Guest Wifi on a 802.11s network with working ethernet ports for LAN network

I have network setup as described in :slight_smile: Guest network over wifi mesh - #5 by psherman.

For some reason node1 is not giving out DHCP responses only on the physical ethernet port(lan). Everywhere else(wifi and node2 lan port/node 3 lan port) DHCP requests are being served.
What I have noticed is that eth1.1 does not show up in node1 ifconfig output.
Also if I Wireshark the traffic from eth1, I see DHCP discover showing up from the device connected to the eth1 physical port, but that DHCP request does not read br-lan (as per Wireshark analysis).

I am not really able to figure out why... any clues ?

Are you willing to share your config so we can assist you?

cat /etc/config/wireless

cat /etc/config/network

For easier reading, repasting my network diagram:

Currently my setup is:

- ISP-Modem<----ethernet------>node1(OpenWrt)<----802.11s---->node2(OpenWrt)<---802.11s(OpenWrt)
- node1 is the router and node2/3 are dump APs.
- node1 currently has a guest network going which is setup as per https://openwrt.org/docs/guide-user/network/wifi/guestwifi/configuration_webinterface

A little update here. I also later realized(after starting this thread) that node3(the other end of the tunnel for the guest network was also not able to vend out IP addresses(sometimes) on it's eth1 port. Also devices connected to the guest network were not really getting good internet(choppy, disconnects sometimes).
The main network which is basically WIFI over lan interface works perfect.
So, in order for me to be able to use ethernet devices and also not get tricked by a bad internet connection on the guest network, I have just deleted the GRE setup and just have simple guest network setup on node1.(so yea I don't have guest across the house but I am make doing with it.)

My config right now is below. It works perfect. But yes I want to get to roaming guest wifi on all nodes. So I think the question that I now have is what's the diff in the below configs that I need to get there ?

The tunnel described https://www.youtube.com/watch?v=WIKwOPwtTJU works as is but ethernet ports on the nodes that have the tunnel interface stop working which is what I want to solve!(And I think that setup also to do something with sloppy guest network internet, which is the other problem)
node1 /etc/config/network


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix REDACTED

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth1'
	list ports 'eth1.1'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'

config device
	option name 'br-wan'
	option type 'bridge'
	list ports 'eth0'
	list ports 'eth0.2'

config interface 'wan'
	option device 'br-wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'br-wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '2 0t'

config device
	option type 'bridge'
	option name 'br-guest'
	option bridge_empty '1'

config interface 'guest'
	option proto 'static'
	option device 'br-guest'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option defaultroute '0'

config device
	option type 'bridge'
	option name 'br-cam'
	option bridge_empty '1'

config interface 'cam'
	option proto 'static'
	option device 'br-cam'
	option ipaddr '192.168.3.1'
	option netmask '255.255.255.0'
	option defaultroute '0'

/etc/config/wireless on node1

config wifi-device 'radio0'
	option type 'mac80211'
	option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
	option channel '9'
	option band '2g'
	option htmode 'HT20'
	option country 'US'
	option txpower '15'
	option cell_density '0'

config wifi-iface 'default_radio0'
	option device 'radio0'
	option network 'cam'
	option mode 'ap'
	option ssid 'Camera'
	option encryption 'sae-mixed'
	option key 'REDACTED'
	option ieee80211r '1'
	option disabled '0'
	option ft_over_ds '0'

config wifi-device 'radio1'
	option type 'mac80211'
	option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
	option channel '161'
	option band '5g'
	option htmode 'VHT80'
	option country 'US'
	option txpower '23'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'LAN-NETWORK'
	option encryption 'sae-mixed'
	option key 'REDACTED'
	option ieee80211r '1'

config wifi-device 'radio2'
	option type 'mac80211'
	option path 'soc/1b900000.pci/pci0002:00/0002:00:00.0/0002:01:00.0'
	option channel '161'
	option band '5g'
	option htmode 'VHT80'
	option disabled '1'
	option country 'US'

config wifi-iface 'default_radio2'
	option device 'radio2'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

