Is VID2 special ? (WLAN+VLAN bridge)

undef · September 30, 2020, 9:25am

Hi,

I've been trying to make sense of this (apparent) discrepancy in behaviour between two basically the same configs with different behaviour - stanzas are copy/paste with only one real difference. Device is a xiaomi mini freshly updated to 19.04.

I want to bridge an AP into a VLAN. port 4 (previously 'WAN') is my trunk. port 6 is the cpu - i'm using the two other physical ports to keep access to the device while playing around , they're not part of this.

note that wlan1-1 is mentioned in ifname for MGMT, but not for MGMT2.

config/network snippet:

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '6t 4t'
	option vid '2'

config interface 'MGMT'
	option proto 'static'
	option ifname 'eth0.2 wlan1-1'
	option type 'bridge'
	option ipaddr '10.0.2.2'
	option netmask '255.255.255.0'
	option delegate '0'
	option gateway '10.0.2.1'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option ports '6t 4t'
	option vid '4'

config interface 'MGMT2'
	option proto 'static'
	option ifname 'eth0.4'
	option type 'bridge'
	option ipaddr '10.0.4.2'
	option netmask '255.255.255.0'
	option delegate '0'
	option gateway '10.0.4.1'

config/wireless snippet:

config wifi-iface 'wifinet2'
	option ssid 'test_2'
	option encryption 'psk2'
	option device 'radio1'
	option mode 'ap'
	option key 'secret'
	option network 'MGMT'

config wifi-iface 'wifinet4'
	option ssid 'test_4'
	option encryption 'psk2'
	option device 'radio1'
	option mode 'ap'
	option key 'secret'
	option network 'MGMT2'

If I understood the docs, then specifying network is the preferred way to bridge the AP into the VLAN (as opposed to specifying the wlan device in the bridge/ifname).

this works fine for vid4 but on the vlan with vid2 i need to explicitly add wlan1-1 to make it work. otherwise i get
DHCP packet received on wlan1-1 which has no address and devices cannot connect.

what am I not seeing? (I do have a working config - just trying to learn

thanks!

pwned · September 30, 2020, 2:48pm

Usually vid2 is used for WAN interface. I don't know if there are scripts/programs rely on this. Same for vid1. It's usually a "special" vid on any router or switch.
Why not using anything higher then 2? Is there a need to use them? You have 4096 vids available.

Beside that the whole network and dhcp config would help to see what is going on. I would guess there is sth. wrong in dhcp config.

undef · September 30, 2020, 8:11pm

thanks for the reply, so yeah there is no specific reason other than curiosity how the system works. That said, it seems that the MGMT/vid2 wlan is plain unstable and i'm indeed just going to use a different VID.

for completeness sake, here's my dhcp config, it's all disabled (except for my backup "lan") as DHCP is served from my main router.

config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'

config dhcp 'MGMT'
        option interface 'MGMT'
        option ignore '1'

config dhcp 'MGMT2'
        option interface 'MGMT2'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

pwned · September 30, 2020, 10:44pm

I'm missing the lines from standard config:

config dhcp 'wan'
    option interface 'wan'
    option ignore '1'

Did you delete WAN interface accordingly? So it might be not ignored because Dnsmasq is listening on all interfaces by default. In addition to that I assume that vid2 is not a good choice because I'm sure that there are things hardcoded for wan fitting on device' hardware design.
Just try another vid and see what happen.

undef · October 1, 2020, 7:22am

hi pwned, yes there's indeed no wan interface definition.
But maybe I wasn't clear: i do have a working setup.

I was just curious what caused the discrepancy between VLAN2 and the higher numbered VLANs. But again, with that discrepancy in the configs taken into account everything works fine.

eduperez · October 1, 2020, 11:10am

Your config files seem all correct, and I would also expect it to work as you explained. I would think this is a bug.

system · October 11, 2020, 11:10am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.