Second dnsmasq does not work on WLAN

I'm trying to build a test environment by OpenWrt, for verifying the DNS functionality of other devices. The environment needs two DNS servers inside a single OpenWrt system. When the tested devices connect to the Wi-Fi access point, I suppose they can send DNS query on both DNS servers. I have configuration below. I do see 2 dnsmasqs listen on 2 networks, but only the first dnsmasq replies DNS queries. The second one doesn't reply any query. I don't know if I set some things wrong, especially for firewall or network creates.

  1. Add a network ‘nif4dns’
# uci set network.nif4dns=interface
# uci set network.nif4dns.proto='static'
# uci set network.nif4dns.ipaddr='192.168.2.1'
# uci set network.nif4dns.netmask='255.255.255.0'
# uci set network.nif4dns.ip6assign='60'
# uci set network.nif4dns.ifname='eth1.2'
# uci commit network
# /etc/init.d/network restart

# uci export network
package network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd84:786a:9d65::/48'

config interface 'lan'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ifname 'eth1.1 eth1.2'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 4 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '5 0t'

config interface 'nif4dns'
	option proto 'static'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ifname 'eth1.2'
  1. Configure firewall for network ‘nif4dns’
# uci add_list firewall.@zone[0].network=‘nif4dns’
# uci commit firewall
# /etc/init.d/firewall restart

# uci show firewall
…
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan' 'nif4dns'
...
  1. (from LuCi) Add network ‘nif4dns’ into network ‘lan’ bridge
# brctl show
bridge name	bridge id		STP enabled	interfaces
br-lan		7fff.78d294a83443	no		eth1.1
							            wlan0
							            eth1.2
  1. Configure 2 instances of dnsmasq
// exclude 'nif4dns' from default dnsmasq
# uci add_list dhcp.@dnsmasq[0].notinterface="nif4dns"

// add ‘2nd_dnsmasq’
# uci set dhcp.2nd_dnsmasq=dnsmasq
# uci set dhcp.2nd_dnsmasq.domainneeded='1'
# uci set dhcp.2nd_dnsmasq.localise_queries='1'
# uci set dhcp.2nd_dnsmasq.rebind_protection='1'
# uci set dhcp.2nd_dnsmasq.rebind_localhost='1'
# uci set dhcp.2nd_dnsmasq.expandhosts='1'
# uci set dhcp.2nd_dnsmasq.authoritative='1'
# uci set dhcp.2nd_dnsmasq.readethers='1'
# uci set dhcp.2nd_dnsmasq.leasefile='/tmp/dhcp.leases'
# uci set dhcp.2nd_dnsmasq.resolvfile='/tmp/resolv.conf.auto'
# uci set dhcp.2nd_dnsmasq.nonwildcard='1'
# uci set dhcp.2nd_dnsmasq.localservice='1'
# uci set dhcp.2nd_dnsmasq.local='/SOME_TEST_DOMAIN/'
# uci set dhcp.2nd_dnsmasq.domain='SOME_TEST_DOMAIN'
# uci set dhcp.2nd_dnsmasq.logqueries='1'
# uci add_list dhcp.2nd_dnsmasq.interface='nif4dns'
# uci add_list dhcp.2nd_dnsmasq.notinterface='loopback'
  1. Disabling DHCP role on 2nd dnsmasq
# uci set dhcp.nif4dns="dhcp"
# uci set dhcp.nif4dns.instance="2nd_dnsmasq"
# uci set dhcp.nif4dns.interface="nif4dns"
# uci set dhcp.nif4dns.ignore="1"
# uci commit dhcp
/etc/init.d/dnsmasq restart
/etc/init.d/odhcpd restart
  1. check current status
# uci export dhcp
package dhcp

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option nonwildcard '1'
	option localservice '1'
	option local '/SOME_TEST_DOMAIN/'
	option domain 'SOME_TEST_DOMAIN'
	option logqueries '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	list notinterface 'nif4dns'

config dhcp 'lan'
	option interface 'lan'
	option start '100'
	option limit '150'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	list dhcp_option '6,8.8.8.8,8.8.4.4'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

config domain
	option name 'SOME_TEST_DOMAIN'
	option ip '100.91.132.67'

config dnsmasq '2nd_dnsmasq'
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'
	option local '/SOME_TEST_DOMAIN/'
	option domain 'SOME_TEST_DOMAIN'
	option logqueries '1'
	list interface 'nif4dns'
	list notinterface 'loopback'

config dhcp 'nif4dns'
	option instance '2nd_dnsmasq'
	option interface 'nif4dns'
	option ignore '1'

