Problems with Switch in network

I'm a fairly descent veteran when it comes to networking. I don't do it professionally anymore so I usually can figure this stuff out. I'm at a total loss today.

What I have I am using a Linksys WRT1900AC v1 running OpenWrt 23.05.5 r24106-10cc5fcd00. Everything seems to be running normally on all lan ports and wifi. I needed to expand my switch so I purchased a TPLINK TL-SG108. For some reason I can't get the devices connected to the TPLINK to talk to the Linksys. So when I plug in my raspberry pi directly into the Linksys it works instantly and can reach the internet, I plug into the TPLINK with the TPLINK connected to the Linksys. there is no connection. Interestingly enough, each device on the TPLINK can talk to each other. I did switch out the TPLINK for another switch, thinking that maybe something is wrong with the switch. I also tried replacing all my cables and I even tried an old patch cable to see if that old issue had anything to do with it. I also tried a different port on the Links's.

It is almost like the Linksys can't read the MAC addresses on the TPLINK. I can tell this is the case because if I disconnect all the device on the TPLINK and only leave my Raspberry Pi the Pi can ping the router and Google just fine. So I am assuming I am missing some setting to allow multiple devices on one port.

any ideas?

Your tp-link switch is unmanaged, so it should be entirely transparent. Let’s review the router config to make sure there is nothing wrong there.

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall

Check EEE as sometimes this can be problematic.

I am removing about a dozen of the port forwarding settings from the response here. I don't think it's helpful and its to private.
{
"kernel": "5.15.167",
"hostname": "router.name.tdl,
"system": "ARMv7 Processor rev 2 (v7l)",
"model": "Linksys WRT1900AC v1",
"board_name": "linksys,wrt1900ac-v1",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.5",
"revision": "r24106-10cc5fcd00",
"target": "mvebu/cortexa9",
"description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
}
}

root@router:~# cat /etc/config/network

config interface 'loopback'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
option device 'lo'

config globals 'globals'
option ula_prefix 'fd7e:eebe:d897::/48'

config interface 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option device 'br-lan'
option ip4table 'local'

config interface 'wan'
option proto 'static'
option broadcast ‘xxx.xxx.xxx.xxx’
option ipaddr 'xxx.xxx.xxx.xxx'
option gateway 'xxx.xxx.xxx.xxx'
option netmask 'xxx.xxx.xxx.xxx'
option device 'wan'
list dns 'xxx.xxx.xxx.xxx'
list dns 'xxx.xxx.xxx.xxx'

config interface 'wan6'
option proto 'dhcpv6'
option device 'wan'
option reqaddress 'try'
option reqprefix 'auto'

config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'

config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 5t'

config switch_vlan
option device 'switch0'
option vlan '2'
option ports '4 6t'

config interface 'Guest'
option proto 'static'
option ipaddr '10.20.30.40'
option netmask '255.255.255.0'

config interface 'IOTWAN'
option proto 'static'
option ipaddr '10.10.10.1'
option netmask '255.255.255.0'

config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0.1'
list ports 'eth1'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'

config interface 'PAYNEVPN'
option proto 'none'
option device 'tun0'

config interface 'vpn'
option proto 'wireguard'
option private_key ‘xxxxx’
option listen_port '51820'
list addresses '192.168.9.1/24'
list addresses ‘xxxx’

config wireguard_vpn 'wgclient'
option public_key ‘xxxxx’
option preshared_key ‘xxxxxx’
list allowed_ips '192.168.9.2/32'
list allowed_ips 'fdf1:e8a1:8d3f:9::2/128'

config device
option type 'bridge'
option name 'MYBRIDGE'

root@router:~# cat /etc/config/wireless

config wifi-device 'radio0'
option type 'mac80211'
option channel '11'
option hwmode '11g'
option path 'soc/soc:pcie@82000000/pci0000:00/0000:00:02.0/0000:02:00.0'
option htmode 'HT20'
option country 'US'

config wifi-iface 'default_radio0'
option device 'radio0'
option network 'lan'
option mode 'ap'
option macaddr ‘xxxxxx’
option key ‘xxxx’
option ssid ‘xx’xx
option encryption 'psk2'

config wifi-device 'radio1'
option type 'mac80211'
option channel '36'
option hwmode '11a'
option path 'soc/soc:pcie@82000000/pci0000:00/0000:00:03.0/0000:03:00.0'
option htmode 'VHT80'
option country 'US'

config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option macaddr 'bxxxx’
option key ‘xxx’x
option ssid ‘xxxxx’
option encryption 'psk2'

config wifi-iface 'wifinet2'
option ssid ‘xxxx’
option encryption 'psk2'
option device 'radio1'
option mode 'ap'
option network 'Guest'
option key 'bep9933054'

config wifi-iface 'wifinet3'
option ssid ‘IOT—xxxxxxxxx
option encryption 'psk2'
option device 'radio0'
option mode 'ap'
option network 'IOTWAN'
option key ‘xxxxxxx’x

root@router:~# cat /etc/config/dhcp

config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'

config dhcp 'lan'
option interface 'lan'
option dhcpv6 'server'
option ra 'server'
option leasetime '168h'
option ra_management '1'
option start '100'
option limit '150'

