[23.05.0] dumb AP to dumb - no url resolve on VLAN

Hi there,
Through upgrading my dumb AP TL WDR4900 (v1.3) from 22.03.5 to latest 23.05.0, switch architecture changed from swconfig to DSA as well - man, what a learning curve of how to setup VLANs there. :sweat_smile:
Following setup:

  • the network consists of 4 VLANs (lan (id 5), media (id 3), tech (id 6), dns (id 4)), first three are important for WDR4900
  • the WDR4900 provides 3 WIFIs/SSIDs connected to the 3 VLANs
  • the WDR4900 acts as sane server (scanner connected via USB) included in VLAN 5 (lan)
  • the WDR4900 is connected to managed switch via LAN port lan4; the switch is then connected to main router (Archer C7 (v5) on 23.05.0/swconfig) which provides DHCP etc.

Overall it works quite smooth except for below points:

  • the WDR4900 itself cannot reach the DNS (all other connected devices to this AP are working fine) by default - diagnostics tab does not work; if I use nslookup with IPv4 gateway (not the DNS) it resolves any address properly
  • one client device on the VLAN lan (id 5) associated WIFI has issues to connect properly (on-and-off-relationship :roll_eyes:); other devices on other WIFIs (different VLAN) do not seem to have such issue)

Searching the internet got me to disable (and stop) firewall, odhcpd and dnsmasq.

I am pretty sure that I missed something to configure properly - being no expert and partly a network-noob. :shushing_face:

Below some config file extracts - /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd32:195d:7f60::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'
	option ipv6 '0'
	option bridge_empty '1'

config interface 'lan'
	option device 'br-lan.5'
	option proto 'static'
	option ipaddr '192.168.0.6'
	option netmask '255.255.255.0'
	option gateway '192.168.0.1'
	list dns '192.168.40.40'

config device
	option name 'wan'
	option macaddr 'a0:f3:c1:12:db:b3'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'
	option auto '0'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan4:t'

config bridge-vlan
	option device 'br-lan'
	option vlan '3'
	list ports 'lan1:u*'
	list ports 'lan3:u*'
	list ports 'lan4:t'

config device
	option name 'br-lan.1'
	option type '8021q'
	option ifname 'br-lan'
	option vid '1'
	option ipv6 '0'

config bridge-vlan
	option device 'br-lan'
	option vlan '6'
	list ports 'lan4:t'

config interface 'tech'
	option proto 'static'
	option device 'br-lan.6'
	option ipaddr '192.168.60.6'
	option netmask '255.255.255.0'
	option gateway '192.168.60.1'
	list dns '192.168.40.40'

config interface 'media'
	option proto 'static'
	option device 'br-lan.3'
	option ipaddr '192.168.30.6'
	option netmask '255.255.255.0'
	option gateway '192.168.30.1'
	list dns '192.168.40.40'

config bridge-vlan
	option device 'br-lan'
	option vlan '5'
	list ports 'lan2:u*'
	list ports 'lan4:t'

config bridge-vlan
	option device 'br-lan'
	option vlan '4'

config interface 'dns'
	option proto 'static'
	option device 'br-lan.4'
	option ipaddr '192.168.40.6'
	option netmask '255.255.255.0'
	option gateway '192.168.40.1'
	list dns '192.168.40.40'

/etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option channel '36'
	option hwmode '11a'
	option path 'ffe09000.pcie/pci9000:00/9000:00:00.0/9000:01:00.0'
	option htmode 'HT20'
	option disabled '1'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'media'
	option mode 'ap'
	option ssid 'OW-11an'
	option encryption 'psk2'
	option key 'S3CR€T'
	option macfilter 'allow'
	option disabled '1'

config wifi-device 'radio1'
	option type 'mac80211'
	option channel '9'
	option hwmode '11g'
	option path 'ffe0a000.pcie/pcia000:02/a000:02:00.0/a000:03:00.0'
	option htmode 'HT20'
	option counry 'DE'
	option txpower '20'
	option country 'DE'
	option legacy_rates '1'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option mode 'ap'
	option ssid 'OW-media'
	option encryption 'psk2'
	option key 'S3CR€T'
	option macfilter 'allow'
	option network 'media'

config wifi-iface 'wifinet0'
	option device 'radio1'
	option mode 'ap'
	option ssid 'OW-lan'
	option encryption 'psk2'
	option key 'ssssshhhhhhhhhhhh'
	option macfilter 'allow'
	option network 'lan'

config wifi-iface 'wifinet1'
	option device 'radio1'
	option mode 'ap'
	option ssid 'OW-tech'
	option network 'tech'
	option encryption 'psk2'
	option key 'pssssssssssssst'

/etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option cachesize '1000'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option localservice '1'
	option ednspacket_max '1232'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv4 'server'
	option ignore '1'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

ip route list:

default via 192.168.0.1 dev br-lan.5 
192.168.0.0/24 dev br-lan.5 scope link  src 192.168.0.6 
192.168.30.0/24 dev br-lan.3 scope link  src 192.168.30.6 
192.168.40.0/24 dev br-lan.4 scope link  src 192.168.40.6 
192.168.60.0/24 dev br-lan.6 scope link  src 192.168.60.6 

Anything else I can provide? Any help is highly appreciated - many thanks in advance.

Add your preferred dns server 192.168.40.40 into the dns configuration in the dns forwardings field.

1 Like

Ah, I missed this one. Thanks, that helped. :grinning:
I still get the error that the WDR4900 cannot reach the preferred DNS 192.168.40.40 (via 192.168.0.1 forwarded to 192.168.40.40 it works). But I suppose that it is an issue with the router setup and here OT. :thinking:

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.