yancho
August 7, 2024, 10:48pm
1
Hi all
am trying to do this setup:
(Works)
openwrt1 offers 2 vlans over wifi (vlan 2 and 51) each via a wifi attached to the vlan.
openwrt2 connects to each of these wifis, and is able to get an IP on both vlans.
(Doesn't work)
I want openwrt2 to offer: vlan 2 on ethernet 1,2 and vlan51 on wifi (named TestNetwork) and ethernets 3,4. This is the current config, which is not exactly working. When I join the wifi offered by openwrt2 (TestNetwork), or any ethernet port, I do not get an IP on either vlans (presumably not being tagged)
any help is extremely appreciated
Pasting /etc/config/network ; /etc/config/firewall ; /etc/config/wireless:
root@openwrtMA:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdc3:9b9b:45e4::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.151.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wwan'
option proto 'dhcp'
config interface 'repeater_bridge'
option proto 'relay'
option ipaddr '192.168.51.15'
list network 'lan'
list network 'wwan'
list network 'wwanvlan2'
config interface 'wwanvlan2'
option proto 'dhcp'
config device
option name 'lan4'
config device
option type '8021q'
option ifname 'phy1-sta0'
option vid '51'
option name 'wwan.51'
config device
option type 'bridge'
option name 'br_51'
list ports 'lan3'
list ports 'lan4'
list ports 'wwan.51'
config device
option type '8021q'
option ifname 'phy1-sta1'
option vid '2'
option name 'wwan2.2'
config device
option type 'bridge'
option name 'br_vlan2'
list ports 'lan1'
list ports 'lan2'
list ports 'wwan2.2'
config interface 'iface_vlan2'
option proto 'none'
option device 'br_vlan2'
config interface 'iface_vlan51'
option proto 'none'
option device 'br_51'
root@openwrtMA:/etc/config# cat firewall
config defaults
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'lan'
list network 'wwan'
list network 'wwanvlan2'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config zone
option name 'fw_2'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'iface_vlan2'
config zone
option name 'fw51'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
list network 'iface_vlan51'
root@openwrtMA:/etc/config# cat wireless
config wifi-device 'radio0'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '1'
option band '2g'
option htmode 'HT20'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option channel '36'
option band '5g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'wifinet0'
option device 'radio1'
option mode 'sta'
option network 'wwan'
option ssid 'MPBridge'
option encryption 'sae'
option key '######'
config wifi-iface 'wifinet1'
option device 'radio1'
option mode 'ap'
option ssid 'TestNetwork'
option encryption 'psk2'
option isolate '1'
option key '####'
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'wwanvlan2'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'sta'
option network 'wwanvlan2'
option ssid 'VLAN2Bridge'
option encryption 'sae'
option key '#######'
brada4
August 7, 2024, 10:58pm
2
Wifi does not encode vlans.
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </>
" button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/dhcp
1 Like
At the same time? You have two STAs defined on the same "radio1", that is not supposed to work simultaneously...
1 Like
yancho
August 8, 2024, 6:52am
4
root@openwrtMA:~# ubus call system board
{
"kernel": "5.15.162",
"hostname": "openwrtMA",
"system": "MediaTek MT7621 ver:1 eco:4",
"model": "Cudy WR1300 v3",
"board_name": "cudy,wr1300-v3",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.4",
"revision": "r24012-d8dd03c46f",
"target": "ramips/mt7621",
"description": "OpenWrt 23.05.4 r24012-d8dd03c46f"
}
}
root@openwrtMA:~#
root@openwrtMA:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
root@openwrtMA:~#
yancho
August 8, 2024, 7:04am
5
this is my network diagram, in case my description was not clear enough what I'd like to achieve
yancho
August 8, 2024, 9:07am
6
Not sure if this helps. I tried to do some further configurations, but now lost the connection between OpenWrt2 to OpenWrt1 via the VLAN2Bridge Wifi:
root@openwrtMA:~# route -e
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
default 192.168.51.1 0.0.0.0 UG 0 0 0 phy1-sta0
192.168.51.0 * 255.255.255.0 U 0 0 0 phy1-sta0
192.168.151.0 * 255.255.255.0 U 0 0 0 wan
root@openwrtMA:~# nslookup google.com
Server: 127.0.0.1
Address: 127.0.0.1:53
Non-authoritative answer:
Name: google.com
Address: 142.250.203.238
Non-authoritative answer:
Name: google.com
Address: 2a00:1450:4006:800::200e
root@openwrtMA:~# ping google.com
PING google.com (142.250.203.238): 56 data bytes
^C
--- google.com ping statistics ---
