I really liked the idea of splitting up my wireless and wired networks into different subnets, so when I found the Routed AP page, I followed it. At first it seemed that everything worked correctly. That is, until I added a second SSID to the 2.4Ghz band.
Nothing complicated, it was not isolated and identical to the primary SSID. My logs became spammed with DHCP packet received on interface wlan1-1 which has no address and constant WiFi associations and disassociations. The connection could be made, but DNSMasq refused to give out an IP. The other devices had a connection but no more internet connectivity.
Later it even started happening to the primary SSID's.
Eventually I switched back to the default LAN network and now everything works.
I noticed the little link at the bottom of the page, which indicates there may be another firewall setting there. Unfortunately, that link is dead.
So, how can I make this work? I really liked the concept.
If we don't see the config it is hard to guess what went wrong.
However if you followed the routed AP guide and added a second SSID on an interface wifi2 I don't see where the problem would be.
Well, I don't like doing the same things over and over, so...
uci set network.wifi='interface'
uci set network.wifi.proto='static'
uci set network.wifi.ipaddr='172.16.17.18'
uci set network.wifi.netmask='255.255.255.0'
uci set dhcp.wifi='dhcp'
uci set dhcp.wifi.interface='wifi'
uci set dhcp.wifi.start='101'
uci set dhcp.wifi.limit='50'
uci set dhcp.wifi.leasetime='12h'
uci set firewall.wifi='zone'
uci set firewall.wifi.name='wifi'
uci set firewall.wifi.network='wifi'
uci set firewall.wifi.input='ACCEPT'
uci set firewall.wifi.output='ACCEPT'
uci set firewall.wifi.forward='ACCEPT'
uci set firewall.wifi2wan='forwarding'
uci set firewall.wifi2wan.src='wifi'
uci set firewall.wifi2wan.dest='wan'
uci set firewall.lan2wifi='forwarding'
uci set firewall.lan2wifi.src='lan'
uci set firewall.lan2wifi.dest='wifi'
uci set firewall.wifi2lan='forwarding'
uci set firewall.wifi2lan.src='wifi'
uci set firewall.wifi2lan.dest='lan'
uci set firewall.wifi2vpn='forwarding'
uci set firewall.wifi2vpn.src='wifi'
uci set firewall.wifi2vpn.dest='vpn'
uci set wireless.default_radio0.network='wifi'
uci set wireless.default_radio1.network='wifi'
uci set wireless.guest_radio1='wifi-iface'
uci set wireless.guest_radio1.device='radio1'
uci set wireless.guest_radio1.mode='ap'
uci set wireless.guest_radio1.network='wifi'
uci set wireless.guest_radio1.key='verysecretpassword'
uci set wireless.guest_radio1.wpa_disable_eapol_key_retries='1'
uci set wireless.guest_radio1.ssid='obviousname'
uci set wireless.guest_radio1.encryption='psk2+ccmp'
I think that's it. Clean install, configured the standard LAN with my range, configured and tested OpenVPN, then did this to add the WiFi into the network.
When I did the reinstall I forgot to change wifi back to lan so I got the same error on the existing wlan's. Leading me to believe that uci set dhcp.wifi.interface='wifi' would be the culprit. And yet, it is set correctly as far as I can see.
You may assume that my lan network is 172.17.18.19.
type=bridge is not in the instructions on that page. I'm just versed enough to work in uci, not to get creative yet.
Maybe it is in my backup partition, I think I only reinstalled once afterwards. Since everything is barely working now (my 5Ghz band turned off during the night and won't turn on unless I reset it and I still have some routing issues) I may not be able to retry or boot into it as long as I need it to connect to work tomorrow. But I will try.
Since it is a completely default install, what are you looking for? I do have the script with every change made during the install, including dnsmasq, but I fail to see how the other changes could lead to this. Then again, you're the expert and I don't understand every aspect of dnsmasq.
Not necessarily, it is running as a standalone interface only with wifi, no lan ports.
@PowerCoder you can post the following: uci export network; uci export wireless; uci export dhcp; uci export firewall
Remove any sensitive data. like passwords/keys/macs.
Turns out my backup partition contains the old build that I came from, so that's not going to help. I will see if I can re-implement the config this weekend.