Openwrt / pfense bridge interface : no network

beta · March 11, 2022, 5:46pm

Hello all,

I use "TP-Link Archer C7 v2" router with OpenWrt 19.07.5 (OpenWrt 19.07.5 r11257-5090152ae3 / LuCI openwrt-19.07 branch git-20.341.57626-51f55b5).

I have 2 SSID set up on 2 different VLAN.
A physical port of the router is connected on my Pfsense (ESXi). The physical port on my ESXi is trunked (Port group : VLAN ID 4095).
The 2 vlans are declared on my Pfsense.

I would like to declare one of the two vlans on my ESXi as well in order to have a virtual machine in the same subnet.
For that, I have to create a bridge interface on Pfsense regrouping the interface that will be for the ESXi (for my VM) and the interface used for my SSID on Openwrt.

When I create my bridge interface, my virtual machine responds correctly. The network is OK. But I lose the network with my wifi equipment. Despite some tests I don't know why.

Do you have any idea ?

My configuration :

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'xxxx:xxxx:xxxx::/xx'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth1.1'
        option proto 'static'
        option netmask 'XXX.XXX.XXX.XXX'
        option ipaddr 'XXX.XXX.XXX.X'
        option gateway 'XXX.XXX.XXX.X'
        list dns 'XXX.XXX.XXX.X'
        list dns 'XXX.XXX.XXX.XXX'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 2 3 4 5'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '1 6t'
        option vid '2'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t 2t'
        option vid '20'

config interface 'SSID_1'
        option ifname 'eth1.20'
        option type 'bridge'
        option proto 'none'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option ports '0t 2t'
        option vid '10'

config interface 'SSID_2'
        option proto 'none'
        option type 'bridge'
        option ifname 'eth1.10'

Thanks & regards,

beta · March 24, 2022, 7:25pm

Hello all,

I am still looking for a solution to my problem unfortunately
In order to get around the problem do you know how I can connect a WIFI network to the LAN interface under the same network ?
I have read that this is not possible but maybe there is a solution ?

Or if you have a solution for my first question, I am interested

Thanks & regards

lleachii · March 26, 2022, 10:55am

You provided no information on your WiFi
Your bridges only have one interface connected to them, they're not connecting anything

You plug the AP into the LAN/VLAN that it will provide wireless access to - but I'm sure you already knew this, so troubleshooting why would probably be better.

beta · March 28, 2022, 5:48pm

Hello,

Thank you for your answer !

Below, my WIFI configuration :

cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option channel '36'
        option hwmode '11a'
        option path 'pci0000:00/0000:00:00.0'
        option htmode 'VHT80'
        option country 'FR'
        option disabled '0'

config wifi-device 'radio1'
        option type 'mac80211'
        option channel '11'
        option hwmode '11g'
        option path 'platform/ahb/18100000.wmac'
        option htmode 'HT20'
        option country 'FR'
        option disabled '0'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option hidden '1'
        option encryption 'psk2'
        option network 'WIFI_1'
        option key 'PASSWORD_1'
        option ssid 'ssid'

config wifi-iface 'wifinet3'
        option device 'radio1'
        option mode 'ap'
        option encryption 'psk2'
        option hidden '1'
        option network 'WIFI_1'
        option key 'PASSWORD_1'
        option ssid 'ssid'
        option macfilter 'deny'
        list maclist '48:01:C5:30:E8:D0'

config wifi-iface 'wifinet4'
        option device 'radio0'
        option mode 'ap'
        option ssid 'ssid-noint'
        option key 'password_2'
        option encryption 'psk2'
        option hidden '1'
        option network 'WIFI_2'

config wifi-iface 'wifinet5'
        option device 'radio1'
        option mode 'ap'
        option ssid 'ssid-noint'
        option key 'password_2'
        option hidden '1'
        option encryption 'psk2'
        option network 'WIFI_2'

About my another question :
Is it possible to have the wifi and LAN interface in the same subnet?
For example (same gateway/netmask):
LAN >> interface IP address 192.168.30.252
WIFI >> scope 192.168.30.10 / 192.168.30.100
I have read in several articles that this is not possible but I am surprised.

Thanks & regards