I have had vlans 1 and 3 in use for over a year . I decided to add vlan 5 to be used as my nfs 'storage' vlan . There are just 2 hosts involved in nfs 1 connected to port 1 the other connected to port 4 on the switch .
When I first set it up it worked perfectly . I then tried in vain to get jumbo frames to work . Giving up on that idea I reverted back to my working config with vlan 5 implemented .
Only problem is the 2 hosts can no longer communicate .
I have deleted and recreated vlan 5 with no luck .
The vlan 5 interface is at 10.10.30.1
1 host is 10.10.30.2 and the other 10.10.30.3
Each host can ping the router.
The router can ping each host.
Each host can ping itself.
the 2 hosts cannot ping each other .
1 host is a PI4B the other is a beelink running Kubuntu
This has to be something simple
{
"kernel": "5.15.167",
"hostname": "shadow",
"system": "MediaTek MT7621 ver:1 eco:3",
"model": "Ubiquiti EdgeRouter X",
"board_name": "ubnt,edgerouter-x",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.5",
"revision": "r24106-10cc5fcd00",
"target": "ramips/mt7621",
"description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
}
}
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd97:0191:ac00::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
option acceptlocal '1'
list ports 'eth1'
list ports 'eth2'
list ports 'eth3'
list ports 'eth4'
config interface 'lan'
option device 'br-lan.1'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '10.10.10.1'
option igmp_snooping '0'
option delegate '0'
config interface 'wan'
option device 'eth0'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.1'
list dns '1.0.0.1'
option hostname 'DTES'
config device
option name 'eth1'
option acceptlocal '1'
config device
option name 'eth2'
option acceptlocal '1'
config device
option name 'eth3'
option acceptlocal '1'
config device
option name 'eth4'
option acceptlocal '1'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'eth1:t'
list ports 'eth2:t'
list ports 'eth3:t'
list ports 'eth4:t'
config bridge-vlan
option device 'br-lan'
option vlan '3'
list ports 'eth1:u*'
list ports 'eth2:t'
list ports 'eth3:t'
list ports 'eth4:t'
config interface 'lan3'
option proto 'static'
option device 'br-lan.3'
option ipaddr '10.10.20.1'
option netmask '255.255.255.0'
option ip6ifaceid '::3'
option igmp_snooping '0'
config bridge-vlan
option device 'br-lan'
option vlan '5'
list ports 'eth1:t'
list ports 'eth4:t'
config interface 'lan5'
option proto 'static'
option device 'br-lan.5'
option ipaddr '10.10.30.1'
option netmask '255.255.255.0'
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '0'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option ednspacket_max '1232'
option local '/evinrude.net/'
option domain 'evinrude.net'
option filterwin2k '1'
option cachesize '10000'
option min_cache_ttl '3600'
option quietdhcp '1'
option confdir '/etc/config/dnsmasq.user'
list server '/mask.icloud.com/'
list server '/mask-h2.icloud.com/'
list server '/use-application-dns.net/'
list server '127.0.0.1#5053'
list server '127.0.0.1#5054'
option dnsforwardmax '500'
option doh_backup_noresolv '-1'
option noresolv '1'
list doh_backup_server '/mask.icloud.com/'
list doh_backup_server '/mask-h2.icloud.com/'
list doh_backup_server '/use-application-dns.net/'
list doh_backup_server '127.0.0.1#5053'
list doh_backup_server '127.0.0.1#5054'
list doh_server '127.0.0.1#5053'
list doh_server '127.0.0.1#5054'
config dhcp 'lan'
option interface 'lan'
option start '10'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
list dhcp_option '42,10.10.10.1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '3'
config host
option name 'linux-laptop'
option dns '1'
option mac 'A0:D3:7A:8D:BC:6A'
config domain
option name 'shadow'
option ip '10.10.10.1'
config domain
option ip '10.10.10.4'
option name 'ollie'
config domain
option name 'timeserver'
option ip '10.10.10.1'
config domain
option ip '10.10.10.8'
option name 'kitten'
config dhcp 'lan3'
option interface 'lan3'
option start '10'
option limit '30'
option leasetime '12h'
list dhcp_option '42,10.10.20.1'
