8021q on single port doesn’t work as expected

With OpenWrt 6.1 and from default setup.
I am working with a new config setup and making some small tests. When I was trying 8021q network and tagged internet connection this setup work perfectly on my WRT3200ACM but when I tried the same setup on Edgerouter4 it fails. Tried it on a initramfs image. Tried the setup both in uci code and from luci in case I made something wrong? But the result was the same.

This is the change report from luci:

# /etc/config/network
uci del network.cfg030f15.ports
uci add_list network.cfg030f15.ports='lan2'
uci add_list network.cfg030f15.ports='lan3'
uci add network device # =cfg070f15
uci set network.@device[-1].type='8021q'
uci set network.@device[-1].ifname='lan1'
uci set network.@device[-1].vid='30'
uci set network.@device[-1].name='lan1.30'
uci set network.@device[-1].macaddr='xxxxxxxxxxxx'
uci set network.wan.device='lan1.30'
uci set network.wan6.device='lan1.30'
uci set network.wan6.reqaddress='try'
uci set network.wan6.reqprefix='auto'

And luci error in interfaces section:

Protocol: DHCP client
RX: 0 B (0 Pkts.)
TX: 0 B (0 Pkts.)
Error: Network device is not present

Does the Edgerouter4 lack support for 8021q network or is it missing some package or kernel setting needed for 802.1q that wrt3200acm has?

The only difference between the setup on wrt3200acm and ER4 is that wrt3200acm use the wan port and ER4 I used the lan1 port.

It should work. Let’s see your complete configuration.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall

root@OpenWrt:/# ubus call system board
{
        "kernel": "6.1.64",
        "hostname": "OpenWrt",
        "system": "UBNT_E300 (CN7030p1.2-1000-AAP)",
        "model": "Ubiquiti EdgeRouter 4",
        "board_name": "ubnt,edgerouter-4",
        "rootfs_type": "initramfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "SNAPSHOT",
                "revision": "r24545-65c50a2545",
                "target": "octeon/generic",
                "description": "OpenWrt SNAPSHOT r24545-65c50a2545"
        }
}

root@OpenWrt:/# uci export network
package network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd60:b027:1296::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan2'
        list ports 'lan3'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option device 'lan1.30'
        option proto 'dhcp'

config interface 'wan6'
        option device 'lan1.30'
        option proto 'dhcpv6'

config device
        option type '8021q'
        option vid '30'
        list ifname 'lan1'
        option name 'lan1.30'

root@OpenWrt:/#

root@OpenWrt:/# uci export dhcp
package dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option cachesize '1000'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'
        option filter_aaaa '0'
        option filter_a '0'
        option confdir '/tmp/dnsmasq.d'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        option ra_slaac '1'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

root@OpenWrt:/#

root@OpenWrt:/# uci export firewall
package firewall

config defaults
        option syn_flood '1'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        list network 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'

config zone
        option name 'wan'
        list network 'wan'
        list network 'wan6'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

root@OpenWrt:/#

root@OpenWrt:/# uci show network
network.loopback=interface
network.loopback.device='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fd60:b027:1296::/48'
network.@device[0]=device
network.@device[0].name='br-lan'
network.@device[0].type='bridge'
network.@device[0].ports='lan2' 'lan3'
network.lan=interface
network.lan.device='br-lan'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.wan=interface
network.wan.device='lan1.30'
network.wan.proto='dhcp'
network.wan6=interface
network.wan6.device='lan1.30'
network.wan6.proto='dhcpv6'
network.@device[1]=device
network.@device[1].type='8021q'
network.@device[1].vid='30'
network.@device[1].ifname='lan1'
network.@device[1].name='lan1.30'
root@OpenWrt:/# /etc/init.d/network reload
[  679.262845] device lan1 left promiscuous mode
[  679.267366] br-lan: port 1(lan1) entered disabled state
root@OpenWrt:/# [  679.459113] lan0: Link down

I first remove lan1 from br-lan.
What I also notice after changing the network running config and reloads it is that lan1 enters disabled state and it never change after that when connecting a Ethernet cable. The port1 itself stops working.

I know the internet simulation router works and sends out tagged vlan30 since the switch and access point works with that port if I tries that connection.

So the problem is in Edgerouter4.

So you are running snapshot (and actually initramfs).... it is possible that this contains issues, so you may want to use 23.05.2. But let's see if we can make things work as is...

You don't actually need the 802.1q stanza... feel free to delete this:

then restart the network service (/etc/init.d/network restart)

Does this fix the issue?

Yes, that works.

But the idea with 802.1q was to specify the mac address on the internet side of the router.

But there is another solution that always works but it doesn’t look nice. That is to make a br-wan device with only the “wan” port.

config device                             
        option name 'wan'                 
        option macaddr 'xxx'
                                          
config interface 'wan'                    
        option device 'wan.30'               
        option proto 'dhcp'               
                                      
config interface 'wan6'                   
        option device 'wan.30'               
        option proto 'dhcpv6'   

config device                             
        option name 'lan1'                 
        option macaddr 'xxx'
                                          
config interface 'wan'                    
        option device 'lan1.30'               
        option proto 'dhcp'               
                                      
config interface 'wan6'                   
        option device 'lan1.30'               
        option proto 'dhcpv6'   

I solved this, I started thinking when you @psherman said the 802.1q device wasn’t needed and that actually worked.

So then I started thinking if I only use the device to set the mac address. I tried this hypothesis on both er4 and wrt3200acm this morning and it works perfectly as expected on both devices.

So what the 802.1q function actually do in OpenWrt is not perfectly understood but it wasn’t needed to solve the problem of both having tagged vlan and specified mac address on a single port.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.