I am having a bit of trouble getting vlans to work on my r7800 that is still using swconfig and not dsa.. I created one vlan for now to test it out (due to some confusion between old/new config and how it is shown on the machine).. IP address is assigned properly but I can't get anything to work on the said machine, seems like a routing issue..
When trying to traceroute any site I get "router.lan [192.168.2[.]1] reports: Destination protocol unreachable."
I tried to manually assign my router IP as the default gateway but this option does not seem to work, as the machine still gets the gateway as 192.168.2[.]1
Here's the excerpt from my router related to the two vlans that I have (br-lan that gets created automatically, and my work vlan):
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth1.1'
option ipv6 '0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option delegate '0'
config interface 'work'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
option delegate '0'
option device 'br-work'
config device
option type 'bridge'
option name 'br-work'
list ports 'eth1.3'
option macaddr 'mac address'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '1 2 3 4t 6t'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '4t 6t'
Vlan 3 is the work vlan that I created.. Firewall config was copied from br-lan, haven't done any changes to it..
Can someone point me in the right direction what I am doing wrong here? Additionally if I'd want to introduce my own DNS (pihole + unbound) how would should I configure it on the router so that all my DNS queries are intercepted and routed to the IP of pihole? There used to be an option for custom rules in iptables but right now I don't see this field anymore and it seems nftables is the currently used firewall in openwrt.
The reason for brackets is an old habit to stop the IP addresses from being clickable, does not have anything to do with the issue, just that I do it automatically..
As for the gateway, I tried it both ways initially after creating the vlan this field was empty however this still did not work, tested also after rebooting everything to make sure everything is properly assigned.. Later changed it manually but this also did not work.. I've tried redoing the vlan but even thou the IP is assigned properly, there's no connectivity at all..
So I have done some more testing, redoing everything from scratch and it seems that if I have more than two vlans active at the same time, one of them do not work.. I've tried switching ports on the switch, changing vlan id's, I have also tried connecting one of the clients directly to untagged port on the router to bypass the powerline adapters / switch and I still get the same result... I'll now need to test a newer/older snapshot of Hnyman's build..
Ok, so I flashed the latest snapshot of 22.03 (owrt2203-r19302-df622768da-20220420) tried redoing everything from scratch and I still can't get more than two vlans working at the same time.. I tried, different IP ranges or creating different names for vlans (as it seems vlan named "work" refused to work no matter what I tried.. oh the irony..) at this point I am at my wits end, can't seem to figure out why it would refuse to work.. If someone would have a clue what else I could try I'd really appreciate it..
I had four VLANs (wan, lan, jail, voip) running with swconfig until early 2021 (master as of that vintage), since then I've switch to using the DSA PR (same network topology) - so it should work.
So the issue apparently was very easy to fix.. It was related to how I created a vlan to be bridged.. Instead of making it directly on the switch tab, I made it via the devices tab which created a software vlan.. When creating the vlans directly on the switch tab, all is working fine.. Attaching a screenshot showing how this should look like in luci, because when cat'ing the config when connected to router via SSH it all looks the same..
