Hey all! I was very close to posting a question about this, and figured it out on my own, so I wanted to share my findings in case it might help anyone else. I have been running OpenWrt 21.x on my Raspberry Pi 4 for about 3 years now. A couple years ago, I added a Ubiquiti AP to provide excellent wireless coverage. While doing this, I decided to configure a couple VLANs to up my network security (and for fun!). I created 2 zones outside of LAN: GUEST and IOT, which are essentially the same (I need my IoT devices to talk to WAN for Google Home etc) but isolated from each other.
This had been working perfectly but after updating, I was unable to reach WAN from my VLANs. While connected, I was able to receive a local IP from DHCP and I was also able to talk to the router, so I knew DNS wasn't an issue. I spent about 2 hours pulling my hair out until I took a close look at my Firewall Zones. This is what my firewall zones looked like:
If you're smarter than I, you probably already see the issue - I was not routing my VLANs to WAN and therefore was not able to access the Internet (duh). However, for whatever reason, this configuration had been working without a hitch for years. So, my working configuration looks like this (with Input disabled to prevent these zones from accessing my internal network):
Simple as cake!
Another note for users that have an USB Ethernet dongle (as I do). If you want to save yourself the headache of finding a way to get the kernel module for your adapter, you can use the OpenWrt firmware selector and just add it to the installed packages as part of your sysupgrade. For me, this was simply adding kmod-usb-net-rtl8152 as discussed here.
Hope this helps someone in the future!