UDP traffic blocked on software bridge?

Lockheed · 2023-04-08 07:51:55

I am running OpenWrt 22.03.3 r20028-43d71ad93e in LXD as a router/edge device for my network.

My setup:

LXD OpenWRT with two interfaces:

- physical eth0 passed through (WAN)
- software bridge from host

Host:

- three physical NICs (eth1-eth3) bound in a software bridge (bridge with static IP)

Everything works fine except today I discovered that apparently, there is no ability to connect between two LAN devices on UDP ports.

I am trying to connect from computer A to computer B (both connected by cable to eth1 and eth3) using Moonlight, which requires following ports:

TCP: 47984, 47989, 48010.
UDP: 47998-48000, 48002, 48010.

If I forward those ports form WAN to B on LAN and try to connect from A using external network - everything works fine. However, when I try to connect from A to B when both are on LAN, A detects B, but cannot complete the handshake:

There are two changes since the last time it worked:

1 - upgraded from OpenWRT 19 to 22.03.3
2 - instead of passing each physical NIC into LXD and binding them into a bridge inside OpenWRT, I now bind them on host, and pass only the resulting bridge into OpenWRT's LXD. Thanks to that, I still have LAN when OpenWRT LXD is down, which is very helpful because I can still access the headless host and fix/upgrade/change LXD's config.

Any ideas?

Strike0 · 2023-04-14 21:43:30

Direct upgrade from OpenWrt 19 to 22 is not supported --> your config may be wrong.
22.03 is the first release with nftables as default --> check your custom rules.

Lockheed · 2023-04-15 17:44:57

It was configured from scratch, not upgraded or restored.
Good point with nftables. What nftables rules should I look at?

Arch Linux

#1 2023-04-08 07:51:55

UDP traffic blocked on software bridge?

#2 2023-04-14 21:43:30

Re: UDP traffic blocked on software bridge?

#3 2023-04-15 17:44:57

Re: UDP traffic blocked on software bridge?

Board footer