Guest Wifi - Failing when 2nd radio added

I have a TP-Link Archer C6 which I have just loaded OpenWRT on to - so far enjoying learning a bit more about networking.

The router has both a 2.4GHz and a 5GHz radio. Out of the box, setting the default wireless up works fine (on the LAN bridge that is set from default), my devices will pick between whichever frequency suits them best.

The first thing I'd like to do is create a guest network. I followed the Guest Network setup from the wiki and this seems to work fine if I only set this up for ONE of my radios. As soon as I set the same network up on the 2nd radio, and connect something to it, all of a sudden DHCP stops working on on both the 2.4 and 5 GHz SSIDs, and my devices start getting link-local IP addresses and can no longer access the internet.

In the logs, I can see: Sun Nov 20 09:20:09 2022 daemon.warn dnsmasq-dhcp[1]: DHCP packet received on wlan0-1 which has no address

Does anyone have any experience with this?

Thanks!

/etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option packet_steering '1'
	option ula_prefix 'fd91:425d:fe9b::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ip6assign '60'
	option ipaddr '192.168.0.1'
	option netmask '255.255.254.0'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'
	option clientid 'redacted'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'
	option clientid 'redacted'

config interface 'GUEST'
	option proto 'static'
	option ipaddr '192.168.30.1'
	option netmask '255.255.255.0'

/etc/config/wireless

config wifi-device 'radio0'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
	option channel '1'
	option band '2g'
	option htmode 'HT20'
	option cell_density '0'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'lan'
	option mode 'ap'
	option ssid 'MAINssid'
	option encryption 'sae-mixed'
	option key 'redacted'

config wifi-device 'radio1'
	option type 'mac80211'
	option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
	option channel '36'
	option band '5g'
	option htmode 'VHT80'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'MAINssid'
	option encryption 'sae-mixed'
	option key 'redacted'

config wifi-iface 'wifinet2'
	option device 'radio0'
	option mode 'ap'
	option ssid 'GUESTssid'
	option encryption 'sae-mixed'
	option network 'GUEST'
	option key 'redacted'

config wifi-iface 'wifinet3'
	option device 'radio1'
	option mode 'ap'
	option ssid 'GUESTssid'
	option encryption 'sae-mixed'
	option key 'redacted'
	option network 'GUEST'

/etc/config/dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
	option localservice '1'
	option ednspacket_max '1232'
	option domain 'myhome.domain'

config dhcp 'lan'
	option interface 'lan'
	option leasetime '12h'
	option dhcpv4 'server'
	option dhcpv6 'server'
	option ra 'server'
	list ra_flags 'managed-config'
	list ra_flags 'other-config'
	option start '256'
	option limit '249'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config dhcp 'GUEST'
	option interface 'GUEST'
	option leasetime '12h'
	option start '2'
	option limit '249'

Have you set up a DHCP server for your guest network? You're not sharing /etc/config/dhcp so it's hard to tell.

1 Like

Sorry, I will update my post with the config but yes, there is a DHCP server - the guest network works completely fine (getting DHCP lease and internet) until I add the 2nd radio SSID on to the guest network and hook a device on to it

Try creating a dummy bridge device:

config device
        option name 'br-guest'
        option type 'bridge'
        option bridge_empty '1'

config interface 'GUEST'
	   option proto 'static'
	   option ipaddr '192.168.30.1'
	   option netmask '255.255.255.0'
	   option device 'br-guest'

Verify that both wireless interfaces are members of the bridge using brctl show br-guest.

1 Like

Thank you! That seems to have done it (though I needed to fully reboot for things to kick in - restarting interfaces didn't quite do it).

Might I ask why this would need to be done (making a bridge)?

When you create a guest interface without specifying a device, the interface remains down until you enable at least one of the wireless networks attached to it.

After enabling all wireless networks, only one of the wireless interfaces is used as a device.

image

I couldn't be so sure before testing it first, but I believe dnsmasq only listens on that interface.

Creating a bridge device causes dnsmasq to listen on the bridge guest interface (which is always up) and serve all bridged wifi interfaces.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.