Please redirect me to an appropriate Topic if I am duplicating anything.
I am trying to implement multiple VLANS to separate devices at home and am failing to get Wifi devices to operate when the WLAN is configured to use a VLAN.
I have 3 Belkin RT3200 and a Linksys 610N access points installed with OPENWRT 22.03 RC6.
1 RT3200 is used as Internet Gateway and the other devices are configured as Dumb Access points.
All dumb access points are connected to the internet gateway via Ethernet cables.
I have all working well but without VLANs including 802.11r on my Wifi setup.
For the purpose of this discussion I will only consider the RT3200 as the Linksys is not compatible with DSA and would make the Topic more complex.
Disclamer, I am really not comfortable with the configuration files so everything here has been configured via LUCI following various guides on Openwrt site as well as Youtube tutorials from onmarcfifty and others. I have also read multiple times the OPENWRT DSA Mini-Tutorial as well as the OPENWRT Converting to DSA and a bunch of related articles.
After countless trial and errors I have tried to reduce my problem to the simplest config I can think of on one of the RT3200 dumb access points.
Initial Config on the dumb access point with no VLAN :
- No WAN & WAN6 interface.
- The original LAN interface connected to the original bridge device br-lan
- Ports (LAN[1-4}+WAN) are bridged by device br-lan
- LAN Interface get an IP Address from the Internet gateway via a ethernet cable connected to the WAN Port
- wlan0 is configured on Network lan
- My Mac can connect on both LAN1 via ethernet cable and Wifi.
- DHCP, DNS and Firewall are turned off on the dumb access point and IP address and DNS resolution is done by the Internet gateway
All work well and I can access internet and the device from both LAN1 and Wifi.
To simplify as much as possible my config I created an internal VLAN 100 on the Dumb access point to limit the scope of the problem and try to understand what I am doing wrong :
a) I enabled VLAN filtering on Device br-lan
b) The wan port is set to untagged egress and Primary VLAN ID on VLAN 100 to ensure that all packets egress are sent untagged to the internet gateway and all ingress packets are tagged VLAN 100
c) LAN1 port is set to untagged egress and Primary VLAN ID on VLAN 100 to ensure that all packets egress are sent untagged to the Mac and all ingress packets are tagged VLAN 100
d) LAN interface is attached to br-lan.100.
So over Ethernet:
[Mac-Eth port]<-Untagged->[LAN1<->VLAN100-LAN Interface-VLAN100<->WAN]<Untagged->[Int gw]
Over Wifi:
[Mac-Wifit]<-Untagged->[wlan0<->VLAN100-LAN Interface-VLAN100<->WAN]<Untagged->[Int gw]
Once the configuration is applied, I can access the internet and the device using LAN1 port, However while I can connect to the Wifi interface I will not get a DHCP address from the internet gateway and thus can't access internet or the device.
As soon as I delete the VLAN and set the LAN Interface on br-lan wifi get an IP address and all is fine.
My understanding is that as all is working fine when connected to port LAN ,and transiting via VLAN 100, the wlan should operate as well, so either I am missing something obvious or the connection of the wlan to an interface connected to a VLAN is broken, probably unlikely :
Any idea what I might do wrong ?
Let me know more info are needed or if some pics or screen shots would make this easier to understand.