User34
October 13, 2021, 3:18pm
1
I'm having trouble with my DSA configuration not bridging to physical lan ports.
I am running 21.02 first stable release (OpenWrt 21.02.0 r16279-5cc0535800) on my WRT1900ACSv2 router.
I have three networks:
Home Network (br-lan)
Office Network (br-lan2)
IoT Network (br-lan3)
The Home network is for my main devices. The Office network is bridged to my TAP VPN. The IoT Network isolates higher risk IoT devices from my main network.
Each interface has separate associated wlan wireless networks, firewall zones, and dynamic DHCP servers. At present all three networks work well (with internet) for their associated wlan clients.
My intent is for my home network to be accessible using lan1 and lan2, my office network to be accessible using lan4, and my IoT network to be accessible using lan3 when I connect my laptop directly via Ethernet cables.
My problem is that when I plug the Ethernet cable into lan3 or lan4, I have no internet and seemingly no bridged connection. When I plug the Ethernet cable into lan1 or lan2, I do have internet and bridged access to the Home network.
Below is my configuration:
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config device
option type 'bridge'
option name 'br-lan2'
option igmp_snooping '1'
list ports 'lan4'
list ports 'tap0'
config device
option type 'bridge'
option name 'br-lan3'
option bridge_empty '1'
list ports 'lan3'
config interface 'Home'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.1'
config interface 'Office'
option proto 'static'
option device 'br-lan2'
option netmask '255.255.255.0'
option type 'bridge'
option ipaddr '192.168.2.1'
config interface 'IoT'
option proto 'static'
option device 'br-lan3'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
Any ideas? Should I be using vlan tagged traffic to isolate my networks instead? Is this a bug or a misconfiguration issue?
1 Like
trendy
October 13, 2021, 4:38pm
2
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
ubus call system board; \
uci export network; \
uci export dhcp; uci export firewall; \
head -n -0 /etc/firewall.user; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
User34
October 13, 2021, 5:35pm
3
{
"kernel": "5.4.143",
"hostname": "OpenWrt",
"system": "ARMv7 Processor rev 1 (v7l)",
"model": "Linksys WRT1900ACS",
"board_name": "linksys,wrt1900acs",
"release": {
"distribution": "OpenWrt",
"version": "21.02.0",
"revision": "r16279-5cc0535800",
"target": "mvebu/cortexa9",
"description": "OpenWrt 21.02.0 r16279-5cc0535800"
}
}
package network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'XXX'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
config interface 'Home'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.1'
config device
option name 'wan'
option macaddr 'XXX'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
option peerdns '0'
list dns '1.1.1.3'
list dns '1.0.0.3'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
option peerdns '0'
list dns '2606:4700:4700::1113'
list dns '2606:4700:4700::1003'
config device
option type 'bridge'
option name 'br-lan2'
option igmp_snooping '1'
list ports 'lan4'
list ports 'tap0'
config interface 'Office'
option proto 'static'
option device 'br-lan2'
option netmask '255.255.255.0'
option type 'bridge'
option ipaddr '192.168.2.1'
config device
option type 'bridge'
option name 'br-lan3'
option bridge_empty '1'
list ports 'lan3'
config interface 'IoT'
option proto 'static'
option device 'br-lan3'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
package dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option localservice '1'
option ednspacket_max '1232'
option confdir '/tmp/dnsmasq.d'
config dhcp 'Home'
option interface 'Home'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option dhcpv6 'server'
option ra 'server'
option ra_slaac '1'
list ra_flags 'managed-config'
list ra_flags 'other-config'
option ra_management '1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dhcp 'Office'
option interface 'Office'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
list dhcp_option '6, 192.168.2.1'
list ra_flags 'none'
config dhcp 'IoT'
option interface 'IoT'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
config dhcp 'TAP'
option interface 'TAP'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
list ra_flags 'none'
config dhcp 'Tap1'
option interface 'Tap1'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
list ra_flags 'none'
package firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
option synflood_protect '1'
config zone
option name 'Home'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
list network 'Home'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
list network 'wan'
list network 'wan6'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-DHCPv6'
option src 'wan'
option proto 'udp'
option src_ip 'fc00::/6'
option dest_ip 'fc00::/6'
option dest_port '546'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-MLD'
option src 'wan'
option proto 'icmp'
option src_ip 'fe80::/10'
list icmp_type '130/0'
list icmp_type '131/0'
list icmp_type '132/0'
list icmp_type '143/0'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Input'
option src 'wan'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
list icmp_type 'router-solicitation'
list icmp_type 'neighbour-solicitation'
list icmp_type 'router-advertisement'
list icmp_type 'neighbour-advertisement'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-ICMPv6-Forward'
option src 'wan'
option dest '*'
option proto 'icmp'
list icmp_type 'echo-request'
list icmp_type 'echo-reply'
list icmp_type 'destination-unreachable'
list icmp_type 'packet-too-big'
list icmp_type 'time-exceeded'
list icmp_type 'bad-header'
list icmp_type 'unknown-header-type'
option limit '1000/sec'
option family 'ipv6'
option target 'ACCEPT'
config rule
option name 'Allow-IPSec-ESP'
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option name 'Allow-ISAKMP'
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config rule
option name 'Support-UDP-Traceroute'
option src 'wan'
option dest_port '33434:33689'
option proto 'udp'
option family 'ipv4'
option target 'REJECT'
option enabled '0'
config include
option path '/etc/firewall.user'
config zone
option name 'Office'
option output 'ACCEPT'
option input 'REJECT'
option forward 'REJECT'
list network 'Office'
config rule
list proto 'udp'
option src 'Office'
option dest_port '67-68'
option target 'ACCEPT'
option name 'Allow Fire DHCP'
config rule
option src 'Office'
option dest_port '53'
option target 'ACCEPT'
option name 'Allow Office DNS'
config rule
option src_port '137-139'
option dest 'Office'
option target 'NOTRACK'
option name 'Don'\''t Track NETBIOS Service'
option src 'Office'
config rule
option name 'Don'\''t track NETBIOS Service'
option dest_port '137-139'
option target 'NOTRACK'
option dest 'Office'
option src 'Office'
config rule
option name 'Don'\''t track Windows Filesharing'
option src_port '445'
option target 'NOTRACK'
option src 'Office'
option dest 'Office'
config rule
option name 'Don'\''t track Windows Filesharing'
option dest_port '445'
option target 'NOTRACK'
option src 'Office'
option dest 'Office'
config forwarding
option src 'Office'
option dest 'wan'
config zone
option name 'IoT'
option output 'ACCEPT'
option forward 'REJECT'
option input 'REJECT'
list network 'IoT'
config forwarding
option src 'IoT'
option dest 'wan'
config rule
option name 'Allow Samba'
option src 'Office'
option dest_port '137-139'
option target 'ACCEPT'
config rule
option name 'Allow Samba 2'
option dest_port '445'
option target 'ACCEPT'
option src 'Office'
config rule
option name 'Allow-OpenVPN'
list proto 'udp'
option src 'Office'
option dest_port '1194'
option target 'ACCEPT'
config rule
option name 'Allow-VPN2'
option src_port '1195'
option dest_port '1195'
option target 'ACCEPT'
option src 'Office'
list proto 'udp'
option enabled '0'
config rule
option name 'Allow-DNS-IoT'
option src 'IoT'
option dest_port '53'
option target 'ACCEPT'
config rule
option name 'Allow-DHCP-IoT'
list proto 'udp'
option src 'IoT'
option target 'ACCEPT'
option dest_port '67-68'
config rule
option name 'Allow HA'
option src 'Home'
list src_ip '192.168.1.166'
option dest 'IoT'
option target 'ACCEPT'
config rule
option name 'Block Office Access to Private Network'
option src 'Office'
option dest 'Home'
list dest_ip '192.168.1.0/24'
option target 'DROP'
config rule
option name 'Block IoT access to Private Network'
option src 'IoT'
option dest 'Home'
list dest_ip '192.168.1.0/24'
option target 'DROP'
option enabled '0'
config redirect
option target 'DNAT'
option name 'Forward OpenVPN'
list proto 'udp'
option src_dport '1194'
option dest_port '1194'
option src 'wan'
option dest_ip '192.168.2.1'
config redirect
option target 'DNAT'
option name 'Forward-VPN2'
list proto 'udp'
option src 'wan'
option dest_ip '10.8.0.1'
option dest_port '1194'
option src_dport '1194'
option enabled '0'
config rule
option name 'Block IOT to Office'
option src 'IoT'
option dest 'Office'
option target 'DROP'
config rule
option name 'Block Office to IOT'
option src 'Office'
option dest 'IoT'
option target 'DROP'
config forwarding
option src 'Home'
option dest 'IoT'
# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.
# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
7: wan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc cake state UP qlen 1000
inet XXX/21 brd XXX scope global wan
valid_lft forever preferred_lft forever
10: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.1.1/24 brd 192.168.1.255 scope global br-lan
valid_lft forever preferred_lft forever
14: br-lan3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.3.1/24 brd 192.168.3.255 scope global br-lan3
valid_lft forever preferred_lft forever
16: br-lan2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
inet 192.168.2.1/24 brd 192.168.2.255 scope global br-lan2
valid_lft forever preferred_lft forever
default via 72.XX.XX.1 dev wan src 72.XX.XX.129
72.XX.XX.0/21 dev wan scope link src 72.XX.XX.129
192.168.1.0/24 dev br-lan scope link src 192.168.1.1
192.168.2.0/24 dev br-lan2 scope link src 192.168.2.1
192.168.3.0/24 dev br-lan3 scope link src 192.168.3.1
broadcast 72.XX.XX.0 dev wan table local scope link src 72.XX.XX.129
local 72.XX.XX.129 dev wan table local scope host src 72.XX.XX.129
broadcast 72.XX.XX.255 dev wan table local scope link src 72.XX.XX.129
broadcast 127.0.0.0 dev lo table local scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local scope host src 127.0.0.1
local 127.0.0.1 dev lo table local scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local scope link src 127.0.0.1
broadcast 192.168.1.0 dev br-lan table local scope link src 192.168.1.1
local 192.168.1.1 dev br-lan table local scope host src 192.168.1.1
broadcast 192.168.1.255 dev br-lan table local scope link src 192.168.1.1
broadcast 192.168.2.0 dev br-lan2 table local scope link src 192.168.2.1
local 192.168.2.1 dev br-lan2 table local scope host src 192.168.2.1
broadcast 192.168.2.255 dev br-lan2 table local scope link src 192.168.2.1
broadcast 192.168.3.0 dev br-lan3 table local scope link src 192.168.3.1
local 192.168.3.1 dev br-lan3 table local scope host src 192.168.3.1
broadcast 192.168.3.255 dev br-lan3 table local scope link src 192.168.3.1
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
lrwxrwxrwx 1 root root 16 Aug 31 18:20 /etc/resolv.conf -> /tmp/resolv.conf
-rw-r--r-- 1 root root 47 Oct 13 11:47 /tmp/resolv.conf
-rw-r--r-- 1 root root 135 Oct 13 11:46 /tmp/resolv.conf.d/resolv.conf.auto
/tmp/resolv.conf.d:
-rw-r--r-- 1 root root 135 Oct 13 11:46 resolv.conf.auto
==> /etc/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf <==
search lan
nameserver 127.0.0.1
nameserver ::1
==> /tmp/resolv.conf.d <==
head: /tmp/resolv.conf.d: I/O error
==> /tmp/resolv.conf.d/resolv.conf.auto <==
# Interface wan
nameserver 1.1.1.3
nameserver 1.0.0.3
# Interface wan6
nameserver 2606:4700:4700::1113
nameserver 2606:4700:4700::1003
trendy
October 13, 2021, 5:56pm
4
The interzone rules are not necessary. If you don't explicitly allow the forwarding from one zone to another, the traffic is not allowed, as per the global policy.
User34
October 13, 2021, 6:03pm
5
Yes, clients are able to get an IP and use DNS when I connect to the iot and office hosts via their associated wlan, but no communication happens via their bridged lan port.
Thanks for the advice concerning the interzone rules.
trendy
October 14, 2021, 6:15am
6
So if you connect over wifi to the Office or IoT everything works fine, but when you connect to the lan port nothing works?brctl show as well.
User34
October 14, 2021, 1:12pm
7
This is probably some kind of mistake from evolving configuration with Luci. I can try to strike that from the actual configuration file to see if it makes a difference.
I'm not quite sure why I did that. I suspect I thought it would help the performance of my VPN setup. I can also strike this from the configuration file if you think it would help.
trendy:
Do a brctl show as well.
bridge name bridge id STP enabled interfaces
br-lan2 xxxxxxxxxxxxxxxxx no wlan0-1
tap0
br-lan xxxxxxxxxxxxxxxxx no lan2
wlan0
wlan1
lan1
br-lan3 xxxxxxxxxxxxxxxxx no wlan1-1
Thank you so much for looking into my issue! Why do you think lan3 and lan4 are not showing in the above command?
trendy
October 14, 2021, 1:37pm
8
I am not sure why they are not part of the bridge. First remove those two lines from the device config. Second, while you are connected from lan1-2 do a ifup IoT, see if there is any log message, also paste here the log output logread
User34
October 14, 2021, 9:29pm
9
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is enabled
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is setting up now
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is now up
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface br-lan3.IPv4 with address 192.168.3.1.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: New relevant interface br-lan3.IPv4 for mDNS.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Registering new address record for 192.168.3.1 on br-lan3.IPv4.
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is now down
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Withdrawing address record for 192.168.3.1 on br-lan3.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Leaving mDNS multicast group on interface br-lan3.IPv4 with address 192.168.3.1.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Interface br-lan3.IPv4 no longer relevant for mDNS.
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.514463] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.523544] device wlan1-1 left promiscuous mode
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.528380] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is disabled
Thu Oct 14 17:08:30 2021 daemon.notice netifd: bridge 'br-lan3' link is down
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' has link connectivity loss
Thu Oct 14 17:08:30 2021 user.notice firewall: Reloading firewall due to ifup of IoT (br-lan3)
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.678006] br-lan3: port 1(wlan1-1) entered blocking state
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.683788] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.689684] device wlan1-1 entered promiscuous mode
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.697308] br-lan3: port 1(wlan1-1) entered blocking state
Thu Oct 14 17:08:30 2021 kern.info kernel: [105714.703011] br-lan3: port 1(wlan1-1) entered forwarding state
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is enabled
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is setting up now
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface br-lan3.IPv4 with address 192.168.3.1.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: New relevant interface br-lan3.IPv4 for mDNS.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Registering new address record for 192.168.3.1 on br-lan3.IPv4.
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' is now up
Thu Oct 14 17:08:30 2021 daemon.notice netifd: bridge 'br-lan3' link is up
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' has link connectivity
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: Remove interface 'wlan1'
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1: interface state ENABLED->DISABLED
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXXXXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX34:01
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: AP-DISABLED
Thu Oct 14 17:08:30 2021 daemon.notice hostapd: wlan1-1: CTRL-EVENT-TERMINATING
Thu Oct 14 17:08:30 2021 user.notice firewall: Reloading firewall due to ifup of Office (br-lan2)
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Network device 'wlan1-1' link is down
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Interface wlan1-1.IPv6 no longer relevant for mDNS.
Thu Oct 14 17:08:30 2021 daemon.info avahi-daemon[3561]: Leaving mDNS multicast group on interface wlan1-1.IPv6 with address XXXXXX.
Thu Oct 14 17:08:30 2021 kern.info kernel: [105715.086592] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:30 2021 kern.info kernel: [105715.095012] device wlan1-1 left promiscuous mode
Thu Oct 14 17:08:30 2021 kern.info kernel: [105715.099771] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:30 2021 daemon.notice netifd: bridge 'br-lan3' link is down
Thu Oct 14 17:08:30 2021 daemon.notice netifd: Interface 'IoT' has link connectivity loss
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Interface 'IoT' is now down
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Withdrawing address record for XXXXXX on wlan1-1.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Withdrawing address record for 192.168.3.1 on br-lan3.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Leaving mDNS multicast group on interface br-lan3.IPv4 with address 192.168.3.1.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Interface br-lan3.IPv4 no longer relevant for mDNS.
