Hi!
I configured from luci various VLANs and various WLANs, each one on its own VLAN.
After the configuration, everything seemed fine: devices connected to WLAN 1, for example, were getting an ip address in the range of VLAN 1.
The same for WLAN 5, on VLAN 5.
However, after a reboot, even if the settings have not changed, all the devices are just on the VLAN 1 (the default basically).
From luci I can confirm that the settings are the ones I've set, and from ssh:
cat /etc/config/wireless
...
config wifi-iface 'wifinet6'
....
option ssid 'wlan5'
....
option network 'lan5'
In this example, wlan5 is set to lan5 (that is the lan with VLAN 5): this however is not working after a reboot, the devices are still on VLAN 1.
It starts to work if I set from luci wlan5 to lan1, and then wlan5 to lan5 again: then, until a reboot, everything seems fine, even if the wireless config is the same as before.
Any idea about this strange issue?
OpenWRT 23.05!
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
psherman:
ubus call system board
root@OpenWrt:~# ubus call system board
{
"kernel": "5.15.134",
"hostname": "OpenWrt",
"system": "ARMv8 Processor rev 4",
"model": "Zyxel EX5601-T0",
"board_name": "zyxel,ex5601-t0",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.0",
"revision": "r23497-6637af95aa",
"target": "mediatek/filogic",
"description": "OpenWrt 23.05.0 r23497-6637af95aa"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fda7:bd7c:de7f::/48'
config device
option name 'br-lan'
option type 'bridge'
option ipv6 '0'
list ports 'eth1'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan.1'
option proto 'static'
option ipaddr '192.168.1.10'
option netmask '255.255.255.0'
option delegate '0'
option gateway '192.168.1.1'
list dns '192.168.1.2'
config device
option name 'eth0'
option mtu '1492'
config device
option name 'lan4'
option mtu '1492'
config device
option name 'phy1-ap0'
option mtu '1492'
config device
option name 'phy1-ap1'
option mtu '1492'
config device
option name 'phy0-ap0'
option mtu '1492'
option ipv6 '0'
config device
option name 'eth1'
option mtu '1492'
config device
option name 'phy0-ap1'
option mtu '1492'
config device
option name 'phy1-ap2'
option mtu '1492'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'eth1:t'
list ports 'lan4:u*'
config bridge-vlan
option device 'br-lan'
option vlan '5'
list ports 'eth1:t'
config interface 'lan5'
option proto 'static'
option device 'br-lan.5'
option ipaddr '192.168.5.105'
option netmask '255.255.255.0'
option gateway '192.168.5.1'
list dns '192.168.1.2'
config device
option name 'br-lan.5'
option type '8021q'
option ifname 'br-lan'
option vid '5'
option ipv6 '0'
config device
option name 'br-lan.1'
option type '8021q'
option ifname 'br-lan'
option vid '1'
option ipv6 '0'
root@OpenWrt:~# cat /etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/soc/18000000.wifi'
option channel '1'
option band '2g'
option htmode 'HE20'
option cell_density '0'
config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/soc/18000000.wifi+1'
option channel '36'
option band '5g'
option htmode 'HE80'
option cell_density '0'
option country 'IT'
config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid ''
option encryption 'psk2'
option key ''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option skip_inactivity_poll '1'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid ''
option encryption 'psk2'
option key ''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan5'
config wifi-iface 'wifinet4'
option device 'radio1'
option mode 'ap'
option ssid ''
option encryption 'psk2'
option key ''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan5'
config wifi-iface 'wifinet5'
option device 'radio0'
option mode 'ap'
option ssid ''
option encryption 'psk2'
option multicast_to_unicast_all '1'
option key ''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan5'
config wifi-iface 'wifinet6'
option device 'radio0'
option mode 'ap'
option ssid ''
option encryption 'psk2'
option key ''
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'lan5'
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
list dhcp_option '6,192.168.1.2'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'lan5'
option interface 'lan5'
option start '100'
option limit '150'
option leasetime '12h'
option ignore '1'
list dhcp_option ' 6,192.168.1.2'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option input 'REJECT'
option output 'REJECT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'lan'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config zone
option name 'lan5'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option mtu_fix '1'
list network 'lan5'
(One thing that I didn't mention, it's that this device is used as access point)
So this appears to be a dumb AP configuration, correct?
Remove these:
and these:
I'm assuming that VLAN 1 is your management VLAN. As such, you can remove the addresses from VLAN5.
Make it look like this:
config interface 'lan5'
option proto 'none'
option device 'br-lan.5'
Then delete these:
You can optionally remove the lan5 related items from the DHCP and firewall files.
Otherwise, reboot and see if that works properly this time.
Thank you @psherman , this actually seemed to have worked!
So this appears to be a dumb AP configuration, correct?
Correct!
A couple of questions now:
b) why is this happening?
I recommended removing the 802.1q device statements. We kept the bridge-vlan stanzas for VLANs 1 and 5 which is why you still see br-lan.1 and br-lan.5.
robertogl:
why is this happening?
Why is what happening? Are you talking about the fact that the br-lan.x devices are still showing up? If so, that was what I explained above.... in this case we didn't need the 802.1q device statements because the VLANs were already defined.
I'm guessing that you explicitly created the 802.1q devices and the bridge-VLANs... I don't think LuCI generated both of those things without user input (please correct me if I'm wrong).
I was referring to the fact that I did not manually created the 802.11q devices - however, I performed the same steps today starting from scratch and Luci indeed does not create them.
All good, thanks again!
system
January 4, 2024, 6:41pm
9
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
It may seem a stupid question, but I did the configuration from luci so I was expecting to not have this kind of issues. If, for example, the fix was to remove the bt-lan.X devices, I think luci should not create them, right?