Wednesday, November 2, 2011

OpenWRT and Wake on Lan (WoL) how to make it work

The TP-Link Archer AC1750 C7 runs OpenWRT and is a great router IMHO.
You can also try the same hardware, rebranded by Amazon as the A7:
(There are many visitors to this page - but I'm not sure if any of this has helped others do what I did.
f the information below helps you, or you have questions, please use the comments to let me know.)

So, if you're trying to send a WoL wakeup packet to a single host on your LAN from your WAN segment, you'll need to use inbound port redirection.

Because I've not yet been able to make inbound NAT forward to my LAN's broadcast address,
you will need one "Redirection item" and a unique udp/port# pair per internal host, plus a static MAC address entry.

The missing static MAC entry is usually the second half of the puzzle that most folks don't figure out, and never get WoL working. This is something I think is broken in the kernel ip_tables module; it should log an error if a NAT redirection To: rule is missing from the ARP table, and the packet is being dropped due to lack of a MAC entry.

If you're using LuCI, this is done using a "Redirection" item.

Web Console path: admin/network/firewall
Here you will find three sections, (at least in my version, 10.03RC5 backfire):
• Zones
• Redirections
• Rules

To get WoL to work, I added one new Redirection item:

Name: WakeOnLan broadcast
Protocol: UDP
Source: wan:0.0.0.0/0:*
Via: Device:0.0.0.0/0:9
Destination: lan:192.168.1.69:*
Action: DNAT

Where 192.168.1.69 is an example internal LAN IP for the host you want to direct the WoL packets to.

As mentioned earlier, this isn't sufficient to make things work yet.

When the LAN host you're trying to wake up is powered off, it can't respond to ARP requests.
When a NAT packet is received by your router, it tries to forward it to the LAN segment, and perform DNAT.
Your router must know the ARP address of your To: destination host in order to send the UDP packet to it. And, since it's powered off, it won't know what that is, unless you set a static ARP address for it...

Where I found how to set a static MAC address:
https://forum.openwrt.org/viewtopic.php?id=1787

This command statically sets the ARP address for an IP.  (Replace 00:de:ad:be:ef:00 with your hosts's ethernet MAC address.)

ip neigh add 192.168.1.69    lladdr 00:de:ad:be:ef:00  nud permanent   dev br-lan


I added the above 'ip neigh add' command line to my router's
/etc/rc.local
file.

If the 'ip' command is not installed, you should be able to install it with '
opkg update; opkg install ip
'.


Note that if you change physical ethernet devices on this host, you'll have to update this line.


If you're still having trouble and you can do WoL from the local LAN, but can't get forwarding to work, drop me a note in the comments and I'll try to help.


If someone finds a way to get a Redirection rule to work with Destination: lan:192.168.199.255:* (the LAN broadcast address), please drop a note in the comments!


Cheers,
Marc.


#RSFtalks with Edward Snowden

What an intelligent, thoughtful individual. I find it difficult to forgive 44 for failing to pardon this patriot and instead pursuing him ...

Other Popular Posts: