config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
option ipv6 '0'
config device
option name 'eth0'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '192.168.114.1'
option ipaddr '192.168.114.60'
option delegate '0'
config device
option name 'br-guest'
option type 'bridge'
list ports 'eth0.116'
config interface 'guest'
option device 'br-guest'
option proto 'none'
I use VLAN 116 to distinguish it from the 114 subnet. I use the 114 subnet to connect to manage the AP, and would like the guest traffic to go through the 116 VLAN.
I restart the network using :
/etc/init.d/network restart
The new wifi network is bind to guest. Here's the content of /etc/config/wireless :
Do you have a switch between the router and the AP?
Have you verified that the router and DHCP server are properly configured and providing services and connectivity on VLAN 116?
On one of my computers I change the network card settings and add VLAN 116. I then connected it to the port where the DAP-2610 access point is connected. It immediately got it's IP address with DHCP, which was in the 192.168.116 subnet. I could browse the internet without any problem.
So, VLAN configuration for that port on the main router seems OK.
That's what I did. I did the same of several other OpenWRT devices, and it works fine. Except for that D-link DAP-2610 access point using an ipq40xx chipset.
Just tried to set up 3 vlans from the wan port of my Asus Lyra ( IPQ4019) to another router with likewise configuration. Worked just fine.
config device
option type 'bridge'
option name 'mainbridge'
list ports 'wan'
option bridge_empty '1'
option igmp_snooping '1'
config bridge-vlan
option device 'mainbridge'
option vlan '10'
list ports 'wan:t'
config bridge-vlan
option device 'mainbridge'
option vlan '20'
list ports 'wan:t'
config bridge-vlan
option device 'mainbridge'
option vlan '30'
list ports 'wan:t'
config interface 'admin'
option proto 'none'
option device 'mainbridge.10'
option type 'bridge'
config interface 'guest'
option proto 'none'
option device 'mainbridge.20'
option type 'bridge'
config interface 'iot'
option proto 'none'
option device 'mainbridge.30'
option type 'bridge'
I also tried adding a fourth vlan, vlan 50 untagged, set up dhcp and added it to lan zone. Could plug in my pc to the same port and get an ip. No problems.
config device
option name 'br-vlan116'
option type 'bridge'
list ports 'eth0.116'
config interface 'vlan116'
option stp '1'
option device 'br-vlan116'
option proto 'static'
option ipaddr '192.168.116.60'
option netmask '255.255.255.0'
option gateway '192.168.116.1'
The VLAN 116 is defined as tagged on the port of the router to which the AP is connected (the same way the DAP-2660, currently connected to the same router and working).
When restarting the network, I can't access the DAP-2610 anymore.
uci add network bridge-vlan # =cfg06a1b0
uci set network.@bridge-vlan[-1].device='br-lan'
uci set network.@bridge-vlan[-1].vlan='114'
uci add_list network.@bridge-vlan[-1].ports='eth0:t*'
uci set network.lan.device='br-lan.114'
uci set network.lan.ipaddr='192.168.114.60'
uci set network.lan.gateway='192.168.114.1'
...
-> no access to the device using vlan 114
The access point is connected to a port of an OpenWRT router, with only VLAN 114 untagged on it. I connect to several other OpenWRT routers and switches using VLAN using that router. I don't think there's a problem with the router.
There should be an interface called "lan". You need to use that one instead of "eth0" (which is used internally by DSA for the connection between the switch and the CPU).
To be clear, I meant the actual Linux interface called "lan", not the config section with the same name in "/etc/config/network".
You need to replace all occurences of "eth0" in "/etc/config/network" by "lan". If you start from a fresh config on a snapshot image, that should actually already be the case. (I assume you ended up with the current state by keeping your config from a stable release, which is not supported for devices which migrated to DSA.)
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'xxxxxxxxxxxxxxxxxxx'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
config device
option name 'eth0'
option macaddr 'xxxxxxxxxxxxxxxxx'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
If I replace the 2 occurences of "eth0" by "lan" in that network file, and restart the network, I can't access the access point anymore (its IP address being 192.168.1.1).