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: nl80211: Failed to remove interface wlan1-1 from bridge br-lan3: No such device
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED XXXXXX
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: AP-DISABLED
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: wlan1: CTRL-EVENT-TERMINATING
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: nl80211: deinit ifname=wlan1 disabled_11b_rates=0
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Interface 'IoT' is disabled
Thu Oct 14 17:08:31 2021 kern.info kernel: [105715.333751] device wlan1 left promiscuous mode
Thu Oct 14 17:08:31 2021 kern.info kernel: [105715.338415] br-lan: port 3(wlan1) entered disabled state
Thu Oct 14 17:08:31 2021 kern.debug kernel: [105715.518591] ieee80211 phy1: change: 0x40
Thu Oct 14 17:08:31 2021 kern.debug kernel: [105715.572651] ieee80211 phy1: change: 0x100
Thu Oct 14 17:08:31 2021 daemon.info samba4-server: io_uring module found, enabling VFS io_uring. (also needs Kernel 5.4+ Support)
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Interface wlan1.IPv6 no longer relevant for mDNS.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Leaving mDNS multicast group on interface wlan1.IPv6 with address XXXXXX.
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Network device 'wlan1' link is down
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Withdrawing address record for XXXXXX on wlan1.
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Interface 'IoT' is enabled
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Interface 'IoT' is setting up now
Thu Oct 14 17:08:31 2021 daemon.notice netifd: Interface 'IoT' is now up
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface br-lan3.IPv4 with address 192.168.3.1.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: New relevant interface br-lan3.IPv4 for mDNS.
Thu Oct 14 17:08:31 2021 daemon.info avahi-daemon[3561]: Registering new address record for 192.168.3.1 on br-lan3.IPv4.
Thu Oct 14 17:08:31 2021 user.notice firewall: Reloading firewall due to ifup of IoT (br-lan3)
Thu Oct 14 17:08:31 2021 daemon.notice hostapd: Configuration file: /var/run/hostapd-phy1.conf (phy wlan1) --> new PHY
Thu Oct 14 17:08:32 2021 kern.debug kernel: [105716.202551] ieee80211 phy1: change: 0xffffffff
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.267398] br-lan: port 3(wlan1) entered blocking state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.272828] br-lan: port 3(wlan1) entered disabled state
Thu Oct 14 17:08:32 2021 daemon.notice hostapd: wlan1: interface state UNINITIALIZED->COUNTRY_UPDATE
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.278382] device wlan1 entered promiscuous mode
Thu Oct 14 17:08:32 2021 kern.debug kernel: [105716.319390] ieee80211 phy1: change: 0x100
Thu Oct 14 17:08:32 2021 kern.debug kernel: [105716.332555] ieee80211 phy1: change: 0x42
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.455589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.462145] br-lan: port 3(wlan1) entered blocking state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.467582] br-lan: port 3(wlan1) entered forwarding state
Thu Oct 14 17:08:32 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface br-lan2.IPv6 with address fXXXXXX.
Thu Oct 14 17:08:32 2021 daemon.info avahi-daemon[3561]: New relevant interface br-lan2.IPv6 for mDNS.
Thu Oct 14 17:08:32 2021 daemon.info avahi-daemon[3561]: Registering new address record for fXXXXXX on br-lan2.*.
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.510962] br-lan3: port 1(wlan1-1) entered blocking state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.516908] br-lan3: port 1(wlan1-1) entered disabled state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.522765] device wlan1-1 entered promiscuous mode
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.581815] br-lan3: port 1(wlan1-1) entered blocking state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.587517] br-lan3: port 1(wlan1-1) entered forwarding state
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.593512] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan3: link becomes ready
Thu Oct 14 17:08:32 2021 daemon.notice netifd: bridge 'br-lan3' link is up
Thu Oct 14 17:08:32 2021 daemon.notice netifd: Interface 'IoT' has link connectivity
Thu Oct 14 17:08:32 2021 kern.info kernel: [105716.696588] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1-1: link becomes ready
Thu Oct 14 17:08:32 2021 daemon.notice hostapd: wlan1: interface state COUNTRY_UPDATE->ENABLED
Thu Oct 14 17:08:32 2021 daemon.notice hostapd: wlan1: AP-ENABLED
Thu Oct 14 17:08:33 2021 daemon.notice netifd: Network device 'wlan1' link is up
Thu Oct 14 17:08:33 2021 daemon.notice netifd: Network device 'wlan1-1' link is up
Thu Oct 14 17:08:33 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface br-lan3.IPv6 with address XXXXXX:6435.
