DSA and bridged mode

Tilator · February 28, 2024, 8:07pm

Hello,

My device is Asus RT-AX53U. I have other gears for firewall and DHCP. I would like to have this device in such a configuration, it works solely as a dumb part of network just distributing wifi and firm network getting IP's from the other device via WAN/LAN port.

I can make it work like this, but I can't figure out how to do it in such a way, I still have access to this device. I can do the dumb device simply by this network settings:

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd99:b328:385c::/48'
        option packet_steering '1'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'wan'

My question is, what should I add to have access to Luci from at least one WAN/LAN port?

DBAA · February 28, 2024, 8:18pm

An interface(s) for luci to listen on.

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'

config interface 'lan6'
        option proto 'dhcpv6'
        option device 'br-lan'
        option reqaddress 'try'
        option reqprefix 'no'

psherman · February 28, 2024, 8:21pm

It sounds like you are talking about a dumb AP configuration:

https://openwrt.org/docs/guide-user/network/wifi/dumbap

In your case, if you want to have the wan port as 'just another port' on the switch, you add it to br-lan as you have already done.

You specifically mentioned LuCI -- are you able to connect to it now? If not, were you able to connect by ssh to get the configs above?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

Tilator · February 28, 2024, 8:28pm

Yes, I have access to it because the device is at it's "original settings" now. Both SSH and WebUI are available.

I just tried earlier the network setting I described above, found out it does everything else as I expect, but did not give any chance to connect it by Luci any more.

I suppose, there should be at least one more interfece having fixed IP to connect it. I just can't figure out how should it be done.

Tilator · February 28, 2024, 8:29pm

If I put these settings in it, what IP can I use to connect it?

psherman · February 28, 2024, 8:39pm

You can choose to use DHCP client or a static IP for the device's address:

If you use a static IP, make sure it is outside the DHCP pool of your DHCP server and not used by any other devices on your network. Also be sure to disable the OpenWrt DHCP server.
If you use DHCP, you'll simply find the address by looking at your DHCP server's lease table. Many DHCP servers allow you to set a DHCP reservation so that the device always has a known address.

grrr2 · February 28, 2024, 8:40pm

whatever your DHCP will assign.

(just as a reminder

this part specify the physical layout

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'wan'

a config like this will specify the IP addressing part. but IP address can be static or none as well.

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'

)