASSWORD]@updates.dnsomatic.com/nic/update?hostname=all.dnsomatic.com&myip=%5BWAN IP Address]

I get back a successful response:

good [MY WAN IP ADDRESS]

I’ve double and triple-checked that my credentials are correct in the settings. The test dnsomatic URL correctly updates the OpenDNS and Google Domains services (it shows the updates in the activity logs), so I’m thinking the problem must be on the router, or somewhere between the router and dnsomatic.

• This reply was modified 7 years, 1 month ago by tecoripa.

[support]

Can you disable parental control at the router level and try it again? You can reenable parental control after Dynamic DNS is set up.

[tecoripa]

OK, I’ll give that a try tonight.

[tecoripa]

I tried disabling parental control entirely, and got the same result when I went to update Dynamic DNS: Failed to update Dynamic DNS, please check your network connection. I rebooted the router and tried it again, just to make sure, to no avail.

[tecoripa]

Problem solved.

I rolled up my sleeves, set up my ssh key, and logged into the router to peer under the hood.

After some investigation and tests, I found that the ddns updater script was rejecting my public WAN IP, which was assigned by AT&T from the 172.8.xxx.xxx range.

Line 588 of /usr/lib/ddns/dynamic_dns_updater.sh had a filter to exclude private IP subnets:

[ $use_ipv6 -eq 0 ] && __IP=$(echo $1 | grep -v -E "(^0|^10\.|^127|^172|^192)") # no private IPv4's

But only a portion of the 172. and 192. ranges are private: 172.16.0.0/12 (172.16.0.0 – 172.31.255.225) and 192.16.0.0./16 (192.168.0.0 – 192.168.255.255): https://www.arin.net/knowledge/address_filters.html

I updated the filter to only exclude IPs in those ranges (changed line 588, and added a line):
[ $use_ipv6 -eq 0 ] && __IP=$(echo $1 | grep -v -E "(^0|^10\.|^127|^192\.168)") # no private IPv4's
[ $use_ipv6 -eq 0 ] && __IP=$(echo $1 | grep -v -E “^172\.(1[6-9]|2[0-9]|3[0-1])\.”) # no private 172.16.0.0/12 IPv4s`

After that, I was able to set and save and confirm my Dynamic DNS updater settings in the pcwrt interface.

Unfortunately, however, this change I made will be wiped out next time I update the OS, unless it’s folded into the pcwrt codebase. Can you open this up as a bug, and apply the fix with the next release of the OS?

FWIW, the latest version of this script in the openwrt github repo correctly filters private address spaces:

https://github.com/openwrt/packages/blob/master/net/ddns-scripts/files/dynamic_dns_functions.sh#L852

[support]

Thank you so much for digging into this! We’ll incorporate the change into our codebase. The next update is coming in a few days!

[Author]

Posts