9 packets transmitted, 0 packets received, 100% packet loss
root@openwrtMA:~# ifconfig
br_51 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet6 addr: fe80::82af:caff:fe1f:65c8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7737 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2599632 (2.4 MiB) TX bytes:746 (746.0 B)
br_vlan2 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet6 addr: fe80::82af:caff:fe1f:65c8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:746 (746.0 B)
eth0 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet6 addr: fe80::82af:caff:fe1f:65c8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1504 Metric:1
RX packets:7737 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2738898 (2.6 MiB) TX bytes:2504 (2.4 KiB)
Interrupt:21
lan1 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lan2 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lan3 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7737 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2599632 (2.4 MiB) TX bytes:746 (746.0 B)
lan4 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:104 errors:0 dropped:0 overruns:0 frame:0
TX packets:104 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9499 (9.2 KiB) TX bytes:9499 (9.2 KiB)
phy1-ap0 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet6 addr: fe80::82af:caff:fe1f:65ca/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:1208 (1.1 KiB)
phy1-sta0 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet addr:192.168.51.15 Bcast:192.168.51.255 Mask:255.255.255.0
inet6 addr: fe80::80af:caff:fe1f:65ca/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1865 errors:0 dropped:0 overruns:0 frame:0
TX packets:8290 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:325080 (317.4 KiB) TX bytes:3022816 (2.8 MiB)
phy1-sta1 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet6 addr: fe80::84af:caff:fe1f:65ca/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9980 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3595387 (3.4 MiB) TX bytes:2094 (2.0 KiB)
wan Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
inet addr:192.168.151.1 Bcast:192.168.151.255 Mask:255.255.255.0
inet6 addr: fdc3:9b9b:45e4::1/60 Scope:Global
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:21
wwan.51 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:7729 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:2705150 (2.5 MiB)
wwan2.2 Link encap:Ethernet HWaddr 86:AF:ZZ:ZZ:ZZ:ZZ
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:746 (746.0 B)
root@openwrtMA:/etc/config# cat network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdc3:9b9b:45e4::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'wan'
option proto 'static'
option ipaddr '192.168.151.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wwan'
option proto 'dhcp'
config interface 'repeater_bridge'
option proto 'relay'
option ipaddr '192.168.51.15'
list network 'iface_vlan2'
list network 'iface_vlan51'
list network 'wwan'
list network 'wwanvlan2'
config interface 'wwanvlan2'
option proto 'dhcp'
config device
option name 'lan4'
config device
option type '8021q'
option ifname 'phy1-sta0'
option vid '51'
option name 'wwan.51'
config device
option type 'bridge'
option name 'br_51'
list ports 'lan3'
list ports 'lan4'
list ports 'wwan.51'
config device
option type '8021q'
option ifname 'phy1-sta1'
option vid '2'
option name 'wwan2.2'
config device
option type 'bridge'
option name 'br_vlan2'
list ports 'lan1'
list ports 'lan2'
list ports 'wwan2.2'
config interface 'iface_vlan2'
option proto 'none'
option device 'br_vlan2'
config interface 'iface_vlan51'
option proto 'none'
option device 'br_51'
root@openwrtMA:/etc/config# cat wireless
config wifi-device 'radio0'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '1'
option band '2g'
option htmode 'HT20'
option disabled '1'
config wifi-device 'radio1'
option type 'mac80211'
option path '1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0'
option channel '36'
option band '5g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'wifinet0'
option device 'radio1'
option mode 'sta'
option network 'wwan'
option ssid 'MPBridge'
option encryption 'sae'
option key 'xxxxxxxxxxxxxxx'
config wifi-iface 'wifinet1'
option device 'radio1'
option mode 'ap'
option ssid 'TestNetwork'
option encryption 'psk2'
option isolate '1'
option key 'xxxxxxxxx'
option ieee80211r '1'
option ft_over_ds '0'
option ft_psk_generate_local '1'
option network 'wwanvlan2'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'sta'
option network 'wwanvlan2'
option ssid 'VLAN2Bridge'
option encryption 'sae'
option key 'xxxxxxxx'