OpenWRT in Repeater mode - LAN not working

Dear Community,
I hope you can help me on that.

As mentioned, I want to turn an OpenWRT device into a Repeater.
For that purpose, I have used a Devolo dlan 1200+ device and bricked that to OpenWRT - which seems to be supported - https://openwrt.org/toh/devolo/dlan_pro_1200_wifi_ac?s[]=devolo&s[]=dlan&s[]=1200 - and is working so far...
I followed that guide - https://openwrt.org/docs/guide-user/network/wifi/relay_configuration - to configure the repeater, but I'm not getting it running properly.
The special thing here is, I wanted to use the RJ45 port and bridge that to my network through a wifi connection too (that RJ45 port is connected to another device).

So I configured a wifi client to connect to my wifi and a bridge interface to bridge wifi and the "br-lan" interface.
Wifi connection works so far, with one limitation, I have to ping some device in my internal network(from dlan directly) to make the dlan reachable for my LAN after it got rebooted. Just pinging that device not sufficient enough.

Any idea why that is?
I mean it's not a big problem, I could just write into the local startup to ping my network to make it automatically work, but would be nice to clear that without such...

The other problem is, I can't reach the device connected to that RJ45 port of that dlan device.
Weirdly, it worked once... but I reboot the dlan device and now it doesn't work anymore...

I manually added an APR entry with:

ip neighbor add 192.168.0.1 lladdr 11:22:33:44:55:66 nud permanent dev br-lan

but that did not helped.

The config is as followes:

