Make config change -> vxlan adapter vanishes

I notice that if I make a config change such as change the wireless settings or even change any one of the device settings and click on "save & apply" then after the settings have been applied and the new settings loaded the vxlan adapter disappears which necessitates a reboot to bring back the vxlan adapter. To recreate this bug create a vxlan interface and simply make a change to a wireless or interface setting and click "save & apply" then ssh into your access point enter ifconfig and the vxlan adapter has vanished.

Stumped.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

{
        "kernel": "5.15.167",
        "hostname": "x5000r",
        "system": "MediaTek MT7621 ver:1 eco:3",
        "model": "TOTOLINK X5000R",
        "board_name": "totolink,x5000r",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.5",
                "revision": "r24106-10cc5fcd00",
                "target": "ramips/mt7621",
                "description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
        }
}

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option packet_steering '1'
        option ula_prefix 'fd05:c9fa:3401::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'bat0.1'
        list ports 'bat0.4'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'vxlan0.1'
        list ports 'vxlan0.4'
        list ports 'wan'

config interface 'lan'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option device 'br-lan.1'
        option ipaddr '192.168.1.4'
        option gateway '192.168.1.2'
        list dns '192.168.1.2'

config bridge-vlan
        option device 'br-lan'
        option vlan '1'
        list ports 'bat0.1'
        list ports 'lan1:t'
        list ports 'lan2:t'
        list ports 'vxlan0.1'

config bridge-vlan
        option device 'br-lan'
        option vlan '4'
        list ports 'bat0.4'
        list ports 'lan1:t'
        list ports 'lan2:t'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'vxlan0.4'
        list ports 'wan'

config interface 'vlan4'
        option device 'br-lan.4'
        option proto 'none'

config interface 'bat0'
        option proto 'batadv'
        option routing_algo 'BATMAN_IV'
        option aggregated_ogms '1'
        option gw_mode 'server'
        option gw_bandwidth '1000mbit/1000mbit'
        option log_level '0'
        option orig_interval '1000'
        option bridge_loop_avoidance '1'
        option network_coding '0'
        option hop_penalty '30'
        option isolation_mark '0x00000000/0x00000000'

config interface 'nwi_mesh0'
        option mtu '2304'
        option proto 'batadv_hardif'
        option master 'bat0'

config device
        option name 'bat0'

config device
        option type 'bridge'
        option name 'brvx'
        option bridge_empty '1'
        option mtu '1600'

config interface 'vxlan'
        option proto 'static'
        option device 'brvx'
        option ipaddr '10.100.0.1'
        option netmask '255.255.255.0'

config interface 'vxlan0'
        option proto 'vxlan'
        option peeraddr '239.1.1.1'
        option vid '1'
        option rxcsum '0'
        option txcsum '0'
        option ipaddr '10.100.0.1'
        option tunlink 'vxlan'

config device
        option type '8021q'
        option ifname 'vxlan0'
        option vid '1'
        option name 'vxlan0.1'
        option mtu '1450'

config device
        option type '8021q'
        option ifname 'vxlan0'
        option vid '4'
        option name 'vxlan0.4'
        option mtu '1450'

config device
        option name 'vxlan0'
        option mtu '1450'
		

config wifi-device 'radio0'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
        option band '2g'
        option country 'TH'
        option cell_density '3'
        option htmode 'HE40'
        option channel '5'
        option txpower '17'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option ssid ''
        option ieee80211r '1'
        option ft_psk_generate_local '1'
        option ft_over_ds '0'
        option macaddr 'random'
        option ieee80211k '1'
        option bss_transition '1'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0+1'
        option band '5g'
        option htmode 'HE80'
        option country 'TH'
        option cell_density '0'
        option channel '161'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option encryption 'psk2+ccmp'
        option ssid ''
        option ieee80211r '1'
        option ft_over_ds '0'
        option ft_psk_generate_local '1'
        option macaddr 'random'
        option ieee80211k '1'
        option bss_transition '1'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option ssid ''
        option network 'vlan4'
        option ieee80211r '1'
        option ft_psk_generate_local '1'
        option ft_over_ds '0'
        option macaddr 'random'
        option ieee80211k '1'
        option bss_transition '1'