# netstat -lutnp | grep dnsmasq
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      19186/dnsmasq
tcp        0      0 192.168.1.1:53          0.0.0.0:*               LISTEN      19186/dnsmasq
tcp        0      0 100.91.132.67:53        0.0.0.0:*               LISTEN      19186/dnsmasq
tcp        0      0 192.168.2.1:53          0.0.0.0:*               LISTEN      19187/dnsmasq
tcp        0      0 ::1:53                  :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3444:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 2401:fa00:49c:5e0::1:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fd84:786a:9d65::1:53    :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 2401:fa00:480:9003:7ad2:94ff:fea8:3444:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3444:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3445:53 :::*                    LISTEN      19186/dnsmasq
tcp        0      0 fd84:786a:9d65:10::1:53 :::*                    LISTEN      19187/dnsmasq
tcp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                    LISTEN      19187/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           19186/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           19187/dnsmasq
udp        0      0 127.0.0.1:53            0.0.0.0:*                           19186/dnsmasq
udp        0      0 192.168.1.1:53          0.0.0.0:*                           19186/dnsmasq
udp        0      0 100.91.132.67:53        0.0.0.0:*                           19186/dnsmasq
udp        0      0 192.168.2.1:53          0.0.0.0:*                           19187/dnsmasq
udp        0      0 ::1:53                  :::*                                19186/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3444:53 :::*                                19186/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                                19186/dnsmasq
udp        0      0 2401:fa00:49c:5e0::1:53 :::*                                19186/dnsmasq
udp        0      0 fd84:786a:9d65::1:53    :::*                                19186/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                                19186/dnsmasq
udp        0      0 2401:fa00:480:9003:7ad2:94ff:fea8:3444:53 :::*                                19186/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3444:53 :::*                                19186/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3445:53 :::*                                19186/dnsmasq
udp        0      0 fd84:786a:9d65:10::1:53 :::*                                19187/dnsmasq
udp        0      0 fe80::7ad2:94ff:fea8:3443:53 :::*                                19187/dnsmasq

Clues:

  1. The client device in WLAN can ping both 192.168.1.1 and 192.168.2.1.
  2. The client device send DNS query to 192.168.1.1:53 can get replies from the default dnsmasq.
  3. The client device send DNS query to 192.168.2.1:53 won't get any reply from the 2nd dnsmasq. From OpenWrt system log, there is no any query being processed on the 2nd dnsmasq after launch. From tcpdump, the OpenWrt did receive DNS queries from client device on 192.168.2.1:53. Those packets were never responded.
// tcpdump
1461	2020-09-11 13:03:59.442241	192.168.1.222	192.168.2.1	DNS	96	Standard query 0x4761 A www.cnn.com OPT
1461	2020-09-11 13:03:59.442241	192.168.1.222	192.168.2.1	DNS	96	Standard query 0x4761 A www.cnn.com OPT
  1. When I SSH into OpenWrt, it can do DNS query on both dnsmasqs.
//System log
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 query[A] www.yahoo.com from 192.168.1.1
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 forwarded www.yahoo.com to 8.8.8.8
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 forwarded www.yahoo.com to 8.8.4.4
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 reply www.yahoo.com is <CNAME>
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 reply new-fp-shed.wg1.b.yahoo.com is 180.222.102.202
Fri Sep 11 20:50:17 2020 daemon.info dnsmasq[19186]: 4 192.168.1.1/44270 reply new-fp-shed.wg1.b.yahoo.com is 180.222.102.201
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 query[A] www.cnn.com from 192.168.2.1
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 forwarded www.cnn.com to 8.8.8.8
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 forwarded www.cnn.com to 8.8.4.4
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 reply www.cnn.com is <CNAME>
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 reply turner-tls.map.fastly.net is 151.101.1.67
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 reply turner-tls.map.fastly.net is 151.101.65.67
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 reply turner-tls.map.fastly.net is 151.101.129.67
Fri Sep 11 20:50:26 2020 daemon.info dnsmasq[19187]: 1 192.168.2.1/56340 reply turner-tls.map.fastly.net is 151.101.193.67

I feel I'm pretty close to the target. But I still miss a piece of puzzle.