uci show
dhcp.@dnsmasq[0]=dnsmasq
dhcp.@dnsmasq[0].domainneeded='1'
dhcp.@dnsmasq[0].localise_queries='1'
dhcp.@dnsmasq[0].rebind_protection='1'
dhcp.@dnsmasq[0].rebind_localhost='1'
dhcp.@dnsmasq[0].local='/lan/'
dhcp.@dnsmasq[0].domain='lan'
dhcp.@dnsmasq[0].cachesize='1000'
dhcp.@dnsmasq[0].readethers='1'
dhcp.@dnsmasq[0].leasefile='/tmp/dhcp.leases'
dhcp.@dnsmasq[0].resolvfile='/tmp/resolv.conf.d/resolv.conf.auto'
dhcp.@dnsmasq[0].localservice='1'
dhcp.@dnsmasq[0].ednspacket_max='1232'
dhcp.lan=dhcp
dhcp.lan.interface='lan'
dhcp.lan.start='100'
dhcp.lan.limit='150'
dhcp.lan.leasetime='12h'
dhcp.lan.dhcpv4='server'
dhcp.lan.ignore='1'
dhcp.odhcpd=odhcpd
dhcp.odhcpd.maindhcp='0'
dhcp.odhcpd.leasefile='/tmp/hosts/odhcpd'
dhcp.odhcpd.leasetrigger='/usr/sbin/odhcpd-update'
dhcp.odhcpd.loglevel='4'
dhcp.@relay[0]=relay
dropbear.@dropbear[0]=dropbear
dropbear.@dropbear[0].PasswordAuth='on'
dropbear.@dropbear[0].RootPasswordAuth='on'
dropbear.@dropbear[0].Port='22'
firewall.@defaults[0]=defaults
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='ACCEPT'
firewall.@defaults[0].synflood_protect='1'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan' 'wlan0' 'lan0'
luci.main=core
luci.main.lang='auto'
luci.main.mediaurlbase='/luci-static/bootstrap'
luci.main.resourcebase='/luci-static/resources'
luci.main.ubuspath='/ubus/'
luci.flash_keep=extern
luci.flash_keep.uci='/etc/config/'
luci.flash_keep.dropbear='/etc/dropbear/'
luci.flash_keep.openvpn='/etc/openvpn/'
luci.flash_keep.passwd='/etc/passwd'
luci.flash_keep.opkg='/etc/opkg.conf'
luci.flash_keep.firewall='/etc/firewall.user'
luci.flash_keep.uploads='/lib/uci/upload/'
luci.languages=internal
luci.sauth=internal
luci.sauth.sessionpath='/tmp/luci-sessions'
luci.sauth.sessiontime='3600'
luci.ccache=internal
luci.ccache.enable='1'
luci.themes=internal
luci.themes.Bootstrap='/luci-static/bootstrap'
luci.themes.BootstrapDark='/luci-static/bootstrap-dark'
luci.themes.BootstrapLight='/luci-static/bootstrap-light'
luci.apply=internal
luci.apply.rollback='90'
luci.apply.holdoff='4'
luci.apply.timeout='5'
luci.apply.display='1.5'
luci.diag=internal
luci.diag.dns='openwrt.org'
luci.diag.ping='openwrt.org'
luci.diag.route='openwrt.org'
network.loopback=interface
network.loopback.device='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fda6:abf5:8506::/48'
network.@device[0]=device
network.@device[0].name='br-lan'
network.@device[0].type='bridge'
network.@device[0].ports='eth0' 'eth0.1' 'eth0.2'
network.@device[0].promisc='1'
network.lan=interface
network.lan.device='br-lan'
network.lan.proto='static'
network.lan.ipaddr='192.168.2.3'
network.lan.netmask='255.255.255.0'
network.lan.dns='9.9.9.9'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='0 3 4 2'
network.@switch_vlan[0].vid='1'
network.@device[1]=device
network.@device[1].name='phy1-sta0'
network.@device[1].promisc='1'
network.wlan0=interface
network.wlan0.proto='static'
network.wlan0.device='phy1-sta0'
network.wlan0.ipaddr='192.168.4.3'
network.wlan0.netmask='255.255.255.0'
network.wlan0.gateway='192.168.4.4'
network.wlan0.dns='9.9.9.9'
network.lan0=interface
network.lan0.proto='relay'
network.lan0.force_link='1'
network.lan0.network='lan' 'wlan0'
rpcd.@rpcd[0]=rpcd
rpcd.@rpcd[0].socket='/var/run/ubus/ubus.sock'
rpcd.@rpcd[0].timeout='30'
rpcd.@login[0]=login
rpcd.@login[0].username='root'
rpcd.@login[0].password='$p$root'
rpcd.@login[0].read='*'
rpcd.@login[0].write='*'
system.@system[0]=system
system.@system[0].hostname='APWP'
system.@system[0].timezone='CET-1CEST,M3.5.0,M10.5.0/3'
system.@system[0].ttylogin='0'
system.@system[0].log_size='64'
system.@system[0].urandom_seed='0'
system.@system[0].compat_version='1.0'