config wifi-iface 'mesh0'
	option device 'radio1'
	option mode 'mesh'
	option encryption 'sae'
	option key 'REDACTED'
	option disabled '0'
	option network 'lan'
	option mesh_id 'meshid'
	option mesh_fwding '1'

config wifi-iface 'wifinet4'
	option device 'radio1'
	option mode 'ap'
	option ssid 'Guest5'
	option encryption 'sae-mixed'
	option key 'REDACTED'
	option ieee80211r '1'
	option mobility_domain 'abcd'
	option ft_over_ds '0'
	option network 'guest'

config wifi-iface 'wifinet5'
	option device 'radio0'
	option mode 'ap'
	option ssid 'Guest2'
	option encryption 'sae-mixed'
	option key 'REDACTED'
	option network 'guest'

/etc/config/network on node2(node3 is also very similar so I am not gonna post that)


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdac:36c8:7932::/48'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth1'
	list ports 'eth1.1'

config interface 'lan'
	option device 'br-lan'
	option proto 'dhcp'

config device
	option name 'br-wan'
	option type 'bridge'
	list ports 'eth0'
	list ports 'eth0.2'

config interface 'wan'
	option device 'br-wan'
	option proto 'dhcp'

config interface 'wan6'
	option device 'br-wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '2 0t'

/etc/config/wireless on node2(node3 is very similar)


config wifi-device 'radio0'
	option type 'mac80211'
	option path 'soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
	option channel '9'
	option band '2g'
	option htmode 'HT20'
	option disabled '1'
	option country 'US'
	option txpower '15'

config wifi-device 'radio1'
	option type 'mac80211'
	option path 'soc/1b700000.pci/pci0001:00/0001:00:00.0/0001:01:00.0'
	option channel '161'
	option band '5g'
	option htmode 'VHT80'
	option country 'US'
	option txpower '23'
	option cell_density '0'

config wifi-iface 'default_radio1'
	option device 'radio1'
	option network 'lan'
	option mode 'ap'
	option ssid 'LAN-NETWORK'
	option encryption 'sae-mixed'
	option key 'REDACTED!'
	option ieee80211r '1'

config wifi-device 'radio2'
	option type 'mac80211'
	option path 'soc/1b900000.pci/pci0002:00/0002:00:00.0/0002:01:00.0'
	option channel '161'
	option band '5g'
	option htmode 'VHT80'
	option disabled '1'
	option country 'US'

config wifi-iface 'default_radio2'
	option device 'radio2'
	option network 'lan'
	option mode 'ap'
	option ssid 'OpenWrt'
	option encryption 'none'

config wifi-iface 'mesh0'
	option device 'radio1'
	option mode 'mesh'
	option encryption 'sae'
	option key 'REDACTED
	option disabled '0'
	option network 'lan'
	option mesh_id 'meshid'
	option mesh_fwding '1'

also the config that did not work:
node1 and node3 both had this(the ip address were swapped)

config interface 'trunk'
	option proto 'gretap'
	option force_link '1'
	option peeraddr '192.168.1.226'
	option ipaddr '192.168.1.1'
	option tunlink 'lan'
	option df '0'
	option defaultroute '0'

config interface 'guest'
	option proto 'static'
	option device 'br-guest'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option defaultroute '0'


config device
	option type 'bridge'
	option name 'br-guest'
	option bridge_empty '1'
	list ports '@trunk.2'

And then there was wifi over br-guest on both sides and node3 guest interface was DHCP client mode.

I basically tried to configure the tunnel again to get guest network across my house. I am still hitting the problem that the LAN port on the router node(node1) is not working but all other lan ports on all other nodes do work.
I have ruled out any hardware issues by using the exact same lan port to upload backed up config files after a hard reset. That port seems to work and I was able to use Luci over that port to do the config flashing.

I see this in dmesg:

[  894.288574] br-lan: port 2(eth1.1) entered disabled state

This might be useful. Rebooting will 10% of the times fix the problem but I have pretty much stopped using that port. I would like to though.
Thanks in advance for any help.