I'm running a couple Mikrotik RB532 routerboards as broadband gateway routers under OpenWRT 10.03.1.
One of the routers, despite several OS upgrades culminating in Backfire 10.03.1, has a very sporadic problem of NAT mysteriously not working after a reboot (i.e. traffic not forwarded from LAN to WAN and vice versa). The only resolution I could find was either to reboot the box again, or do /etc/init.d/network restart. Upon running /etc/init.d/network restart I saw this reported back: root@bluenoses:~# /etc/init.d/network restart iptables: No chain/target/match by that name. iptables: No chain/target/match by that name. ifconfig: SIOCSIFADDR: No such device udhcpc (v1.15.3) started Sending discover... Sending select for X.X.X.X... *(my dynamic public IP)* Lease of X.X.X.X obtained, lease time 3600 udhcpc: ifconfig eth1 X.X.X.X netmask 255.255.252.0 broadcast 255.255.255.255 udhcpc: setting default routers: X.X.X.1 *(my dynamic gateway)* udhcpc: setting dns servers: 208.67.222.222 208.67.220.220 Configuration file: /var/run/hostapd-ath0.conf Using interface ath0 with hwaddr 00:DE:AD:BE:EF:FF and ssid 'bluenoses' random: Cannot read from /dev/random: Resource temporarily unavailable random: Only 0/20 bytes of strong random data available from /dev/random random: Not enough entropy pool available for secure operations WPA: Not enough entropy in random pool for secure operations - update keys later when the first station connects Sure enough, looks like /dev/random provides no entopy: root@bluenoses:~# cat /proc/sys/kernel/random/entropy_avail 0 I found several tickets, including a (hopefully soon to be back-ported) package rng-tools intended to address problems with headless boxes not getting sufficient entropy from non-existent keyboard/mouse. https://dev.openwrt.org/ticket/10541 Has anyone encountered problems with insufficient entropy causing random NAT failures? -- Ben West http://gowasabi.net b...@gowasabi.net
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