system.@system[0].zonename='Europe/Berlin'
system.@system[0].log_proto='udp'
system.@system[0].conloglevel='8'
system.@system[0].cronloglevel='5'
system.ntp=timeserver
system.ntp.server='0.openwrt.pool.ntp.org' '1.openwrt.pool.ntp.org' '2.openwrt.pool.ntp.org' '3.openwrt.pool.ntp.org'
system.plc_enable=gpio_switch
system.plc_enable.name='PLC enable'
system.plc_enable.gpio_pin='13'
system.plc_enable.value='0'
system.led_plcw=led
system.led_plcw.name='dLAN'
system.led_plcw.sysfs='white:dlan'
system.led_plcw.trigger='none'
system.led_plcw.default='1'
ucitrack.@network[0]=network
ucitrack.@network[0].init='network'
ucitrack.@network[0].affects='dhcp'
ucitrack.@wireless[0]=wireless
ucitrack.@wireless[0].affects='network'
ucitrack.@firewall[0]=firewall
ucitrack.@firewall[0].init='firewall'
ucitrack.@firewall[0].affects='luci-splash' 'qos' 'miniupnpd'
ucitrack.@olsr[0]=olsr
ucitrack.@olsr[0].init='olsrd'
ucitrack.@dhcp[0]=dhcp
ucitrack.@dhcp[0].init='dnsmasq'
ucitrack.@dhcp[0].affects='odhcpd'
ucitrack.@odhcpd[0]=odhcpd
ucitrack.@odhcpd[0].init='odhcpd'
ucitrack.@dropbear[0]=dropbear
ucitrack.@dropbear[0].init='dropbear'
ucitrack.@httpd[0]=httpd
ucitrack.@httpd[0].init='httpd'
ucitrack.@fstab[0]=fstab
ucitrack.@fstab[0].exec='/sbin/block mount'
ucitrack.@qos[0]=qos
ucitrack.@qos[0].init='qos'
ucitrack.@system[0]=system
ucitrack.@system[0].init='led'
ucitrack.@system[0].exec='/etc/init.d/log reload'
ucitrack.@system[0].affects='luci_statistics' 'dhcp'
ucitrack.@luci_splash[0]=luci_splash
ucitrack.@luci_splash[0].init='luci_splash'
ucitrack.@upnpd[0]=upnpd
ucitrack.@upnpd[0].init='miniupnpd'
ucitrack.@ntpclient[0]=ntpclient
ucitrack.@ntpclient[0].init='ntpclient'
ucitrack.@samba[0]=samba
ucitrack.@samba[0].init='samba'
ucitrack.@tinyproxy[0]=tinyproxy
ucitrack.@tinyproxy[0].init='tinyproxy'
uhttpd.main=uhttpd
uhttpd.main.listen_http='0.0.0.0:80' '[::]:80'
uhttpd.main.listen_https='0.0.0.0:443' '[::]:443'
uhttpd.main.redirect_https='0'
uhttpd.main.home='/www'
uhttpd.main.rfc1918_filter='1'
uhttpd.main.max_requests='3'
uhttpd.main.max_connections='100'
uhttpd.main.cert='/etc/uhttpd.crt'
uhttpd.main.key='/etc/uhttpd.key'
uhttpd.main.cgi_prefix='/cgi-bin'
uhttpd.main.lua_prefix='/cgi-bin/luci=/usr/lib/lua/luci/sgi/uhttpd.lua'
uhttpd.main.script_timeout='60'
uhttpd.main.network_timeout='30'
uhttpd.main.http_keepalive='20'
uhttpd.main.tcp_keepalive='1'
uhttpd.main.ubus_prefix='/ubus'
uhttpd.defaults=cert
uhttpd.defaults.days='730'
uhttpd.defaults.key_type='ec'
uhttpd.defaults.bits='2048'
uhttpd.defaults.ec_curve='P-256'
uhttpd.defaults.country='ZZ'
uhttpd.defaults.state='Somewhere'
uhttpd.defaults.location='Unknown'
uhttpd.defaults.commonname='OpenWrt'
wireless.radio0=wifi-device
wireless.radio0.type='mac80211'
wireless.radio0.path='pci0000:00/0000:00:00.0'
wireless.radio0.channel='36'
wireless.radio0.band='5g'
wireless.radio0.htmode='HT20'
wireless.radio0.cell_density='0'
wireless.radio1=wifi-device
wireless.radio1.type='mac80211'
wireless.radio1.path='platform/ahb/18100000.wmac'
wireless.radio1.channel='auto'
wireless.radio1.band='2g'
wireless.radio1.htmode='HT40'
wireless.radio1.cell_density='0'
wireless.radio1.disabled='0'
wireless.radio1.noscan='1'
wireless.wifinet4=wifi-iface
wireless.wifinet4.device='radio1'
wireless.wifinet4.mode='sta'
wireless.wifinet4.network='wlan0'
wireless.wifinet4.ssid='WIFIlan'
wireless.wifinet4.bssid='44:48:C1:6B:50:C0'
wireless.wifinet4.encryption='psk2'
wireless.wifinet4.key='password!'
wireless.wifinet1=wifi-iface
wireless.wifinet1.device='radio0'
wireless.wifinet1.mode='ap'
wireless.wifinet1.ssid='OpenWrt'
wireless.wifinet1.encryption='psk2'
wireless.wifinet1.wmm='0'
wireless.wifinet1.key='password!'
wireless.wifinet1.network='lan'