config wifi-iface 'wifinet3'
        option device 'radio1'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option ssid ''
        option network 'vlan4'
        option ieee80211r '1'
        option ft_psk_generate_local '1'
        option ft_over_ds '0'
        option macaddr 'random'
        option ieee80211k '1'
        option bss_transition '1'

config wifi-iface 'wifinet8'
        option device 'radio1'
        option mode 'ap'
        option encryption 'psk2+ccmp'
        option wpa_disable_eapol_key_retries '1'
        option wds '1'
        option ssid ''
        option key ''
        option network 'nwi_mesh0'
        option macaddr 'random'
        option disassoc_low_ack '0'

config wifi-iface 'wifinet6'
        option device 'radio0'
        option mode 'ap'
        option ssid ''
        option encryption 'psk2+ccmp'
        option wds '1'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option network 'nwi_mesh0'
        option macaddr 'random'
        option disassoc_low_ack '0'
        option disabled '1'

config wifi-iface 'wifinet7'
        option device 'radio0'
        option mode 'mesh'
        option encryption 'sae'
        option key ''
        option network 'nwi_mesh0'
        option macaddr 'random'
        option mesh_id ''
        option mesh_fwding '0'
        option mesh_rssi_threshold '0'
        option disabled '1'

config wifi-iface 'wifinet10'
        option device 'radio1'
        option mode 'mesh'
        option encryption 'sae'
        option mesh_id ''
        option mesh_fwding '0'
        option mesh_rssi_threshold '0'
        option key ''
        option network 'nwi_mesh0'
        option disabled '1'

config wifi-iface 'wifinet11'
        option device 'radio1'
        option mode 'ap'
        option ssid ''
        option encryption 'psk2'
        option key ''
        option wpa_disable_eapol_key_retries '1'
        option network 'vxlan'
        option macaddr 'random'
		
config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option nonwildcard '1'
        option localservice '1'
        option ednspacket_max '1232'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option dhcpv6 'server'
        option ra 'server'
        list ra_flags 'managed-config'
        list ra_flags 'other-config'
        option ignore '1'
        option dynamicdhcp '0'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'
		
config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option flow_offloading '1'
        option flow_offloading_hw '1'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'bat0'
        list network 'nwi_mesh0'
        list network 'vxlan'
        list network 'vxlan0'

config zone
        option name 'wan'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option input 'DROP'
        option forward 'DROP'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

config zone
        option name 'vlan4'
        option output 'ACCEPT'
        option input 'REJECT'
        option forward 'REJECT'
        list network 'vlan4'

config forwarding
        option src 'lan'
        option dest 'vlan4'

config forwarding
        option src 'vlan4'
        option dest 'wan'
		

Probably not related to your problem, but this is invalid. Have you edited out the actual value? If so there is no actual need from a security point of view. Just wondering.

The big question is what are you trying to achieve using vxlan?

The vxlan package is designed to provide an ethernet-equivalent point to multi-point layer 2 network tunnel on top of an existing layer 3 network, regardless of the underlying media type.

A simple 802.11s mesh backhaul is of course running over wireless and does not support vlans, so yes you might consider vxlan to provide a point to multi-point vlan trunk. The Mesh11sd package does this.

I see you are using BATMAN. This is another, older mesh management system that provides its own "vlan-trunking" functionality. So in this case, why do you need vxlan?

The OpenWrt vxlan support in /uci/config and in Luci, is quite old and to be honest is outdated and buggy. It works after a fashion but has many problems, not least it does not support ipv6.
I have been considering doing a PR to update it, but finding the time to do so is difficult.

If you can describe why you think you need vxlan, it will very likely lead to some constructive suggestions!

I will comment further for both your interest and
One particular point to make note of is that vxlan requires the ip-full package to work correctly, but it is not a dependency.

The latest incarnation of vxlan support is built into the kernel. Current Luci or UCI config no longer supports all the required parameters, but like I said it works after a fashion, if you are lucky.

