I need to do more looking, but I've seen similar issues with the master snapshot. I have a WRT32X with the LAN split into 2 VLANs. Using tcpdump, I noticed that the tag is not properly untagged on the port which is configured to untagging it. Interestingly, this only happens with WiFi traffic on that VLAN. The wired traffic on that same VLAN is untagged properly on that same port. The result is all devices can get to the internet (and talk to other subnets) as per usual, but wireless devices cannot talk to wired devices on the same VLAN and vice versa because the tag isn't removed.
This configuration was working in 22.03.02, and the same configuration was used in the upgrade. I need to investigate further and determine what happened.
I haven't enabled flowoffload as I use SQM on the WAN port.
I have two different locations which both use a WRT32X device. Both are on today's master snapshot with multiple VLANs on the LAN. However, these are configured differently as the network topology is different. In either case, both exhibit the same issue. I'm leaning heavily towards user error, but I just haven't found the error yet.
I can add some clarity, only for my specific config.
(4) WRT3200ACM with -mv88e6352
Still on 22.03.2
I only run Openwrt as/on Dumb APs
I bond the Wan port to the br-lan and use it as the backhaul to the primary router (in my case pfSense)
Using vlan filtering for LAN (br-lan.1), GUEST (br-lan.10) and IOT (br-lan.20)
Depending the Dumb AP, I have physical port(s) and/or wireless network assigned to the interfaces.
Not seeing any stray packets on parallel networks using tcpdump -nne -i
I went ahead and moved to the latest 21.02 because I don't want to be dealing with snapshot installs and checking back every week or so on the forums to see if I should again update to the most current snapshot or not. It seems that as long as OpenWrt does follow their own maintenance timelines, going to 21.02 is perfectly safe until April 2023 (and my impression that this is recommended over staying in 22.03.2 in the affected devices, since those no longer will receive security updates).
Edit: And hopefully, v23 comes out before April 2023...
Yes use snapshot from the dropdown, you can click customize and add any packages you want to have it make a build for you too.
Master snapshots w/ kernel 5.15 based have been fantastic on my WRT32X. Perfectly stable. I just flash a new build every month or so if I see something interesting in the changelog (samba 4.18, kernel changes, new wifi drivers, etc).
I have a WRT3200ACM and I'm currently testing the image builder. Builded the snapshot with all my packages and all my files/configs I had on 22.3.2.
I had some trouble with read-only filesystem (probably need to mount -o remount,rw / every reboot) and the main issue is that I can't connect via wifi->ethernet devices. Must be an firewall issue or so. It worked before and now I'm curious are there any new security feature mentioned somewhere for 23?
I have been running 22.03.3 since its release. I use my own Image Builder builds so I didn't notice the firmware being pulled from the site. Since most of my clients are wireless it took me this long to notice this issue independently. I was about to build 22.03.4 when I finally noticed mvebu builds missing and got curious as to why.
I always read (and rely) on the Release Notes for each release especially any in the Known Issues section. Shouldn't this kind of thing be added to the Known Issues section? I just checked and it doesn't appear to be mentioned in any release notes.
Enabling VLAN filtering did not work for my target.
I built a snapshot image using the Image Builder and my mvebu target seems to be working fine (and correctly) so far. I don't use any VLANs, however.
Oh okay yeah, I don't know if I've ever even noticed this file before. On the main page you click "Release notes" and it takes you Github Releases page with a summary and a "Known Issues" section that's empty.
In this case you have to click "Detailed Changelog" which brings you to a list of all the commits and then click another link called "release notes" which brings you to a different OpenWrt Wiki version of the release notes. This link seems to be better maintained and what I will use from now on.
Did you ever figure this configuration issue out? I tried the latest master again and I still have similar problems. Wireless devices are unable to access wired devices on the same VLAN. I can access them from different VLANs when the right firewall configuration is in place.
Unfortunately, no. My "fix" was to connect a smart switch that I just happened to have to the router and let it properly untag the traffic. It's not ideal at all.
It's been a couple months since I tried a snapshot as I'm in the process of configuring an OPNSense VM on Proxmox. The configuration differences take some getting used to, but for me, there's a lot to like with this combo.