{"id":110,"date":"2024-11-16T22:51:15","date_gmt":"2024-11-17T06:51:15","guid":{"rendered":"https:\/\/www.wokesand.com\/?p=110"},"modified":"2024-11-18T09:55:17","modified_gmt":"2024-11-18T17:55:17","slug":"take-full-control-openwrt-static-ip-configuration-for-frontier-and-att-fiber","status":"publish","type":"post","link":"https:\/\/www.wokesand.com\/?p=110","title":{"rendered":"Replacing Frontier\u2019s Router with OpenWrt and Static IPs (A Wild Ride)"},"content":{"rendered":"\n<p>Alright, let\u2019s talk about Frontier\u2019s router. If you\u2019ve ever tried to replace it with your own OpenWrt setup, you\u2019ve probably screamed into the void like I did. Their documentation? Nonexistent. Their router? Blocking my DNS queries on UDP 53. (Yes, the router. Not Frontier. You\u2019re welcome for that revelation.)<\/p>\n\n\n\n<p>But hey, I survived\u2014and now you can too! Here\u2019s my slightly chaotic journey of getting Frontier\u2019s static IPs working on OpenWrt.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 1: Figure Out What You\u2019re Dealing With<\/strong><\/h4>\n\n\n\n<p>Frontier\u2019s setup goes like this:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>A WAN IP that might be dynamic or static. (Mine was static, but good luck finding out.)<\/li>\n\n\n\n<li>A static IP block routed through that WAN IP. (Their router conveniently didn\u2019t explain this either.)<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 2: VLANs, Bridges, and Tears<\/strong><\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Network > Switch<\/strong> in OpenWrt and create a new VLAN for your WAN interface.<\/li>\n\n\n\n<li>Bridge it. Why? Because that\u2019s what makes this magic work.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 3: WAN IP Setup<\/strong><\/h4>\n\n\n\n<p>Add the WAN IP and gateway under <strong>Network &gt; Interfaces<\/strong>:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>WAN IP: Something like <code>192.0.2.10\/25<\/code>.<\/li>\n\n\n\n<li>Gateway: Probably <code>192.0.2.1<\/code>.<\/li>\n<\/ul>\n\n\n\n<p>Pro tip: If your ISP uses PPPoE, now\u2019s the time to enter your credentials. (And don\u2019t forget to breathe.)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 4: Scripts Are Your Friend<\/strong><\/h4>\n\n\n\n<p>Save this script as <code>\/etc\/firewall.user<\/code>. It does the heavy lifting with NAT and forwarding rules, dynamically handling high or low gateway setups.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">#!\/bin\/sh<br># Define the static IP block<br>subnet=\"192.0.2.0\/29\"<br>override_gateway=\"192.0.2.6\"<br><br>start_ip=$(ipcalc $subnet | grep HostMin | awk '{print $2}')<br>end_ip=$(ipcalc $subnet | grep HostMax | awk '{print $2}')<br>gateway=$(ipcalc $subnet | grep Gateway | awk '{print $2}')<br><br>if [ -n \"$override_gateway\" ]; then<br>    gateway=$override_gateway<br>fi<br><br>base_subnet=$(echo $start_ip | cut -d'.' -f1-3)<br>start_octet=$(echo $start_ip | cut -d'.' -f4)<br>end_octet=$(echo $end_ip | cut -d'.' -f4)<br>gateway_octet=$(echo $gateway | cut -d'.' -f4)<br><br>if [ \"$gateway_octet\" -eq \"$start_octet\" ]; then<br>    exclude_gateway=$start_octet<br>elif [ \"$gateway_octet\" -eq \"$end_octet\" ]; then<br>    exclude_gateway=$end_octet<br>else<br>    exclude_gateway=$gateway_octet<br>fi<br><br>for i in $(seq $start_octet $end_octet); do<br>    if [ \"$i\" -eq \"$exclude_gateway\" ]; then<br>        continue<br>    fi<br><br>    ip=\"$base_subnet.$i\"<br>    iptables -t nat -I PREROUTING -d $ip -j DNAT --to $ip<br>    iptables -t nat -I POSTROUTING -s $ip -j SNAT --to $ip<br>    iptables -I FORWARD -d $ip -j ACCEPT<br>    iptables -I FORWARD -s $ip -j ACCEPT<br>done<\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 5: Enabling Proxy ARP<\/strong><\/h4>\n\n\n\n<p>Here\u2019s the cool part. You can configure Proxy ARP in OpenWrt without manually poking around <code>\/sys<\/code>. Just add this to your WAN interface in <code>\/etc\/config\/network<\/code>:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">option ip4table 'main'<br>option proxy_arp '1'<\/pre>\n\n\n\n<p>Restart everything. Pray. (But mostly restart everything.)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Step 6: Make Sure firewall.user Is Running<\/strong><\/h4>\n\n\n\n<p>Add this to <code>\/etc\/config\/firewall<\/code> so OpenWrt actually runs your script:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">config include<br>option path '\/etc\/firewall.user'<\/pre>\n\n\n\n<p>Then:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">\/etc\/init.d\/firewall restart<\/pre>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Conclusion<\/strong><\/h4>\n\n\n\n<p>Congrats! You\u2019re officially smarter than the Frontier router. If this worked for you, let me know. If it didn\u2019t, let\u2019s troubleshoot and cry together.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Alright, let\u2019s talk about Frontier\u2019s router. If you\u2019ve ever tried to replace it with your own OpenWrt setup, you\u2019ve probably screamed into the void like I did. Their documentation? Nonexistent. Their router? Blocking my DNS queries on UDP 53. (Yes, the router. Not Frontier. You\u2019re welcome for that revelation.) But hey, I survived\u2014and now you [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,17],"tags":[],"class_list":["post-110","post","type-post","status-publish","format-standard","hentry","category-drafts","category-software-tutorials"],"_links":{"self":[{"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/posts\/110","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=110"}],"version-history":[{"count":3,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/posts\/110\/revisions"}],"predecessor-version":[{"id":125,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=\/wp\/v2\/posts\/110\/revisions\/125"}],"wp:attachment":[{"href":"https:\/\/www.wokesand.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wokesand.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}