D-Link DAP 2610: first steps with VLANs

Installing and Using OpenWrt Network and Wireless Configuration
21

I am some steps closer, but not there yet.

Right now I get a DHCP Lease on Interface VLAN11: that is progress.

I set a Wireless ESSID onto this Interface and a WIFI client does NOT get a DHCP-Lease.

What do I miss?

btw: I was not able to add Bridge VLAN filtering on br-lan. That failed with an error message (I can't quote exactly right now). So I added a VLAN device myself directly.

I assume br-lan.11 and eth0.11 behave differently. Which one to use for the Wifi?

here the status:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd64:2d89:830d::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'
	option vlan_filtering '1'

config device
	option name 'eth0'
	option macaddr 'ec:ad:e0:7b:19:c0'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '192.168.97.167'
	option gateway '192.168.97.1'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option ports '0t 5t'
	option vlan '11'
	option description 'VLAN11'

config switch_vlan
	option device 'switch0'
	option ports '0t 5t'
	option vlan '12'
	option description 'VLAN12'

config device
	option type '8021q'
	option ifname 'eth0'
	option vid '11'
	option name 'eth0.11'

config device
	option type '8021q'
	option ifname 'br-lan'
	option vid '11'
	option name 'br-lan.11'

config interface 'VLAN11'
	option device 'eth0.11'
	option proto 'dhcp'
22

Here the error when I try to add VLAN 11 via VLAN bridge filtering for br-lan:

Save error
An error occurred while saving the form:

RPC call to uci/delete failed with ubus code 4: Resource not found
  at ClassConstructor.handleCallReply (http://192.168.97.167/luci-static/resources/rpc.js?v=git-22.046.85957-59c3392:15:3)
23

Hi,

here is my working config:

root@DAP2600-OG:~# cat /etc/config/network

config interface 'loopback'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
        option device 'lo'

config globals 'globals'
        option packet_steering '1'

config interface 'lan'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option proto 'dhcp'
        option delegate '0'
        option device 'br-lan'

config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'ec:ad:e0:79:97:d0'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t 5t'
        option description 'Vlan3'

config switch_vlan
        option device 'switch0'
        option ports '0t 5t'
        option vlan '11'
        option description 'Techlan2'

config interface 'vlan11'
        option proto 'static'
        option ipaddr '10.11.1.102'
        option netmask '255.255.255.0'
        option device 'br-vlan11'

config interface 'vlan3'
        option proto 'static'
        option ipaddr '10.20.1.102'
        option netmask '255.255.255.0'
        option device 'br-vlan3'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config device
        option name 'br-vlan11'
        option type 'bridge'
        list ports 'eth0.11'

config device
        option name 'br-vlan3'
        option type 'bridge'
        list ports 'eth0.3'

config device
        option name 'eth0.11'
        option type '8021q'
        option ifname 'eth0'
        option vid '11'

config device
        option name 'eth0.3'
        option type '8021q'
        option ifname 'eth0'
        option vid '3'

config device
        option name 'wlan0'

config device
        option name 'wlan0-1'

config device
        option name 'wlan0-2'

config device
        option name 'wlan1'

config device
        option name 'wlan1-1'

config device
        option name 'wlan1-2'

root@DAP2600-OG:~#

Default vlan (br-lan) is set to dhcp, but I always keep the failsafe 192.168.1.1 adress, so if dhcp assignments fail, I have the chance to connect to the device via 192.168.1.1.

Your config looks like manually edited, I had all things configured via luci GUI.

24

@StifflersMagic I also did everything via luci. I will try to adjust things according to your example, thanks.

25

@StifflersMagic I edited your config (changed IPs, and VLAN-IDs etc) and rebooted.
It works now, great. Many thanks!

When I look into the GUI now and compare I see the main difference to my approach:

There are the bridge devices br-lan, br-vlan11 and devices of type VLAN (802.1q) : eth0.11 (same for VLAN ID 12 etc).

I didn't have it that way.

br-lan does not have "VLAN bridge filtering" enabled. OK with me.

So if I want to add another VLAN, I guess I have to:

  • add that VLAN in menu "Switch" (tagged on ports 0 and 5)
  • add a "VLAN (802.1q)" device "eth0.XX" with base device "eth0"
  • add a bridge device like "br-vlanXX" with bridge port "eth0.XX"
  • add an interface like "VLAN_XX" based on device "br-vlanXX"

and that interface is used in a Wifi-definition for an SSID.

Am I right?

I might try that myself after my next telco in an hour or so.
After that I will focus on rolling all that into my build pipeline.

thanks a LOT @StifflersMagic

26

Does creating that switch device change something in the hardware also? Switching some bits?

I took my working config and packed it into my self-built image and flashed it to a second appliance. Does not come online. We start soldering now, serial console to the rescue ...

Flashed file (rm-ed macaddr, adjusted IP):

config interface 'loopback'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'
        option device 'lo'

config globals 'globals'
        option packet_steering '1'

config interface 'lan'
        option ipaddr '192.168.97.67'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option proto 'dhcp'
        option delegate '0'
        option device 'br-lan'

config device 'lan_eth0_dev'
        option name 'eth0'
        
config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '11'
        option ports '0t 5t'
        option description 'Vlan11'

config switch_vlan
        option device 'switch0'
        option ports '0t 5t'
        option vlan '12'
        option description 'Vlan12'

config interface 'vlan11'
        option proto 'unmanaged'
        option device 'br-vlan11'

config interface 'vlan12'
        option proto 'unmanaged'
        option device 'br-vlan12'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config device
        option name 'br-vlan11'
        option type 'bridge'
        list ports 'eth0.11'

config device
        option name 'br-vlan12'
        option type 'bridge'
        list ports 'eth0.12'

config device
        option name 'eth0.11'
        option type '8021q'
        option ifname 'eth0'
        option vid '11'

config device
        option name 'eth0.12'
        option type '8021q'
        option ifname 'eth0'
        option vid '12'

config device
        option name 'wlan0'

config device
        option name 'wlan0-1'

config device
        option name 'wlan0-2'

config device
        option name 'wlan1'

config device
        option name 'wlan1-1'

config device
        option name 'wlan1-2'

EDIT: fixed it already

27

Hi @sgw @StifflersMagic !!

The new snapshots for DAP-2610 changes swconfig to DSA (to be honest, the change is for all ipq40xx devices).
I've tried to change my vlan config from "old" swconfig to new DSA and the result is a bricked device (no problem, I can unbrick it via serial console :smiling_face_with_tear: it's not the first time it happens).

Have you changed to new snapshots with DSA? Are your vlans working in DSA?

Many thanks for your time and help!!!

28

To be honest: I don't know :wink:
I haven't touched these APs since I managed to get them working back then. The customer is happy (as far as I know), and I didn't do any changes to the build since then. So I am afraid I can't help here.
But I am open to learn if there are possible improvements.
Let us know :slight_smile:

29

Thanks for the info!!!