1 Like

First of all, this is not exactly a good way to test what you are trying to test.
If you want two separate interfaces, you should not bridge them.
If you want one interface with ip aliases, there are better ways to do it.
Then you have localservice option enabled, so server listening to 2.1 won't reply to requests coming from 1.X
Last but not least, you are pushing google dns to the hosts.

3 Likes

Bridging interfaces makes them operate as a single L3 device, so you cannot expect for them to work separately.

3 Likes

Thanks trendy and vgaetera. I disabled bridge and localservice option. Unfortunately, it still doesn't work.

I notice that eth1.2 RX packets is always 0, even the WLAN client did send PING or DNS queries on it, the packets were also being captured on tcpdump. It seems still something wrong on my settings.

# ifconfig
br-lan    Link encap:Ethernet  HWaddr 78:D2:94:A8:34:43  
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: 2401:fa00:49c:5e0::1/60 Scope:Global
          inet6 addr: fe80::7ad2:94ff:fea8:3443/64 Scope:Link
          inet6 addr: fd84:786a:9d65::1/60 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:89065 errors:0 dropped:0 overruns:0 frame:0
          TX packets:159538 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:165737121 (158.0 MiB)  TX bytes:86800256 (82.7 MiB)

eth0      Link encap:Ethernet  HWaddr 78:D2:94:A8:34:44  
          inet6 addr: fe80::7ad2:94ff:fea8:3444/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:11304668 errors:0 dropped:9 overruns:0 frame:0
          TX packets:1825124 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3257416348 (3.0 GiB)  TX bytes:894553350 (853.1 MiB)
          Interrupt:31 

eth0.2    Link encap:Ethernet  HWaddr 78:D2:94:A8:34:44  
          inet addr:100.91.132.67  Bcast:100.91.132.127  Mask:255.255.255.128
          inet6 addr: 2401:fa00:480:9003:7ad2:94ff:fea8:3444/64 Scope:Global
          inet6 addr: fe80::7ad2:94ff:fea8:3444/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:457745 errors:0 dropped:49012 overruns:0 frame:0
          TX packets:211298 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:106429770 (101.4 MiB)  TX bytes:194406162 (185.3 MiB)

eth1      Link encap:Ethernet  HWaddr 78:D2:94:A8:34:43  
          inet6 addr: fe80::7ad2:94ff:fea8:3443/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:181854 errors:0 dropped:0 overruns:0 frame:0
          TX packets:688316 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:20293687 (19.3 MiB)  TX bytes:768417323 (732.8 MiB)
          Interrupt:32 

eth1.1    Link encap:Ethernet  HWaddr 78:D2:94:A8:34:43  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4817 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:560812 (547.6 KiB)

eth1.2    Link encap:Ethernet  HWaddr 78:D2:94:A8:34:43  
          inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:2286 (2.2 KiB)
// tcpdump
195	2020-09-14 05:08:26.005231	192.168.1.222	192.168.2.1	DNS	96	Standard query 0x03bc A www.cnn.com OPT
196	2020-09-14 05:08:26.005231	192.168.1.222	192.168.2.1	DNS	96	Standard query 0x03bc A www.cnn.com OPT
brctl show
# brctl show
bridge name	bridge id		STP enabled	interfaces
br-lan		7fff.78d294a83443	no		eth1.1
							            wlan0
1 Like

Why do they have the same MAC address?
Your switch/VLAN config looks weird for me.

Hmm, I think you are right. They should not have the same MAC. The way I create network eth1.2 is by uci commands belows. Maybe it's the wrong way, or maybe I have to specify the MAC on this network? I need a network interface that can run the second dnsmasq. If you can share me other way to create a network interface is very appreciated.