Thu Oct 14 17:08:33 2021 daemon.info avahi-daemon[3561]: New relevant interface br-lan3.IPv6 for mDNS.
Thu Oct 14 17:08:33 2021 daemon.info avahi-daemon[3561]: Registering new address record for XXXXXX:6435 on br-lan3.*.
Thu Oct 14 17:08:33 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:33 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 1)
Thu Oct 14 17:08:33 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:33 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:33 2021 daemon.info dnsmasq[9846]: read /etc/hosts - 4 addresses
Thu Oct 14 17:08:33 2021 daemon.info dnsmasq[9846]: read /tmp/hosts/odhcpd - 10 addresses
Thu Oct 14 17:08:33 2021 daemon.info dnsmasq[9846]: read /tmp/hosts/dhcp.cfg01411c - 4 addresses
Thu Oct 14 17:08:33 2021 daemon.info dnsmasq-dhcp[9846]: read /etc/ethers - 0 addresses
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface wlan1.IPv6 with address XXXXXX.
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: New relevant interface wlan1.IPv6 for mDNS.
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: Registering new address record for XXXXXX on wlan1.*.
Thu Oct 14 17:08:34 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:34 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.132 XXXXXX
Thu Oct 14 17:08:34 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.132 XXXXXX
Thu Oct 14 17:08:34 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.132 XXXXXX ESP_94ED43
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: Joining mDNS multicast group on interface wlan1-1.IPv6 with address XXXXXX:6435.
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: New relevant interface wlan1-1.IPv6 for mDNS.
Thu Oct 14 17:08:34 2021 daemon.info avahi-daemon[3561]: Registering new address record for XXXXXX:6435 on wlan1-1.*.
Thu Oct 14 17:08:35 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:35 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 1)
Thu Oct 14 17:08:35 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:35 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:35 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:35 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 2)
Thu Oct 14 17:08:36 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:36 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:36 2021 daemon.info hostapd: wlan1: STA XXXXXXXXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:36 2021 daemon.info hostapd: wlan1: STA XXXXXXXXXXXX IEEE 802.11: associated (aid 2)
Thu Oct 14 17:08:36 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:36 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 3)
Thu Oct 14 17:08:37 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:37 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.108 XXXXXX
Thu Oct 14 17:08:37 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.108 XXXXXX
Thu Oct 14 17:08:37 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.108 XXXXXX ESP_ACF98D
Thu Oct 14 17:08:37 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:37 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 4)
Thu Oct 14 17:08:37 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:37 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:37 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXXXXXXXX
Thu Oct 14 17:08:37 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX34:01
Thu Oct 14 17:08:37 2021 daemon.info hostapd: wlan1-1: STA XXXXXX34:01 WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:38 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXXXXXXXX
Thu Oct 14 17:08:38 2021 daemon.info hostapd: wlan1-1: STA XXXXXX87:a5:63 IEEE 802.11: authenticated
Thu Oct 14 17:08:38 2021 daemon.info hostapd: wlan1-1: STA XXXXXX87:a5:63 IEEE 802.11: associated (aid 5)
Thu Oct 14 17:08:38 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:38 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:38 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:38 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.208 XXXXXX
Thu Oct 14 17:08:38 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.208 XXXXXX
Thu Oct 14 17:08:38 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.208 XXXXXX TY_WR
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.100 XXXXXX
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.100 XXXXXX
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.100 XXXXXX ESP_778E1E
Thu Oct 14 17:08:39 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXXXXXXXX
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX34:01
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.159 XXXXXX34:01
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.159 XXXXXX34:01
Thu Oct 14 17:08:39 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.159 XXXXXX34:01 RMMINI-1a-34-01
Thu Oct 14 17:08:39 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:39 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 6)
Thu Oct 14 17:08:40 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 3)
