I have a setup running as follows: APU2 (router) - HP switches - UniFi access points. There is a wireless guest network running on VLAN 20 (10.0.1.x subnet). That worked well with 17.01. It seems, by upgrading to 18.06, something broke. I am using unbound as DNS server, but since it works just fine for the regular LAN/WLAN, that should not be any issue.
Symptoms:
- Clients do not obtain an IP
- Clients with a static IP are unable to ping the DHCP server (10.0.0.1) on the APU2.
- DHCP server on 10.0.0.1 is not seeing any requests come in.
Interface on router:
config interface 'guest'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '10.0.1.1'
option ifname 'eth1.20'
Interface on AP:
config interface 'guest'
option type 'bridge'
option ifname 'eth0.20'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '10.0.1.12'
option gateway '10.0.1.1'
option dns '10.0.1.1'
config switch_vlan
option device 'switch0'
option vlan '20'
option ports '2t 0t'
config wifi-iface
option device 'radio1'
option network 'guest'
option mode 'ap'
option ssid 'Guest'
option encryption 'psk2+ccmp'
Firewall on router:
config zone
option name 'guest'
list network 'guest'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
config forwarding
option dest 'wan'
option src 'guest'
config rule
option src 'guest'
option dest_port '53'
option proto 'tcpudp'
option target 'ACCEPT'
config rule
option src 'guest'
option src_port '67-68'
option dest_port '67-68'
option proto 'udp'
option target 'ACCEPT'
Dnsmasq is listening on all interfaces:
# netstat -puntal|grep 67
udp 0 0 0.0.0.0:67 0.0.0.0:* 2652/dnsmasq
Any pointers on how to find out where packets get lost? Logread only shows DHCP requests for the regular 10.0.0.x subnet. Nothing for 10.0.1.x.