# uci set network.nif4dns=interface
# uci set network.nif4dns.proto='static'
# uci set network.nif4dns.ipaddr='192.168.2.1'
# uci set network.nif4dns.netmask='255.255.255.0'
# uci set network.nif4dns.ip6assign='60'
# uci set network.nif4dns.ifname='eth1.2'
# uci commit network
# /etc/init.d/network restart
swconfig list; swconfig dev switch0 show
# swconfig list; swconfig dev switch0 show
Found: switch0 - gpio-0
Global attributes:
	enable_vlan: 1
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	mirror_monitor_port: 0
	mirror_source_port: 0
	arl_age_time: 300
	arl_table: address resolution table
Port 0: MAC 78:d2:94:a8:34:44
Port 5: MAC 00:5d:73:fe:ff:84
Port 5: MAC 44:37:e6:55:cf:9d
Port 5: MAC f4:f2:6d:a9:8f:13
Port 5: MAC 00:11:32:a4:65:64
Port 5: MAC 18:d6:c7:bf:ad:b9
Port 5: MAC 24:f5:a2:5c:3f:40
Port 5: MAC 00:00:5e:00:01:aa
Port 5: MAC 00:00:5e:00:02:aa
Port 5: MAC 00:05:1b:c0:df:64
Port 5: MAC 88:1d:fc:6c:87:48
Port 5: MAC 00:11:32:a0:1f:28
Port 5: MAC 00:11:32:bc:0f:4c
Port 5: MAC 20:a6:cd:cc:54:22
Port 5: MAC 90:94:e4:fc:2f:57
Port 5: MAC d8:18:d3:1f:06:98
Port 5: MAC 3c:52:82:5f:21:4c
Port 5: MAC 54:4b:8c:31:f4:30
Port 5: MAC 24:f5:a2:5c:3e:26
Port 5: MAC 18:d6:c7:c0:04:3f
Port 5: MAC d4:81:d7:ba:4b:24
Port 5: MAC 00:05:1b:a1:d5:05
Port 6: MAC 78:d2:94:a8:34:43
Port 6: MAC 94:e6:f7:68:b0:c3

	igmp_snooping: 0
	igmp_v3: 0
Port 0:
	mib: MIB counters
RxBroad     : 30
RxPause     : 0
RxMulti     : 3070
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 123019
Rx128Byte   : 1017633
Rx256Byte   : 124321
Rx512Byte   : 46335
Rx1024Byte  : 41282
Rx1518Byte  : 147859
RxMaxByte   : 383856
RxTooLong   : 0
RxGoodByte  : 950455275 (906.4 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 566
TxBroad     : 5418177
TxPause     : 0
TxMulti     : 17853850
TxUnderRun  : 0
Tx64Byte    : 131
Tx128Byte   : 21599481
Tx256Byte   : 999716
Tx512Byte   : 93448
Tx1024Byte  : 325029
Tx1518Byte  : 3846068
TxMaxByte   : 2563915
TxOverSize  : 0
TxByte      : 10964083269 (10.2 GiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

	enable_eee: ???
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 0
	link: port:0 link:up speed:1000baseT full-duplex 
Port 1:
	mib: No MIB data
	enable_eee: 0
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 1
	link: port:1 link:down
Port 2:
	mib: No MIB data
	enable_eee: 0
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 1
	link: port:2 link:down
Port 3:
	mib: No MIB data
	enable_eee: 0
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 1
	link: port:3 link:down
Port 4:
	mib: MIB counters
RxBroad     : 1467
RxPause     : 0
RxMulti     : 9187
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 144774
Rx128Byte   : 20500
Rx256Byte   : 2267
Rx512Byte   : 3529
Rx1024Byte  : 8975
Rx1518Byte  : 1848
RxMaxByte   : 0
RxTooLong   : 0
RxGoodByte  : 20305118 (19.3 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 39
TxBroad     : 4317
TxPause     : 0
TxMulti     : 2121
TxUnderRun  : 0
Tx64Byte    : 55917
Tx128Byte   : 20217
Tx256Byte   : 2953
Tx512Byte   : 3524
Tx1024Byte  : 8118
Tx1518Byte  : 536021
TxMaxByte   : 0
TxOverSize  : 0
TxByte      : 761336561 (726.0 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

	enable_eee: 0
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 1
	link: port:4 link:down
Port 5:
	mib: MIB counters
RxBroad     : 5418236
RxPause     : 0
RxMulti     : 17854019
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 10218976
Rx128Byte   : 11390763
Rx256Byte   : 995296
Rx512Byte   : 92235
Rx1024Byte  : 324671
Rx1518Byte  : 6409454
RxMaxByte   : 0
RxTooLong   : 0
RxGoodByte  : 10847077993 (10.1 GiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 3597
TxBroad     : 30
TxPause     : 0
TxMulti     : 2882
TxUnderRun  : 0
Tx64Byte    : 123018
Tx128Byte   : 1021114
Tx256Byte   : 121469
Tx512Byte   : 45421
Tx1024Byte  : 41128
Tx1518Byte  : 531600
TxMaxByte   : 0
TxOverSize  : 0
TxByte      : 943242190 (899.5 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

