When you have a management VLAN that you are using for administration is it still required for the AP to have an IP address assigned on the VLAN interface that it is bridging to the wireless network(s)? Commercial access points I've come across in the past seem to operate this way, unless the other IPs are just hidden for simplicity?
Would you mind pasting an example config just for clarity? I'm wondering do you need to declare eth0.10 (in my example) as an interface at all, or do you just make it a bridge member?
/etc/config/network
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.10'
As an aside, I usually I use the firmware selector and/or the image builder to set config files and my uci-default scripts so they are all preprovisioned to be an AP.
Disabling dnsmasq being a dhcp server and setting your eth0 device to dhcp and stuff for example. (Not everything, I usually want to change dns config, hostname, move web interface, firewall the ipv6 link local addresses, set passwords, ssh keys etc)
Then as discussed you want to create an "interface" that is unmanaged.
/etc/config/network extract
config interface 'ap'
option proto 'none'
option device 'br-ap'
Now on your wireless you want to set your SSID's to be hooked up to your "ap" "interface". This is called which 'network' you want the wireless iface to be connected to however.
/etc/config/wireless extract
Got it thanks! The piece about the unmanaged 'ap' interface was the bit that was confusing me, but I figured it was probably needed as you can't (in any examples I've seen at least) attach a wifi-iface to a bridge device directly. Though one wonders why? Physical interfaces can be listed as bridge members without an interface definition but wifi interfaces cannot? Question for another post perhaps.
Pretty sure it's just the glue logic / code. That's what hostapd is doing under the hood?
With the wpa_psk_file you're configuring the ap when it gets a vlan id to then connect to an arbitrary bridge. The above example is the dumb one ssid per vlan example.
Under the hood that's exactly what's happening. for example:
root@OpenWrt:/etc/config# brctl show
bridge name bridge id STP enabled interfaces
br-ap 7fff.d8c7c8cec705 no eth0.10
phy0-ap0
phy1-ap0
br-lan 7fff.d8c7c8cec705 no eth0