New to Openwrt, basically haven't used it in many many years. Picked up the Dynalink DL-WRX36 and followed the instruction got Openwrt setup pretty easily then I created a few vlans so I could have kids and IoT devices on different networks. Issue though is Wifi is trash drops a lot, inconsistent speed and overall seems very unstable.
Kernel Log
System Log
let's see your configuration (please paste it directly here... don't use pastebin):
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
From cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
option ipv6 '0'
option vlan_filtering '1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.216.1'
option netmask '255.255.255.0'
option ip6assign '60'
option ipv6 '0'
option delegate '0'
list dns '192.168.216.1'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option ipv6 '0'
option type 'bridge'
option peerdns '0'
list dns '192.168.216.1'
config device
option type 'bridge'
option name 'vlan'
option bridge_empty '1'
option ipv6 '0'
list ports 'lan4'
list ports 'vlan.20'
list ports 'vlan.22'
config bridge-vlan
option device 'vlan'
option vlan '20'
list ports 'lan4:t'
list ports 'vlan.20:t'
config bridge-vlan
option device 'vlan'
option vlan '22'
list ports 'lan4:t'
list ports 'vlan.22:t'
config interface 'lan2'
option proto 'static'
option device 'vlan.20'
option ipaddr '10.10.20.10'
option netmask '255.255.255.0'
list dns '192.168.216.1'
config interface 'IoT'
option proto 'static'
option device 'vlan.22'
option ipaddr '10.10.22.10'
option netmask '255.255.255.0'
list dns '192.168.216.1'
From cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/soc/c000000.wifi'
option channel '48'
option band '5g'
option htmode 'HE80'
option cell_density '0'
option country 'US'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/soc/c000000.wifi+1'
option channel '5'
option band '2g'
option htmode 'HE40'
option cell_density '0'
option legacy_rates '1'
option country 'US'
config wifi-iface 'wifinet0'
option device 'radio1'
option mode 'ap'
option ssid 'ESG'
option encryption 'psk-mixed+ccmp'
option key ''
option network 'IoT'
option disassoc_low_ack '0'
option skip_inactivity_poll '1'
option max_inactivity '3200'
config wifi-iface 'wifinet1'
option device 'radio0'
option mode 'ap'
option ssid 'Routers of Rohan'
option encryption 'psk2+ccmp'
option key ''
option ieee80211r '1'
option mobility_domain '321f'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan2'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid 'Routers of Rohan'
option encryption 'psk2+ccmp'
option key ''
option ieee80211r '1'
option mobility_domain '321f'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan2'
config wifi-iface 'wifinet3'
option device 'radio0'
option mode 'ap'
option ssid 'SG5'
option encryption 'sae-mixed'
option key ''
option network 'lan'
config wifi-iface 'wifinet4'
option device 'radio1'
option mode 'ap'
option ssid 'SG'
option encryption 'sae-mixed'
option key ''
option network 'lan'
From cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '0'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option port '54'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
list dhcp_option '6,192.168.216.1'
list dhcp_option '3,192.168.216.1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'lan2'
option interface 'lan2'
option start '100'
option limit '150'
option leasetime '12h'
list dhcp_option '6,192.168.216.1'
config dhcp 'IoT'
option interface 'IoT'
option start '100'
option limit '150'
option leasetime '12h'
list dhcp_option '6,192.168.216.1'
config host
option name 'shane-pc'
option dns '1'
option mac ''
option ip '192.168.216.2'
config host
option name 'PS4-PRO'
option dns '1'
option mac ''
option ip '192.168.216.21'
config host
option name 'PS5243'
option dns '1'
option mac ''
option ip '192.168.216.22'
config host
option name 'HPPrinter'
option dns '1'
option mac ''
option ip '192.168.216.80'
config host
option name 'Ezra'
option dns '1'
option mac ''
option ip '192.168.216.100'
config host
option name 'VM-CADDY1'
option dns '1'
option mac ''
option ip '192.168.216.105'
config host
option name 'julies-iphone'
option dns '1'
option mac ''
option ip '192.168.216.171'
config host
option name 'alex-pc5ghz'
option dns '1'
option mac ''
option ip '10.10.20.193'
config host
option name 'josh-pc'
option dns '1'
option mac ''
option ip '10.10.20.195'
config host
option name 'raspberrypi'
option dns '1'
option mac ''
option ip '192.168.216.101'
From cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config zone
option name 'Family'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'lan2'
config forwarding
option src 'Family'
option dest 'wan'
config rule
option name 'Fam DHCP and DNS'
option src 'Family'
option dest_port '53 54 67 68'
option target 'ACCEPT'
config zone
option name 'IoT'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option family 'ipv4'
list network 'IoT'
config forwarding
option src 'IoT'
option dest 'wan'
config forwarding
option src 'Family'
option dest 'IoT'
config rule
option name 'IoT DHCP and DNS'
option src 'IoT'
option dest_port '53 54 67 68'
option target 'ACCEPT'
config include 'miniupnpd'
option type 'script'
option path '/usr/share/miniupnpd/firewall.include'
There are a lot of problems here... your network file has many errors -- too many to reasonably fix... you should consider starting from scratch. We can help you if you provide a description of the goals. (It is easier to start from a clean slate than to fix each of the errors individually... I recommending just adding one network and then repeating the recipe to add the others).
But for wifi, the two things that are likely causing your problems are 802.11r (fast roaming) and sae-mixed encryption. Both of these work fine on some devices and very poorly (or not at all) on others. You should disable 802.11r, and use either sae (WPA3) or psk2 (WPA2) encryption (mixed mode often causes problems).
Only been setup and running for few days. I did change everything to WPA2 so no mixed encryption and turned off 802.11r
Big thing was I just wanted vlans and adguard home running local on the box.
This should hopefully resolve the wifi specific issues. But it won't fix everything else.
Your VLANs are most certainly not properly configured.
I'm not an expert on AGH, but there are some potential issues with your general DNS settings, too.
For DNS local Dnsmasq listen on port 54 for Reverse DNS that way AGH picks up my DHCP assignments from OpenWrt.
As far as Vlans I followed a few different youtube videos as it wasn't straight forward and most of guides were based off older ui from what I found. How should I have them setup?
My default bridge device is br-lan and I was unable to use this at it would brick the device make it inaccessible. So I had to create a new bridge device which I named vlan and created the vlans off of it.
Take a look at the dsa mini tutorial:
There were probably either errors in how you used the br-lan bridge device for VLANs, or you may need to create a bridge-vlan for VLAN 1 and then move the lan to br-lan.1.
Regardless, the VLANs are certainly not done properly, so you shoudl consider resetting and starting over.