2x MX4300 as dumb APs giving me roaming DHCP issues with a ubiquity router

32lbcarp · May 28, 2025, 10:24pm

Problem Summary

When a client roams from AP1 to AP2 , it cannot obtain a DHCP lease and gets stuck without network connectivity. The SSID does not matter. So trying to go from VLAN 10 to VLAN 30 does not solve it.

Client Can't Get IP After Moving Between APs, Observed on an android device and Ipad.

Environment

Router:UniFi Cloud Gateway Max (DHCP server)
APs: 2x Linksys MX4300 running OpenWrt 24.10.1
Network: Same SSID "Animal_10" on both APs, VLAN 10 (192.168.10.0/24)
Topology: Router → AP1 (direct) + Router → Switch → AP2
No change if both APs are behind or before the switch

My main goal here is for the APs to grab an IP from the dhcp server on the default network/native vlan. I have two networks setup with VLAN IDs of 10 (Home) and 30 (Things). Vlan 30 is for IOT based devices.

Before I go trying to tackle this being a router problem I just wanted to verify my configs are accurate. It's been hard to find cohesive documentation for the newer versions of open wrt.

Thanks for the help.

Network config:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0e:ddc4:5a23::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'

config device
	option name 'lan1'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option name 'lan2'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option name 'lan3'
	option macaddr 'AA:BB:CC:99:71:02'

config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '10'
	option name 'lan1.10'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '30'
	option name 'lan1.30'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option type 'bridge'
	option name 'brlan1.10'
	option bridge_empty '1'
	option ipv6 '0'
	list ports 'lan1'
	list ports 'lan1.10'

config interface 'Home_Bridge'
	option proto 'none'
	option device 'brlan1.10'
	option type 'bridge'

config device
	option type 'bridge'
	option name 'brlan1.30'
	option bridge_empty '1'
	option ipv6 '0'
	list ports 'lan1'
	list ports 'lan1.30'

config interface 'Bridge_Things'
	option proto 'none'
	option device 'brlan1.30'

Wireless config

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'platform/soc@0/c000000.wifi'
	option band '5g'
	option channel '36'
	option htmode 'HE40'
	option cell_density '0'
	option txpower '11'
	option country 'US'

config wifi-device 'radio1'
	option type 'mac80211'
	option path 'platform/soc@0/c000000.wifi+1'
	option band '2g'
	option channel '1'
	option htmode 'HE20'
	option cell_density '0'
	option txpower '30'
	option country 'US'

config wifi-device 'radio2'
	option type 'mac80211'
	option path 'platform/soc@0/c000000.wifi+2'
	option band '5g'
	option channel '100'
	option htmode 'HE80'

config wifi-iface 'wifinet0'
	option device 'radio0'
	option mode 'ap'
	option ssid 'Animal'
	option encryption 'psk2'
	option key 'OrangeGreenYelloFeet'
	option network 'Home_Bridge'

config wifi-iface 'wifinet1'
	option device 'radio1'
	option mode 'ap'
	option ssid 'Animal_Things'
	option encryption 'psk2'
	option key 'OrangeRedBlueThings'
	option network 'Bridge_Things'
	option wmm '0'

psherman · May 29, 2025, 5:06am

Your network config is entirely wrong. You need to use DSA syntax

Delete all of this:

32lbcarp:

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '10'
	option name 'lan1.10'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '30'
	option name 'lan1.30'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option type 'bridge'
	option name 'brlan1.10'
	option bridge_empty '1'
	option ipv6 '0'
	list ports 'lan1'
	list ports 'lan1.10'

config interface 'Home_Bridge'
	option proto 'none'
	option device 'brlan1.10'
	option type 'bridge'

config device
	option type 'bridge'
	option name 'brlan1.30'
	option bridge_empty '1'
	option ipv6 '0'
	list ports 'lan1'
	list ports 'lan1.30'

Add three bridge VLANs. I'm assuming that both VLAN 10 and 30 are tagged on port lan1, and there is presumably an untagged network on the trunk, too.For now, we'll make port lan2 VLAN 10 (untagged + PVID) and port lan3 VLAN 30 (untagged + PVID). This can be changed, but it will serve to prove that the VLANs are working if you have any issues with wifi. The bridge-VLANs will look like this:

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '10'
	list ports 'lan1:t'
	list ports 'lan2:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '30'
	list ports 'lan1:t'
	list ports 'lan3:u*'

Now, edit the lan interface to use br-lan.1:

config interface 'lan'
	option device 'br-lan.1'
	option proto 'dhcp'

And edit the other two interfaces to use br-lan.10 and br-lan.30 like this (also remove the bridge line from the home_bridge network:

config interface 'Home_Bridge'
	option proto 'none'
	option device 'br-lan.10'

config interface 'Bridge_Things'
	option proto 'none'
	option device 'br-lan.30'

Reboot and test again.

32lbcarp · May 29, 2025, 11:47am

This does seem to work with some 7am testing. I really appreciate it, I spent probably 10-15 hours on variations of this config across the three devices. Spent hours with claude and gemini trying to research and understand.

I was under the impression that 802.1q was the way to go, but this setup is easy to digest and makes a lot of sense. I was so far down the wrong path with partial functionality that there is no telling when I would have figured it out.

Thanks for the help, no telling when I would have figured that out!

Here is the final config for the next person if they search it.


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd0e:ddc4:5a23::/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'

config device
	option name 'lan1'
	option macaddr 'AA:BB:CC:99:71:02

config device
	option name 'lan2'
	option macaddr 'AA:BB:CC:99:71:02'

config device
	option name 'lan3'
	option macaddr 'AA:BB:CC:99:71:02'

config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '10'
	list ports 'lan1:t'
	list ports 'lan2:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '30'
	list ports 'lan1:t'
	list ports 'lan3:u*'

config interface 'lan'
	option device 'br-lan.1'
	option proto 'dhcp'
	
config interface 'Home_Bridge'
	option proto 'none'
	option device 'br-lan.10'
	
config interface 'Bridge_Things'
	option proto 'none'
	option device 'br-lan.30'

system · June 8, 2025, 11:48am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.