D-Link DAP 2610: first steps with VLANs

Installing and Using OpenWrt Network and Wireless Configuration
1

At a customer I/we try to set up a D-Link DAP 2610 with OpenWRT 21.02.

I have a CI/CD pipeline set up and can successfully build images with my specific config and set of packages. These images can be flashed and boot/run.

I get LAN access over cable: VLAN 1 untagged on eth0, DHCP ... I can access Luci.

Now I try to set up VLANs for Wifi. I browsed the forum, wiki, youtube videos .. and fiddle with bridge vlan filtering etc.

See my current wip:


config interface 'loopback'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'
	option device 'lo'

config globals 'globals'

config device 'device1'
	option name 'mainbridge'
	list ports 'eth0'
	option type 'bridge'
	option macaddr '0e:f1:05:e4:1d:80'
	option ipv6 '0'
	option mtu '1492'

config bridge-vlan 'bridge_vlan2'
	option device 'mainbridge'
	list ports 'eth0:u*'
	option vlan '1'

config interface 'ifdhcp'
	option proto 'dhcp'
	option device 'mainbridge.1'

config bridge-vlan 'bridge_vlan1'
	option device 'mainbridge'
	list ports 'eth0:t'
	option vlan '11'

config device
	option name 'eth0'
	option macaddr '0e:f1:05:e4:1d:80'
	option mtu '1492'

config interface 'TestVLAN11'
	option proto 'dhcp'
	option device 'mainbridge.11'

config bridge-vlan
	option device 'mainbridge'
	option vlan '12'
	list ports 'eth0:t'

config interface 'vlan12'
	option proto 'dhcp'
	option device 'eth0.12'

The DAP-2610 has only one ethernet-interface eth0, I try to add it to a bridge or not .. I never get a DHCP-lease on my test-interface(s) for the VLANs 11 and 12.

When I started with this hardware, the support wasn't too good and setting up VLANs required swconfig-magic under the hood (I can look up my postings and link to them if helpful). From the wiki I assumed that now this might be fixed in the latest firmware from upstream.

btw: I also flashed the official snapshot to make sure I don't have something wrong in my own images.

Maybe I only have some misunderstanding how things work and it's only something small ... could need some help here.

And yes: I double-checked the involved switches etc:

the port delivers VLANs 1u, 11t, 12t and is a TRUNK (2 switches between the AP and the pfsense-router).

Addon:

Back then I tried a config as mentioned in:

but as far as I understand the new DSA config is different and that won't help?

2

This DLink DAP-2610: Can't get VLANs running was the swconfig-magic needed back then. But it should be fixed already, as mentioned at the end of that thread.

3

Forgot to mention:

I run "OpenWrt SNAPSHOT r19129-e17c6ee627 / LuCI Master git-22.058.70382-d29400e" on that AP.

4

Tried "swconfig dev switch0 vlan 12 set ports '0t 5t'" here as mentioned in that thread. Does not help here.

5

Hi,
is there any reason to use snapshot image?
You can use the stable version, wich provides all packages to configure the DAP-2610 including vlans.
https://downloads.openwrt.org/releases/21.02.2/targets/ipq40xx/generic/
Because you run the snapshot, I would prefer the factory image.

You have to create the vlans at the switch menu first. For my VLAN 3 and VLAN 11 ist looks like:

grafik
grafik945×616 41.4 KB

Then you can create the vlan devices at Network / Interfaces (Devices tab) and the VLAN bridge devices.
After this you can create the WLAN ssid(s) and set it to the vlan bridges.

6

There is no switch menu here! Maybe because of the snapshot? Or some missing support for that hw?
I think we chose snapshots because the wiki page told that also snapshots should run OK on that appliance.

7

I have that AP on the stable version now. Still NO switch menu entry available.
When I try to add bridge vlan filtering to br-lan it does not work, and I have to revert the change after 90 seconds.
Remove firewall zones and set static IP in our LAN, disabled DHCP.

8

DSA devices do not have the Switch menu.

See the mini tutorial for DSA network configuration -

9

thanks. I read and followed that x times already :slightly_smiling_face:

I have vlan filtering on again, and added VLAN 1 untagged, PVID ... and VLAN 11 tagged (both should go out via br-lan bridged to eth0).

br-lan.11 does not get a DHCP lease.

Looked at swconfig and set this:

	pvid: 1
	link: port:5 link:up speed:1000baseT full-duplex auto
VLAN 1:
	vid: 1
	ports: 0t 5 
VLAN 2:
	vid: 2
	ports: 0t 
VLAN 11:
	vid: 11
	ports: 0t 5t

As far as I understand that should not be needed. And it doesn't work either.
please advise.