Does anybody has some help, to make it work again and also reliable ?

Thanks!

Your configuration has mistakes. For example the relay interface doesn't have an IP.
Also dumping all the configuration of the device makes it difficult to read.
Follow the guide only if WDS or 11s are not supported.

I know that my configs most likely has some issues, the question is which...
I added the IP for the relay interface, but this did not changed the behavior.

The device on the RJ45 interface is still not reachable.
It's weird that it was reachable once (till I rebooted)...

It would be easier to reset to defaults and start over by following the guide, which is rather simple.

the config is based on that guide. As I mentioned it before.

and I already reset the box also.

brave_10112024_084843811×575 18.6 KB

brave_10112024_173522772×660 19.1 KB

brave_10112024_173547821×569 18.6 KB

I added some pictures for hopefully some more understand about the config.

generally it's not complicated (or should be), but for some reason it's not working...

Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have

ubus call system board; \
uci export network; uci export wireless; \
uci export dhcp; uci export firewall; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru

{
        "kernel": "5.15.167",
        "hostname": "APWP",
        "system": "Atheros AR9344 rev 3",
        "model": "Devolo dLAN pro 1200+ WiFi ac",
        "board_name": "devolo,dlan-pro-1200plus-ac",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.5",
                "revision": "r24106-10cc5fcd00",
                "target": "ath79/generic",
                "description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
        }
}
package network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fda6:abf5:8506::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'
        list ports 'eth0.1'
        list ports 'eth0.2'
        option promisc '1'
        option arp_accept '1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        list dns '9.9.9.9'
        list ipaddr '192.168.2.3/24'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '0'

config device
        option name 'phy1-sta0'
        option promisc '1'

config interface 'wlan0'
        option proto 'static'
        option device 'phy1-sta0'
        option ipaddr '192.168.4.3'
        option netmask '255.255.255.0'
        option gateway '192.168.4.4'
        list dns '9.9.9.9'

config interface 'lan0'
        option proto 'relay'
        option force_link '1'
        list network 'lan'
        list network 'wlan0'
        option ipaddr '192.168.4.3'

config device
        option name 'eth0'
        option promisc '1'
        option acceptlocal '1'
        option drop_v4_unicast_in_l2_multicast '1'
        option arp_accept '1'

config device
        option name 'eth0.1'
        option type '8021q'
        option ifname 'eth0'
        option vid '1'
        option promisc '1'
        option acceptlocal '1'
        option multicast_router '2'
        option multicast_to_unicast '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0 3 4 2'
        option vid '1'

package wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'pci0000:00/0000:00:00.0'
        option channel '36'
        option band '5g'
        option htmode 'HT20'
        option cell_density '0'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'platform/ahb/18100000.wmac'
        option channel 'auto'
        option band '2g'
        option htmode 'HT40'
        option cell_density '0'
        option disabled '0'
        option noscan '1'

config wifi-iface 'wifinet4'
        option device 'radio1'
        option mode 'sta'
        option network 'wlan0'
        option ssid 'Schnurrito'
        option bssid '88:88:C1:6B:50:C0'
        option encryption 'psk2'
        option key 'password!'

config wifi-iface 'wifinet1'
        option device 'radio0'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'psk2'
        option wmm '0'
        option key 'password!'
        option network 'lan'

package dhcp

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option cachesize '1000'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option localservice '1'
        option ednspacket_max '1232'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv4 'server'
        option ignore '1'
        option dynamicdhcp '0'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'
        option loglevel '4'

config relay

package firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'wlan0'
        list network 'lan0'

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
9: phy1-sta0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.4.3/24 brd 192.168.4.255 scope global phy1-sta0
       valid_lft forever preferred_lft forever
16: br-lan: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    inet 192.168.2.3/24 brd 192.168.2.255 scope global br-lan
       valid_lft forever preferred_lft forever
192.168.4.4 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.11 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.34 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.42 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.45 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.47 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.60 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.89 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.101 dev br-lan table 16800 scope link src 192.168.4.3
192.168.4.123 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.230 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.235 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.236 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.237 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.238 dev phy1-sta0 table 16800 scope link src 192.168.4.3
192.168.4.101 dev br-lan table 16801 scope link
192.168.4.4 dev phy1-sta0 table 16802 scope link
192.168.4.11 dev phy1-sta0 table 16802 scope link
192.168.4.34 dev phy1-sta0 table 16802 scope link
192.168.4.42 dev phy1-sta0 table 16802 scope link
192.168.4.45 dev phy1-sta0 table 16802 scope link
192.168.4.47 dev phy1-sta0 table 16802 scope link
192.168.4.60 dev phy1-sta0 table 16802 scope link
192.168.4.89 dev phy1-sta0 table 16802 scope link
192.168.4.123 dev phy1-sta0 table 16802 scope link
192.168.4.230 dev phy1-sta0 table 16802 scope link
192.168.4.235 dev phy1-sta0 table 16802 scope link
192.168.4.236 dev phy1-sta0 table 16802 scope link
192.168.4.237 dev phy1-sta0 table 16802 scope link
192.168.4.238 dev phy1-sta0 table 16802 scope link
default via 192.168.4.4 dev phy1-sta0 proto static
192.168.2.0/24 dev br-lan proto kernel scope link src 192.168.2.3
192.168.4.0/24 dev phy1-sta0 proto kernel scope link src 192.168.4.3
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 192.168.2.3 dev br-lan table local proto kernel scope host src 192.168.2.3
broadcast 192.168.2.255 dev br-lan table local proto kernel scope link src 192.168.2.3
local 192.168.4.3 dev phy1-sta0 table local proto kernel scope host src 192.168.4.3
broadcast 192.168.4.255 dev phy1-sta0 table local proto kernel scope link src 192.168.4.3
0:      from all lookup local
2:      from all iif lo lookup 16800
2:      from all iif phy1-sta0 lookup 16801
2:      from all iif br-lan lookup 16802
32766:  from all lookup main
32767:  from all lookup default