	enable_eee: 0
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 2
	link: port:5 link:up speed:1000baseT full-duplex txflow rxflow auto
Port 6:
	mib: MIB counters
RxBroad     : 39132
RxPause     : 0
RxMulti     : 30138
RxFcsErr    : 0
RxAlignErr  : 0
RxRunt      : 0
RxFragment  : 0
Rx64Byte    : 87363
Rx128Byte   : 21000
Rx256Byte   : 29467
Rx512Byte   : 7705
Rx1024Byte  : 9045
Rx1518Byte  : 533410
RxMaxByte   : 2616
RxTooLong   : 0
RxGoodByte  : 772030911 (736.2 MiB)
RxBadByte   : 0
RxOverFlow  : 0
Filtered    : 63856
TxBroad     : 1467
TxPause     : 0
TxMulti     : 9187
TxUnderRun  : 0
Tx64Byte    : 0
Tx128Byte   : 165186
Tx256Byte   : 2316
Tx512Byte   : 3535
Tx1024Byte  : 8969
Tx1518Byte  : 1847
TxMaxByte   : 1
TxOverSize  : 0
TxByte      : 21021103 (20.0 MiB)
TxCollision : 0
TxAbortCol  : 0
TxMultiCol  : 0
TxSingleCol : 0
TxExcDefer  : 0
TxDefer     : 0
TxLateCol   : 0

	enable_eee: ???
	igmp_snooping: 0
	vlan_prio: 0
	pvid: 0
	link: port:6 link:up speed:1000baseT full-duplex 
VLAN 1:
	vid: 1
	ports: 1 2 3 4 6t 
VLAN 2:
	vid: 2
	ports: 0t 5 
1 Like

Is this the default configuration?
Have you changed any switch/VLAN settings?

Also check:

ls -l /sys/class/net

Is this the default configuration?
Have you changed any switch/VLAN settings?

No, it's default setting. The setting can be found here https://openwrt.org/docs/guide-user/base-system/basic-networking.

# ls -l /sys/class/net
lrwxrwxrwx    1 root     root             0 Sep 14 14:56 br-lan -> ../../devices/virtual/net/br-lan
lrwxrwxrwx    1 root     root             0 Jul 13 12:56 erspan0 -> ../../devices/virtual/net/erspan0
lrwxrwxrwx    1 root     root             0 Jan  1  1970 eth0 -> ../../devices/platform/soc/37200000.ethernet/net/eth0
lrwxrwxrwx    1 root     root             0 Sep 14 14:56 eth0.2 -> ../../devices/virtual/net/eth0.2
lrwxrwxrwx    1 root     root             0 Jan  1  1970 eth1 -> ../../devices/platform/soc/37400000.ethernet/net/eth1
lrwxrwxrwx    1 root     root             0 Sep 14 14:56 eth1.1 -> ../../devices/virtual/net/eth1.1
lrwxrwxrwx    1 root     root             0 Sep 14 14:56 eth1.2 -> ../../devices/virtual/net/eth1.2
lrwxrwxrwx    1 root     root             0 Jul 13 12:56 gre0 -> ../../devices/virtual/net/gre0
lrwxrwxrwx    1 root     root             0 Jul 13 12:56 gretap0 -> ../../devices/virtual/net/gretap0
lrwxrwxrwx    1 root     root             0 Jan  1  1970 lo -> ../../devices/virtual/net/lo
lrwxrwxrwx    1 root     root             0 Sep 14 14:56 wlan0 -> ../../devices/platform/soc/1b500000.pci/pci0000:00/0000:00:00.0/0000:01:00.0/net/wlan0

1 Like

If you need a separate VLAN, then I believe you should follow this guide:
https://openwrt.org/docs/guide-user/network/vlan/creating_virtual_switches

On the other hand, do you really need a separate VLAN or just a separate subnet?

1 Like

Not necessary to be a VLAN. I just need an interface with static IP address and run the second DNS server on it. The purpose of this enviroment is to check the DNS server selection behavior on the device under test.

1 Like

Then configure the interface as an alias:
https://openwrt.org/docs/guide-user/network/network_interface_alias

1 Like

I tried VLAN and interface alias, they still don't work. I probably have to give up. vegeta, I really appreciate that you spend much time helping me and providing all suggestions. :slight_smile:

1 Like