Thu Oct 14 17:08:40 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1-1: STA XXXXXXXXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1-1: STA XXXXXXXXXXXX IEEE 802.11: associated (aid 7)
Thu Oct 14 17:08:40 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1-1: STA XXXXXXXXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:40 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:40 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.186 XXXXXX
Thu Oct 14 17:08:40 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.186 XXXXXXXXXXXX
Thu Oct 14 17:08:40 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.186 XXXXXXXXXXXX
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:40 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 2)
Thu Oct 14 17:08:41 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 4)
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.106 XXXXXX
Thu Oct 14 17:08:41 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.106 XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.106 XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan) 192.168.1.229 XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan) 192.168.1.229 XXXXXX Google-Home-Mini
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 5)
Thu Oct 14 17:08:41 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:41 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:41 2021 kern.debug kernel: [105725.840882] ieee80211 phy1: Mac80211 start BA XXXXXX
Thu Oct 14 17:08:42 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:42 2021 daemon.info hostapd: wlan1: STA XXXXXX IEEE 802.11: associated (aid 6)
Thu Oct 14 17:08:42 2021 daemon.notice hostapd: wlan1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:42 2021 daemon.info hostapd: wlan1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:42 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:42 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 8)
Thu Oct 14 17:08:43 2021 daemon.info hostapd: wlan1: STA XXXXXXXXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:43 2021 daemon.info hostapd: wlan1: STA XXXXXXXXXXXX IEEE 802.11: associated (aid 7)
Thu Oct 14 17:08:43 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:43 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:43 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:43 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.219 XXXXXX
Thu Oct 14 17:08:43 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan3) 192.168.3.219 XXXXXX
Thu Oct 14 17:08:43 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan3) 192.168.3.219 XXXXXX
Thu Oct 14 17:08:44 2021 kern.debug kernel: [105728.190691] ieee80211 phy0: Mac80211 start BA 54:60:09:7f:51:9c
Thu Oct 14 17:08:44 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: authenticated
Thu Oct 14 17:08:44 2021 daemon.info hostapd: wlan1-1: STA XXXXXX IEEE 802.11: associated (aid 9)
Thu Oct 14 17:08:44 2021 daemon.notice hostapd: wlan1-1: AP-STA-CONNECTED XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info hostapd: wlan1-1: STA XXXXXX WPA: pairwise key handshake completed (RSN)
Thu Oct 14 17:08:44 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXXXXXXXX
Thu Oct 14 17:08:44 2021 kern.debug kernel: [105728.543355] ieee80211 phy0: Stop BA XXXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan) XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan) 192.168.1.106 XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan) 192.168.1.106 XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan) 192.168.1.106 XXXXXX Switch-
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan) XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan) 192.168.1.114 XXXXXX
Thu Oct 14 17:08:44 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan) 192.168.1.114 XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan) 192.168.1.114 XXXXXX Switch-0
Thu Oct 14 17:08:45 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXXXXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan3) XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan3) 192.168.3.169 XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPDISCOVER(br-lan) XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPOFFER(br-lan) 192.168.1.129 XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPREQUEST(br-lan) 192.168.1.129 XXXXXX
Thu Oct 14 17:08:45 2021 daemon.info dnsmasq-dhcp[9846]: DHCPACK(br-lan) 192.168.1.129 XXXXXX Switch2
Thu Oct 14 17:08:46 2021 daemon.notice hostapd: wlan1: AP-STA-POSSIBLE-PSK-MISMATCH XXXXXX
Not seeing too much interesting in this log.
Removed those lines of code and restarted the router. Still no luck on lan3 access. Same output for the brctl command as previous post.
Any chance this could be a bug? It seems to be consistent with other DSA configuration models.
jow
October 14, 2021, 10:10pm
10
Your office interface sets „option type bridge“ which would cause netifd to spawn a br-Office over br-lan2, maybe that triggers undefined behavior. Try removing „option type bridge“ from „config interface Office“ and reboot or restart (not reload) network, then recheck the setup.