it's weird, I connected a laptop to that RJ45 port and that seems works.
I did a traceroute and it showed me the Repeater as 1. hop and 2. hop was the device I pinged.
Just the device I need to access (behind that repeater) is not reachable...
But it was reachable once... (till I rebooted)...
The only difference is, the device I need to access has just 100MBit not 1Gbit... But that should be a problem, as from the picture, the 100Mbit are detected.

Remove dns from lan, it is not reachable from lan.

Remove the device from wlan0, this is configured in wireless configuration.

Better lock the channel in 2,4GHz to the base AP.

Other than that, the relayd is a nasty hack, so I don't think that arp requests are properly relayed from the main AP to the devices behind the repeater.
Try to initiate some traffic from the device behind the repeater and see if this will enable visibility for the devices connected on the main AP.

I already recognised that there is some issue with that relayd. Because after a reboot I was not able to ping the wireless IP until that interface was used by some device behind the repeater or itself pinged some device on my network.
I solved that problem by adding a ping command within the startup config.
Unfortunately the device on the rj45 port of the repeater is not really a device I can control, it's a heatpump.
But I enabled DHCP on that device.
It got an adress and is shortly pingable, but after a short while it's not reachable again. Although the repeater has the correct arp table.
I assume it has something to do with, that this port (from heatpump) is only 100Mbit and not 1Gbit...
Somehow it seems that internal switch cannot handle that traffic somehow...

I've attached that sw config.

root@APWP:~# swconfig dev switch0 show
Global attributes:
        enable_vlan: 1
        ar8xxx_mib_poll_interval: 0
        ar8xxx_mib_type: 0
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        mirror_monitor_port: 0
        mirror_source_port: 0
        arl_age_time: 300
        arl_table: address resolution table
Port 0: MAC 04:d1:6e:d0:4d:d2
Port 0: MAC 30:d3:2d:98:4b:2f

        igmp_snooping: 0
        igmp_v3: 0
Port 0:
        mib: ???
        enable_eee: ???
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 1
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow
Port 1:
        mib: ???
        enable_eee: 0
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 0
        link: port:1 link:down
Port 2:
        mib: ???
        enable_eee: 0
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 1
        link: port:2 link:down
Port 3:
        mib: ???
        enable_eee: 0
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 1
        link: port:3 link:up speed:100baseT full-duplex auto
Port 4:
        mib: ???
        enable_eee: 0
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 1
        link: port:4 link:down
Port 5:
        mib: ???
        enable_eee: 0
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 0
        link: port:5 link:down
Port 6:
        mib: ???
        enable_eee: ???
        igmp_snooping: 0
        vlan_prio: 0
        pvid: 0
        link: port:6 link:up speed:10baseT half-duplex
VLAN 1:
        vid: 1
        ports: 0 2 3 4

This configuration has a lot of issues. Please reset to defaults and we can get things working from that point.

Hi all.
I solved the issue.
Resetting the box did not solved it. The problem was the different IP segment on "lan" interface.
As I needed the RJ45 ports to be in the same IP segment like the "wlan0" the different IP from "lan" did not allowed to reach the device on that bridge device.

Routing table before

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.4.4     0.0.0.0         UG    0      0        0 phy1-sta0
192.168.2.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.4.0     *               255.255.255.0   U     0      0        0 phy1-sta0

Everything on .4.x was send through "wlan0", but I needed .4.233 to be send on a local interface on the repeater.

I set an additional IP for "lan" in my .4.x network and a dedicated route, to just reach the specific device on "lan" interface.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.4.4     0.0.0.0         UG    0      0        0 phy1-sta0
192.168.1.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.4.0     *               255.255.255.0   U     0      0        0 phy1-sta0
192.168.4.233   *               255.255.255.255 UH    0      0        0 br-lan

NOW it works.

So the issue is a little specific, because of the LAN ports on that repeater device, which is not covered as a situation on that previous mentioned guide.

Or do you think there is still something wrong?

Normally the device should create some traffic which would add it in the routing table as you showed here.
You can however manually add it in table 16801 like .4.101
Nice catch!