config host
option name 'hs200studiooutside'
option dns '1'
option mac '6C:5A:B0:EE:9B:F1'
config host
option name 'hs200shopoutside'
option dns '1'
option mac '6C:5A:B0:EE:BA:91'
config domain
option name 'tiberius'
option ip '10.10.10.7'
config host
option name 'brotherprinter'
option dns '1'
list mac '60:6D:C7:69:40:EB'
option ip '10.10.20.27'
config host
option name 'beelink'
option dns '1'
option mac 'E0:2E:0B:91:E9:07'
option ip '10.10.10.109'
config domain
option name 'elog-1-6'
option ip 'fd97:191:ac00:0:45d0:794c:6ffa:a3d2'
config domain
option name 'mediaserver'
option ip '10.10.10.3'
config domain
option name 'gallery'
option ip '10.10.10.3'
config domain
option name 'beelink-6'
option ip 'fd97:191:ac00:0:625b:b8b9:97bc:7105'
config domain
option name 'shares'
option ip '10.10.10.3'
config domain
option name 'nfs'
option ip 'fd97:191:ac00:0:da3a:ddff:fe42:2c0b'
config domain
option name 'webdav'
option ip '10.10.10.3'
config domain
option name 'elog4'
option ip '10.10.10.3'
config domain
option name 'gallery4'
option ip '10.10.10.3'
config domain
option name 'gallery6'
option ip 'fd97:191:ac00:0:45d0:794c:6ffa:a3d2'
config domain
option name 'webdav6'
option ip 'fd97:191:ac00:0:45d0:794c:6ffa:a3d2'
config domain
option name 'webdav4'
option ip '10.10.10.3'
config host
option name 'S10shop'
option dns '1'
list mac '00:22:6C:21:5A:30'
option ip '10.10.20.33'
config domain
option name 'tootie-1-6'
option ip 'fd97:191:ac00:0:45d0:794c:6ffa:a3d2'
config domain
option name 'tootie'
option ip '10.10.10.3'
config host
option ip '10.10.20.26'
option name 'denon-avr-x1500h'
list mac '00:05:CD:DA:92:56'
config host
option name 'biscuit'
list mac '00:18:dd:09:13:e3'
option ip '10.10.20.12'
config host
option name 'beelink-eth'
list mac 'b0:41:6f:0d:14:93'
option ip '10.10.10.5'
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
option drop_invalid '1'
option flow_offloading '1'
option flow_offloading_hw '1'
config zone
option name 'vlan1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
config forwarding
option src 'vlan1'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
config rule
option name 'Allow-Ping-Wan'
list proto 'icmp'
list icmp_type 'echo-request'
option src 'wan'
option target 'ACCEPT'
config rule
option name '3-to-dns-dhcp'
option src 'vlan3'
option dest_port '53 67'
option target 'ACCEPT'
config rule
option name 'media players to wan'
option dest 'wan'
option target 'REJECT'
option src 'vlan3'
list src_mac '00:05:CD:DA:92:56'
list src_mac '00:22:6C:21:5A:30'
list src_mac '54:60:09:FD:A4:80'
list proto 'all'
config zone
option name 'vlan3'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan3'
config redirect
option target 'DNAT'
option name 'ntp-redirect-vlan1'
option src 'vlan1'
option src_dport '123'
list proto 'udp'
option reflection '0'
config redirect
option target 'DNAT'
option name 'ntp-redirect-vlan3'
option src 'vlan3'
option src_dport '123'
list proto 'udp'
option reflection '0'
config forwarding
option src 'vlan3'
option dest 'wan'
config forwarding
option src 'vlan1'
option dest 'vlan3'
config rule
option name 'MDNS'
option src 'vlan3'
option src_port '5353'
option dest_port '5353'
option target 'ACCEPT'
list proto 'udp'
list dest_ip '224.0.0.251'
list dest_ip 'ff02::fb'
config include 'user'
option enabled '1'
option type 'script'
option path '/etc/config/firewall.user'
option fw4_compatible '1'
config rule
option name 'Chromecast Ports '
option src 'vlan3'
option target 'ACCEPT'
option dest_port '8008 8009 8010 32768-61000'
list proto 'tcp'
list proto 'udp'
option dest '*'
list src_mac 'E4:F0:42:A1:D2:36'
list src_mac '54:60:09:FD:A4:80'
config redirect 'dns_int_1'
option name 'Intercept-DNS vlan1'
option family 'ipv4'
option proto 'tcp udp'
option src 'vlan1'
option src_dport '53'
option target 'DNAT'
config redirect 'dns_int_3'
option name 'Intercept-DNS vlan3'
option family 'ipv4'
option proto 'tcp udp'
option src 'vlan3'
option src_dport '53'
option target 'DNAT'
config zone
option name 'vlan5'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'lan5'