So currently you have to configure manually via a script.
Typically it would look something like this, for a default ipv6 config (ipv4 wont work properly for point to multi-point because it depends on multicast that is by default disabled for ipv4):

	ip -6 link add "vxlan$tun_id" \
		address "$vxmac_indexed" \
		type vxlan \
		id "$tun_id" \
		dstport 4789 \
		local "$link_local_addr" \
		group "ff02::$tun_id" \
		dev "$device" \
		ttl 5

	ip link set "vxlan$tun_id" up

Required parameters are:

1. tun_id the id number of the vxlan tunnel
2. dstport the port number to use for the tunnel comms
3. local the link local address of the vxlan node being configured
4. group the vxlan group multicast address to use
5. device the bridge device used to carry this vxlan tunnel
6. ttl the time to live for tunnel connections if no traffic is received

As you can see, this does not look anything like the uci config.
see: openwrt vxlan

I need to use VXLAN on DDWRT because I have a mixture of openwrt and DDWRT devices as APs and have VLANs going over WIFI.

Back to the original problem however, there seems to be a bug in OpenWRT where making a change to settings and clicking "save & apply" causes the VXLAN adapter to vanish. Other tunnel adapter such as batmanadv have no issues and come back up after applying new settings. Kind of strange to me and looks like a bug.

testing again and to be precise this bug happens when changing the MTU settings of the VXLAN device. Even /etc/init.d/network restart fails to bring up the VXLAN adapter.

to reproduce the bug:

1. go to devices and change the MTU settings in the VXLAN adapter
2. click save and apply
3. VXLAN adapter vanishes
4. /etc/init.d/network restart
5. still no VXLAN adapter
6. reboot
7. VXLAN adapter reappears

I know this thread is kind of old, but is there some dependency for ip to support vxlan? When I try to add a vxlan device using ip link add command, I get Unknown device type.

Command I entered:

ip link add "vxlan100" type vxlan id "100" dev "lan0" remote "192.168.3.2" local "192.168.3.1" dstport 4789

remove the double-quotes

Still got the same error with double quotes removed

syntax is ok

opkg install vxlan
Installing vxlan (7) to root...
Downloading https://downloads.openwrt.org/releases/24.10.0/packages/x86_64/base/vxlan_7_all.ipk
Installing kmod-iptunnel (6.6.73-r1) to root...
Downloading https://downloads.openwrt.org/releases/24.10.0/targets/x86/64/kmods/6.6.73-1-a21259e4f338051d27a6443a3a7f7f1f/kmod-iptunnel_6.6.73-r1_x86_64.ipk
Installing kmod-udptunnel4 (6.6.73-r1) to root...
Downloading https://downloads.openwrt.org/releases/24.10.0/targets/x86/64/kmods/6.6.73-1-a21259e4f338051d27a6443a3a7f7f1f/kmod-udptunnel4_6.6.73-r1_x86_64.ipk
Installing kmod-udptunnel6 (6.6.73-r1) to root...
Downloading https://downloads.openwrt.org/releases/24.10.0/targets/x86/64/kmods/6.6.73-1-a21259e4f338051d27a6443a3a7f7f1f/kmod-udptunnel6_6.6.73-r1_x86_64.ipk
Installing kmod-vxlan (6.6.73-r1) to root...
Downloading https://downloads.openwrt.org/releases/24.10.0/targets/x86/64/kmods/6.6.73-1-a21259e4f338051d27a6443a3a7f7f1f/kmod-vxlan_6.6.73-r1_x86_64.ipk
Configuring kmod-iptunnel.
Configuring kmod-udptunnel4.
Configuring kmod-udptunnel6.
Configuring kmod-vxlan.
Configuring vxlan.

ip link add vxlan100 type vxlan id 100 dev lan0 remote 192.168.3.2 local 192.168.3.1 dstport 4789

ip a

6: vxlan100: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether ba:41:68:58:aa:36 brd ff:ff:ff:ff:ff:ff

Thanks for the confirmation!
I had successfully added the vxlan device after upgrading to v25.12.1 and reinstalling all the necessary packages.