Dumb AP, multiple VLANs, no Openwrt switch device

Installing and Using OpenWrt
1

Is this a sane setup? It's working but I have a suspicion this is convoluted and might be solved in an easier way :smiley:

To illustrate my current setup:

openwrt-conf-home
openwrt-conf-home3164×664 143 KB

I want my OpenWRT device (Acer Connect Vero W6m, using 24.10 rc5) to stay on my 'management network', which is untagged on the port connected to my main switch. On the same port I also tag two vlans, 100 and 200, which contains my main wifi and my IoT networks.

I also want to bridge lan1-3 to the main wifi vlan.

Most guides I found used a switch device, and I can't find any switch if swconfig list is a proper oracle. I've instead relied on bridges but I'm not sure this is hardware accelerated or if this is CPU based switching?

My current /etc/config/network looks like this:

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd2b:10c9:ae87::/48'

# not used
config device
        option name 'br-lan'
        option type 'bridge'
        option ipv6 '0'

# lan ports
config device
        option name 'lan1'
        option macaddr 'aa:bb:cc:dd:ee:57'

config device
        option name 'lan2'
        option macaddr 'aa:bb:cc:dd:ee:57'

config device
        option name 'lan3'
        option macaddr 'aa:bb:cc:dd:ee:57'

# uplink/port labeled internet
config device
        option name 'internet'
        option macaddr 'aa:bb:cc:dd:ee:56'

# mgmt network using dhcp
config interface 'uplink'
        option proto 'dhcp'
        option device 'internet'

# vlan100
config device
        option type '8021q'
        option ifname 'internet'
        option vid '200'
        option name 'internet.200'
        option ipv6 '0'

# vlan200
config device
        option type '8021q'
        option ifname 'internet'
        option vid '100'
        option name 'internet.100'
        option ipv6 '0'

# bridge for vlan100
config device
        option type 'bridge'
        option name 'br-100'
        option bridge_empty '1'
        option ipv6 '0'
        list ports 'internet.100'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'

# bridge for vlan200
config device
        option type 'bridge'
        option name 'br-200'
        option bridge_empty '1'
        option ipv6 '0'

config interface 'wifi'
        option proto 'none'
        option device 'br-100'
        option defaultroute '0'

config interface 'iot'
        option proto 'none'
        option device 'br-200'
        option defaultroute '0'

Is this a sane setup or am I missing something?