- 4.14.160 (19.07) <> 4.19.91 (master)
- iproute2-ss5.0.0-2.1-openwrt (19.07) <> iproute2-ss5.4.0-1-openwrt (master)
- CPU downstream ports (br-lan & enslaved lan ports) are set with PVID Egress Untagged
instance settings are as identical as possible (can be expected) between the two, incl. CONFIG_BRIDGE_VLAN_FILTERING=y
calling ip l s dev br-lan ty bridge vlan_filtering 1
- 4.14 instance does not drop all ingress traffic, and is the expected outcome
- 4.19 instance drops all ingress traffic, and is not the expected outcome
tcpdump on the enslaved lan port does not show any ingress traffic at all after vlan_filtering is set in motion, e.g. no DHCP from connected clients, but only some ARP egress.
That is all rather somewhat curious and I have been doing an extensive search of public resources in a quest to find the cause, notwithstanding a remedy but came up short and thus hoping for input in the forum.