config dhcp 'wan'
option interface 'wan'
option ignore '1'
option start '100'
option limit '150'
option leasetime '12h'

config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'

config dhcp 'Guest'
option start '100'
option leasetime '12h'
option limit '150'
option interface 'Guest'

config dhcp 'IOTWAN'
option start '100'
option leasetime '12h'
option limit '150'
option interface 'IOTWAN'

config domain
option name 'www.domain.tld'
option ip '192.168.1.2'

config host
option name 'repeater'
option ip '192.168.1.159'
option mac '00:24:81:93:53:00'

config host
option ip '192.168.1.4'
option mac '20:D7:78:AE:53:4C'

config domain
option name 'power.domain.tld'
option ip '192.168.1.5'

config domain
option name 'logbook.pdomain.tld'
option ip '192.168.1.2'

config domain
option name 'cloud.domain.tld’
option ip '192.168.1.2'

root@router:~# cat /etc/config/firewall

config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'

config zone 'lan'
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list device 'tun+'
option masq '1'
list network 'lan'
list network 'vpn'

config zone 'wan'
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'

config forwarding
option src 'lan'
option dest 'wan'

config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'

config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
option enabled '0'

config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'

config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'

config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'

config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'

config include
option path '/etc/firewall.user'

config redirect
option dest_port ‘00000000’
option src 'wan'
option name 'AppleTalk'
option src_dport '422'
option target 'DNAT'
option dest_ip '192.168.1.2'
option dest 'lan'
option enabled '0'

config redirect
option dest_port ‘0000000’
option src 'wan'
option name 'AFP'
option src_dport '548'
option target 'DNAT'
option dest_ip '192.168.1.2'
option dest 'lan'
option enabled '0'

config redirect
option dest_port ‘0000000000’
option src 'wan'
option name 'Plex'
option target 'DNAT'
option dest_ip '192.168.1.9'
option dest 'lan'
option src_dport '60519'

config redirect
option dest_port ‘000000000’
option src 'wan'
option name 'Nextcloud'
option src_dport '4430'
option target 'DNAT'
option dest_ip '192.168.1.2'
option dest 'lan'

config redirect
option dest_port ‘00000000’
option src 'wan'
option name 'Router SSH'
option src_dport '122'
option target 'DNAT'
option dest_ip '192.168.1.1'
option dest 'lan'
option enabled '0'

config zone
option forward 'REJECT'
option name 'GuestZone'
option output 'ACCEPT'
option input 'REJECT'
option masq '1'
list network 'Guest'
list network 'IOTWAN'

config forwarding
option dest 'wan'
option src 'GuestZone'

config rule
option src 'GuestZone'
option name 'Guest DHCP and DNS'
option target 'ACCEPT'
option dest_port '53 67 68 2050'

config include 'nodogsplash'
option type 'script'
option path '/usr/lib/nodogsplash/restart.sh'

config redirect
option target 'DNAT'
option name 'HTTP'
option src 'wan'
option src_dport '80'
option dest 'lan'
option dest_ip '192.168.1.2'

config redirect
option target 'DNAT'
option name 'HTTPS'
option src 'wan'
option src_dport '443'
option dest 'lan'
option dest_ip '192.168.1.2'

config zone
option name 'oven_wf'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
list network ‘VPN’

config forwarding
option src 'lan'
option dest 'oven_wf'

config redirect
option target 'DNAT'
option name 'SSH'
option src 'wan'
option src_dport ‘00000000’
option dest 'lan'
option dest_ip '192.168.1.2'
option dest_port ‘0000000’

config redirect
option target 'DNAT'
list proto 'udp'
option src 'wan'
option dest 'lan'
option dest_ip '192.168.1.225'
option name 'VPN'
option src_dport '1701'
option dest_port '1701'

config redirect
option target 'DNAT'
option name 'VPN2'
option src 'wan'
option src_dport ‘0000000’
option dest 'lan'
option dest_ip '192.168.1.225'
option dest_port ‘00000000’

This device is DSA at the version of OpenWrt you are running. You appear to have network config configured as ol'timy switchdev.

Interesting. I have had this router working reliable for years and years. might be why it's old school. Would it be worth me starting complete from scratch?

Yes. As pointed out, you seem to have both swconfig and DSA config stanzas in the configuration you posted... this won't work and will be painful to cleanup properly.

Make a backup and use that as a human readable reference while you recreate your settings from scratch after a reset to defaults.

Okay. Basically get the image file and reflash the Linksys and start from scratch. I think I can do that.

You don't need to reflash... simply reset to defaults.

Ah thank.

Would think there wouldbbe any problems just copying my port forwarding settings in my firewall?

Honestly, it's best to recreate from scratch. Yes, you could probably copy the port forward settings, but it's also a good time to review everything to make sure you still want/need everything there, and there is always the chance that there will be an error carried over from the previous configuration. I recommend recreating from scratch.

Okay thank. I'll be working on it in the next couple of hours.

Thanks for your time today. Seriously, this has stressed me out. I went ahead and refreshed the router, it's actually performing way better in general and the switch is interacting with my router now. I appreciate your help, I really do.

Glad it is now working as desired!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.