Model	D-Link DAP 2610
Architecture	ARMv7 Processor rev 5 (v7l)
Target Platform	ipq40xx/generic
Firmware Version	OpenWrt 21.02.2 r16495-bf0c965af0 / LuCI openwrt-21.02 branch git-22.046.85957-59c3392
Kernel Version	5.4.179
10

I followed DLink DAP-2610: Can't get VLANs running - #7 by StifflersMagic , btw ... thanks to @StifflersMagic

That thread tells that these steps should not be necessary anymore. Hmm ...

11

Should there be switch-definitions in /etc/config/network ? There are none here:

# cat /etc/config/network 

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd46:90da:fc7b::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'

config device
	option name 'eth0'
	option macaddr 'ec:ad:e0:7b:19:c0'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.97.167'
	option gateway '192.168.97.1'
	list dns '192.168.97.1'

config bridge-vlan
	option device 'br-lan'
	option vlan '11'
	list ports 'eth0:t'

config bridge-vlan
	option device 'br-lan'
	option vlan '12'
	list ports 'eth0:t'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'eth0:u*'

config interface 'TestVLAN11'
	option proto 'dhcp'
	option device 'br-lan.11'

config interface 'TestVLAN12'
	option proto 'dhcp'
	option device 'br-lan.12'
12

Hi,

yes, there have to be switch definitions to work with VLANs.

In LUCI, it has to be configured here:
grafik

I edited my post from 2020 because VLANS doesn't work without swconfig on this hardware.

Did you changed to stable release or are you trying with snapshot again?

13

@StifflersMagic I mentioned above: flashed stable. No "Switch" entry under "Network" for me.

14

Hi,

I tried with an unused DAP-2610: You are right.
First you have manually add the switch. You can do this via console:
ssh to the AP and login, then perform the following commands:

uci add network switch
uci set network.@switch[0]=switch
uci set network.@switch[0].name='switch0'
uci set network.@switch[0].reset='1'
uci set network.@switch[0].enable_vlan='1'
uci commit network

reboot the device.

When the device has rebooted, you are able to configure the switch and VLAN tags via the GUI.

There is a limitation using vlans:
At some switching environments you can add VLAN 1 as tagged VLAN.
This is NOT possible with this device. Only tagged vlans >1 can be used :slight_smile:

This MAY work also with the snapshot, but I would prefer the stable version.

15

Thanks @StifflersMagic for testing things and sharing the commands. I followed them and rebooted, unfortunately the AP didn't come up online again so far ...

The AP is at a customer's site, I toggled it off and on again via POE (on the switch), I still don't ping its static IP or the original 192.168.1.1 it might have somehow fallen back to. Currently I don't know how to proceed, the AP does not have a serial console port to plug into and soldering isn't a quick option ...

Maybe the customer might press the physical reset or boot into failsafe mode so that I can proceed (tomorrow morning).

thanks so far, Stefan

16

Hi,

My test DAP-2610 has a TTL serial soldered, so I check it with your provided config.
I changed the ip adresses only to my internal network.
If I do the switch config, the AP doesn't respond at all after reboot.

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'eth0:u*'

This part will break your configuration.

To get the AP back, customer may press and hold the reset button until the LED flashes with red color. After releasing the button, the AP reboots with his standard configuration, it will be reachable at 192.168.1.1 again.

To proceed, only change the IP adress for your needs, then do the switch config and NEVER touch VLAN 1 :slight_smile:

17

@StifflersMagic great, sounds good. I managed to mess it up again in failsafe mode (I edited the network file, removed the mentioned part only and rebooted. Seems I edited the wrong file in the wrong place, my fault).

Now I wait for another reset by the customer, then I might just use first_boot, log in (I have a system in 192.168.1.0/24 for access), then do the switch part etc again.

thanks a lot so far, looking forward to real progress and working VLANs today :slightly_smiling_face:

18

Ah, one more: as soon as I have that basic configuration up and running, we want to manage multiple APs via OpenWISP. I already have the config to register them to the WISP server, the idea would be to build a (stable?) image with the required packages and that basic switch config inside. The other configuration like the individual VLANs and ESSIDs would come from WISP later.

So: image with predictable IP, packages, WISP-URL + creds (to register), switch0. Any opinions on that?

19

I would prefer to start with a clean config because parts of it looked very strange to me (like the part of interface aliasing eth0:t*) :slight_smile:

1 Like
20

will do, yes