DHCP (w/ vlan) works on access point switch but not wifi

Here's my current setup:

What I'm trying to do is create a guest network using vlans.

VLAN 1: LAN
VLAN 3: WORK (guest network)

If I connect to the wifi network "WORK" (i.e. vlan 3) on the access point, I don't get an IP address automatically (dhcp doesn't work) but I can manually set the ip to 172.16.0.X and connect to the internet. Curiously, if I assign one of the switch ports on the same access point to vlan 3 and connect an ethernet cable, dhcp magically decides to work (see switch picture below).

What did I do wrong in the configuration?

Note: /etc/config/network is at the end of this post if you want to skip the pictures.

Access Point


br-lan is just connected to eth0.1
br-work is just connected to eth0.3


Wifi "WORK" is just connected to the interface "work"

Router


Devices
br-lan just has 1 bridge port to eth1.1
br-work just has 1 bridge port to eth1.3

Interfaces

Router config (OpenWrt SNAPSHOT 22.025.79016-22e2bfb)

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdd7:a8cf:6036::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1.1'
        option ipv6 '0'

config device
        option name 'eth1'
        option macaddr '6a:11:19:a2:23:d2'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.0.1'
        list dns '1.1.1.1'
        list dns '8.8.8.8'

config device
        option name 'eth0'
        option macaddr '68:11:19:a2:23:d5'

config interface 'wan'
        option device 'eth0'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth0'
        option proto 'dhcpv6'

config device
        option type '8021q'
        option ifname 'eth1'
        option vid '1'
        option name 'eth1.1'

config device
        option type '8021q'
        option ifname 'eth1'
        option vid '3'
        option name 'eth1.3'

config interface 'work'
        option proto 'static'
        option ipaddr '172.16.0.1'
        option netmask '255.255.255.0'
        option device 'br-work'

config device
        option type 'bridge'
        option name 'br-work'
        list ports 'eth1.3'
        option ipv6 '0'

Access Point config (OpenWrt 21.02.1)

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdf8:0cae:550a::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.0.3'
        option gateway '192.168.0.1'
        list dns '192.168.0.1'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option description 'lan'
        option ports '0t 1 2 3 4 5t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option description 'work'
        option vid '3'
        option ports '0t 5t'

config interface 'work'
        option proto 'static'
        option ipaddr '172.16.0.3'
        option netmask '255.255.255.0'
        option gateway '172.16.0.1'
        list dns '172.16.0.1'
        option device 'br-work'

config device
        option type 'bridge'
        option name 'br-work'
        list ports 'eth0.3'

Well the problem is with the access point, it does not forward dhcp discover to the "br-work" bridge when connected via wifi for some reason. As a workaround, I just added wlan0 to the bridge and now dhcp works on wifi.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.