Network Routing Incremental Improvement
I was able to fix the WiFi on my new network with a head-scratch, more than face-palm, moment.
I'm a little disappointed in myself, and also confused by the networking.
I spent a lot of time checking out logs. I changed logging to be very verbose, and copied things into files I could filter, and spent too long analyzing it. I would have liked to just run it through my little Splunk instance, but since the multi-home network on the server doesn't work well, the Splunk ingestion also isn't working.
I couldn't see anything amiss.
I tweaked occasional settings, wiped routing tables, cleared firewalls, and no changes seemed to correct the situation.
With everything reset to "normal," I winged it and changed the WAN address on my WiFi router. Essentially the same, but with a different WAN IP in the subnet:
{ Internet } - ISP 10.0.0.1/30 - [ ROUTER WAN 10.0.0.2/30
LAN 10.0.1.1/29 ] - [ WiFi WAN 10.0.1.2/29
LAN 10.0.2.1/24 ]
Poof. It worked. Changing from the "last" (supposedly) usable IP in the subnet to the "next" IP in the subnet let the WAN router pass the traffic from the WiFi router. Without NAT on the ROUTER and with NAT on the WiFi, nodes on the WiFi can reach the Internet, as expected.
As a test, I changed it back, and it wouldn't work again. Keeping it at the "next" IP instead of the "last" IP will be how we go forward. There's no reason other than my whimsy to have it addressed that way.
I also changed the DHCP WiFi on the ROUTER to use that "last" IP, and the node that connects there works just fine.
That leads me to the head-scratching that makes me wonder why the router doesn't work with that IP. I went through all the possible errors, like maybe I had miscalculated the subnet IP range, but I hadn't; but maybe the WiFi router is doing something weird with it. I looked for collisions, but unless I connect to the WiFi DHCP address, there isn't another node trying to use that IP.
So, that's two of the three things I need to do with addressing!
I can get a directly connected node on the public subnet to appear directly on the Internet.
I can get the WiFi router to connect on the public subnet and NAT its traffic directly, and not double-NAT.
Now I need to get the multi-home server work with the multiple networks.
I am going to pause before getting the multi-home server fixed, and get my IPv6 working again. I want to use that via the public subnet instead of having it route through the WiFi WAN, which I had to do before because of the lack of support from the other fiber ISP. I'll toss that story out in the next iteration of this story.
