I have a setup with the ISP router followed by my OpenWRT router.
The ISP LAN (red - VLAN2 - 192.168.9.0) is the less-secure and then there is the OpenWRT router VLAN (blue - VLAN1 - 192.168.2.0) that is more-secure.
There is one WIFI SSID for each of the VLANs and the wired devices connect to each VLAN depending on the router/switch port they connect.
So far, the devices on the VLAN2 (red), were getting their IP addresses from the ISP router and the ones on the VLAN1 (blue) were getting theirs from the OpenWRT router.
Because the ISP router has limitations on DHCP, I'd like to configure the OpenWRT router to be replacing it so it could also assign IP addresses to VLAN2.
I thought it would be as simple as enabling DHCP in the WAN interface via LUCI (which is purelly VLAN2), but it seems it is expecting to assign IPs for the VLAN1 segment.
Basically the rule should be something like: if VLAN1, assign an IP from the range 192.168.2.x , if VLAN2, assign an IP from the range 192.168.9.x. Both VLANs should have a set of pre-defined static-dhcps and a segment dedicated to a pool (in other words: if unknown MAC, assign an IP from the range 192.168.x.100-150).
Is such setup possible in OpenWRT? And if so, any hint how to get there?
Please share content of /etc/config/network and /etc/config/dhcp ? Redact when needed. Device model and its switch settings would also be interesting to look at.
So I'm wondering if this would be really possible, or would I need to attach a small device to this NW segment to act just as DHCP server (like a RaspberryPI or something)
Took a quick look into the FW and it seems it was enabled already (didn't change anything).
So, if I understood correctly, it seems that I also covered step 3 without knowing it, and it didn't seem to have worked. New devices couldn't get an IP address....
I'm getting closer now. The /tmp/dhcp.leases show some beatifull entries on the 192.168.9.x and 192.168.2.x segments and my phone can now get an IP address but it seems it has no internet connection.
Looking into the android network settings, I detected 2 things that seem wrong in the phone:
a) It seems its gateway is 192.168.9.2 (this is WAN interface of the router) - shouldn't it be the IP of the ISP router (192.168.9.1)?
b) It seems the DNS server is 192.168.9.2 (this is WAN interface of the router) - shouldn't it be the IP of the ISP router (192.168.9.1)?
Don't know where these values we got from as the /etc/config/network is like:
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.2.1'
option igmp_snooping '1'
config device 'lan_dev'
option name 'eth0.1'
option macaddr '58:ef:68:58:cf:9d'
config interface 'wan'
option ifname 'eth0.2'
option proto 'static'
option netmask '255.255.255.0'
option type 'bridge'
option igmp_snooping '1'
option ipaddr '192.168.9.2'
option gateway '192.168.9.1'
list dns '8.8.8.8'
list dns '192.168.9.1'