2 Likes
User34
October 15, 2021, 1:56pm
11
Thanks for the suggestion. Unfortunately, this did not work as well. I still cannot access br-lan2 or br-lan3 via lan4 and lan3.
mk24
October 15, 2021, 3:32pm
12
Run brctl show again, now that you (correctly) don't have option type bridge in any of the config interface sections.
Having br-lan3 etc as a bridge name while lan3 etc are pre-defined port names might be an issue. You could try renaming them br-office and br-iot instead.
Also use strictly lowercase for all names.
There have been a number of of forum threads RE: Multiple bridged networks not manifesting correctly. I did a quick test with master image on a mamba :
Summary
root@mamba:/etc/config# cat network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '1'
option ula_prefix 'fde2:1857:9a33::/48'
config device
option name 'lan1'
option macaddr '94:10:3e:85:b5:26'
config device
option name 'lan2'
option macaddr '94:10:3e:85:b5:26'
config device
option name 'lan3'
option macaddr '94:10:3e:85:b5:27'
config device
option name 'lan4'
option macaddr '94:10:3e:85:b5:27'
config device
option name 'br-lan10'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
option macaddr '94:10:3e:85:b5:28'
config interface 'LAN10'
option device 'br-lan10'
option proto 'static'
option ipaddr '192.168.10.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'br-lan20'
option type 'bridge'
list ports 'lan3'
list ports 'lan4'
option macaddr '94:10:3e:85:b5:29'
config interface 'LAN20'
option device 'br-lan20'
option proto 'static'
option ipaddr '192.168.20.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'wan'
option macaddr '94:10:3e:85:b5:25'
config interface 'WAN'
option device 'wan'
option proto 'dhcp'
config interface 'WAN6'
option device 'wan'
option proto 'dhcpv6'
root@mamba:/etc/config# brctl show
bridge name bridge id STP enabled interfaces
br-lan20 7fff.000000000000 no
br-lan10 7fff.94103e85b528 no lan2
lan1
root@mamba:/etc/config# bridge vlan
port vlan-id
lan2 1 PVID Egress Untagged
lan1 1 PVID Egress Untagged
br-lan10 1 PVID Egress Untagged
br-lan20 1 PVID Egress Untagged
seems people end up going to one of the two followup VLAN configurations in the wiki to get things working.
3 Likes
User34
October 15, 2021, 8:22pm
14
THANK YOU - You are absolutely right there is an outstanding bug in this kind of DSA multiple network configuration method. I did some major demolition and migrated my setup to the latest snapshot build (OpenWrt SNAPSHOT r17756). I have my new network configuration using the VLAN methodology and it is working.
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config bridge-vlan
option device 'br-lan'
option vlan '10'
list ports 'lan1'
list ports 'lan2'
config bridge-vlan
option device 'br-lan'
option vlan '30'
list ports 'lan3'
config bridge-vlan
option device 'br-lan'
option vlan '40'
list ports 'lan4'
config interface 'Home'
option device 'br-lan.10'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.1'
config interface 'Office'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
option type 'bridge'
option device 'br-lan2'
config interface 'IoT'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
option type 'bridge'
option device 'br-lan3'
config device
option type 'bridge'
option name 'br-lan2'
option macaddr 'XXXXXXXX'
option mtu '1500'
list ports 'br-lan.30'
list ports 'tap0'
config device
option type 'bridge'
option name 'br-lan3'
option mtu '1500'
option macaddr 'XXXXXXXX'
list ports 'br-lan.40'
In this convoluted setup, I have three VLANs, three bridges, and three interfaces.
VLAN Bridge Interface Wireless
br-lan.10 (lan1 and lan2) NA Home wan0, wlan1
br-lan.30 (lan3) br-lan2 (br-lan.30 and tap0) Office wlan0.1
br-lan.40 (lan4) br-lan3 (br-lan.40) IoT wlan1.1
I am sure it could have been simplified by not creating br-lan3 and adjoining Interface IoT with br-lan.40. But for now, I am able to connect to lan3 and lan4 as originally desired.
Thank you to everyone who diligently helped me figure this out.
1 Like
tmomas
October 16, 2021, 7:35am
15
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
1 Like
system
October 26, 2021, 7:35am
16
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
