popov/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a2c33734fbdcf97e770eef1c6c5edfe8c13357b2
scripts/linux/openwrt/openwrt-starlink-luci-setup.md
Dobromir Popov a2c33734fb openwrt routing
2026-02-16 14:13:35 +02:00

149 lines
6.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# OpenWrt: Connect to Starlink WiFi (client) and route blocked sites via it (LuCI)
Step-by-step using the LuCI web UI where possible. Router: Archer C6, OpenWrt/LuCI. Goal: main WAN stays default; traffic to polymarket (and similar) goes via Starlink WiFi.
---
## Part 1: Connect router to Starlink WiFi (client mode)
You need one radio as **AP** (your LAN WiFi) and one as **Client** (Starlink). Archer C6 has 2.4 GHz and 5 GHz; use one for Starlink client.
### 1.1 Install WiFi client (if needed)
SSH into the router, then:
```bash
opkg update
opkg install wpad-mesh-openssl
```
(Some images already include this. If "Scan" works in LuCI, skip.)
### 1.2 Create the Starlink client interface in LuCI
1. Log in to LuCI (e.g. `http://192.168.0.1`).
2. Go to **Network****Wireless**.
3. You should see two radios (e.g. "Radio0 (2.4 GHz)", "Radio1 (5 GHz)").
4. On the radio you will use for Starlink (e.g. **Radio1 (5 GHz)**):
- Click **Scan**.
- Wait for the list; find your **Starlink WiFi SSID**.
- Click **Join network** next to it.
5. In the dialog:
- **Network**: leave as new (e.g. `wwan`) or set a name like `starlink`.
- **Wireless Security**: choose the encryption (usually **WPA2-PSK**) and enter the **Starlink WiFi password**.
- Leave other options default. Submit.
6. The new interface (e.g. `wwan` or `starlink`) appears under **Network****Wireless** as a **Client** network. Ensure it is **Enabled** and not disabled.
### 1.3 Create a WAN interface for Starlink and assign firewall
The client connection gets an IP via DHCP from Starlink. You must create a protocol interface for it and put it in the **wan** firewall zone so it is used as a WAN.
1. Go to **Network****Interfaces**.
2. Click **Add new interface**:
- **Name**: `wan2` (or `starlink`).
- **Protocol**: **DHCP client**.
- **Device**: select the device that corresponds to the Starlink client (e.g. `wwan` or the wireless device name shown for that client network). If unsure, check **Network****Wireless** and see which device the client is on (e.g. `wlan1`).
- Submit.
3. On the new interfaces page:
- **General Setup**: ensure "Bring up on boot" or similar is checked.
- **Firewall Settings**: assign to **wan** (same zone as your main WAN). This is required for NAT and mwan3.
- **Save & Apply**.
### 1.4 Verify Starlink connectivity
- In **Network****Interfaces**, `wan2` should show an IP (from Starlinks DHCP).
- From a device on your LAN, you can ping 8.8.8.8 (main WAN is still default). To test Starlink alone youll confirm after Part 2 with a policy.
---
## Part 2: Install and configure mwan3 (Load Balancing)
mwan3 will use both WANs: default traffic via main WAN, and specific destination IPs (polymarket) via Starlink.
### 2.1 Install mwan3 (SSH)
LuCI app for mwan3 is not always preinstalled. On the router via SSH:
```bash
opkg update
opkg install mwan3 luci-app-mwan3
```
Then in LuCI you should see **Network****Load Balancing** (or **Multi-WAN**).
### 2.2 Configure interfaces (LuCI)
1. Go to **Network****Load Balancing****Configuration** (or **Interfaces** tab).
2. **Interfaces**:
- You should see **wan** (main) and **wan2** (Starlink). If not, add **wan2**:
- **Interface**: `wan2`
- **Enable**: checked
- **Track IP**: e.g. `8.8.8.8` or `1.1.1.1` (used for health check).
- **Metric**: `20` (higher than wan so default route prefers main WAN).
- **Reliability**: e.g. `1`.
- Save.
- For **wan** (main WAN):
- **Metric**: `10` (lower = preferred for default).
- **Track IP**: e.g. `8.8.8.8`.
- Save.
3. **Members** tab:
- **wan** → member e.g. `wan_m1`, metric `1`.
- **wan2** → member e.g. `wan2_m1`, metric `1`.
4. **Policies** tab:
- **default_policy**: last resort; assign only **wan_m1** (main WAN only). So all traffic that doesnt match a rule uses main WAN.
- Add policy **starlink_only**: assign only **wan2_m1**. This will be used for polymarket IPs.
5. **Rules** tab (order matters; more specific first):
- Add a rule for polymarket:
- **Name**: e.g. `polymarket_via_starlink`
- **Destination address**: see below (polymarket IPs). You can add one rule with multiple IPs/CIDRs or several rules.
- **Policy**: **starlink_only**
- **Sticky**: optional (e.g. 1 minute) so the same connection stays on Starlink.
- Ensure there is a **default** rule:
- **Destination address**: `0.0.0.0/0`
- **Policy**: **default_policy**
- Default rule must be **last** (lowest priority). Polymarket rule must be **above** it.
### 2.3 Polymarket destination IPs
mwan3 matches by **destination IP**, not domain. You need to add the IPs (or CIDRs) for polymarket.com and any related hostnames.
- Resolve from a PC (that can reach polymarket, or use any DNS):
- `nslookup polymarket.com`
- `nslookup www.polymarket.com`
- Add any other subdomains you use (e.g. `gamma-api.polymarket.com`).
- In LuCI **Load Balancing****Rules**, in the polymarket rule set **Destination address** to one of:
- Single IP: `a.b.c.d/32`
- Several IPs: add multiple rules with the same policy, or use a space-separated list if LuCI allows (e.g. `1.2.3.4/32 5.6.7.8/32`).
- CDN IPs can change. If the site stops working via Starlink, resolve the domains again and add/update the IPs in the rule. You can later automate this with a script that updates the mwan3 config or uses ipset.
**Example** (replace with real IPs you resolved):
- Destination address: `104.18.2.2/32 172.67.1.1/32` (example only; get real IPs for polymarket.com).
### 2.4 Save and apply
- **Save & Apply** in **Load Balancing** and in **Network****Interfaces** if you changed anything.
- Test: from a LAN device, open polymarket.com; it should go via Starlink. Other sites still via main WAN.
---
## Part 3: Quick reference (LuCI locations)
| Step | LuCI path |
|-------------------------|-------------------------------------|
| Create Starlink client | Network → Wireless → Scan → Join |
| WAN interface for WiFi | Network → Interaces → Add (DHCP, wan zone) |
| Load Balancing config | Network → Load Balancing |
| Interfaces (wan, wan2) | Load Balancing → Interfaces |
| Policies | Load Balancing → Policies |
| Rules (polymarket, default) | Load Balancing → Rules |
---
## Troubleshooting
- **Starlink client not getting IP**: Check WiFi password; ensure Starlink router is in range; check **Network****Wireless** that the client network is enabled and associated.
- **All traffic still via main WAN**: Ensure the polymarket rule is **above** the default rule; check **Destination address** uses the correct IPs/CIDRs; ensure **starlink_only** policy uses only **wan2_m1**.
- **Polymarket works then stops**: CDN IPs changed; re-resolve the domain(s) and update the rules destination IPs.
- **LuCI "Load Balancing" missing**: Install `luci-app-mwan3` via SSH and refresh the page.
Reference in New Issue View Git Blame Copy Permalink