VLAN Bridge not functioning as expected

Hello Friends,

I am a bit nervous about making a post, but I have been trying for the past few days to get him working, to no avail. I am new to OpenWrt and am blown away by it. However, I have a serious issue on my TP Archer C7 v5 running 23.05.3.

I am trying to create an extra VLAN to separate myself from my housemates to run my servers on the network with peace of mind. I was partly successful in getting it to work either with the VLAN Device or the wireless network attached to the interface, separately. Logically, I should make a bridge to house both and connect them to the interface. However, this does not work, and I am stumped as to why. This is how the pre-configured LAN interface is configured, and it works fine.

Here are my configs:

/etc/config/network

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdf0:6bd1:b896::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.0.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config device
        option name 'eth0.2'
        option macaddr 'XX:XX:XX:XX:XX:XX'

config interface 'wan'
        option device 'eth0.2'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth0.2'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 2 3 5'
        option vid '1'
        option description 'Default VLAN'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 1'
        option vid '2'
        option description 'WAN'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '10'
        option name 'eth0.10'
        option ipv6 '0'

config interface 'myVLAN'
        option proto 'static'
        option ipaddr '192.168.10.1'
        option netmask '255.255.255.0'
        option type 'bridge'
        option device 'br-myLAN'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t 4'
        option vid '10'
        option description 'myVLAN'

config device
        option name 'eth0'
        option mtu '1500'

config device
        option name 'eth0.1'
        option type '8021q'
        option ifname 'eth0'
        option vid '1'
        option mtu '1500'

config device
        option name 'phy0-ap0'
        option ipv6 '0'

config device
        option name 'phy1-ap0'
        option ipv6 '0'

config device
        option type 'bridge'
        option name 'br-myVLAN'
        list ports 'eth0.10'
        option bridge_empty '1'

config bridge-vlan
        option device 'br-myVLAN'
        option vlan '10'
        list ports 'eth0.10'

/etc/config/wireless

root@OpenWrt:~# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'pci0000:00/0000:00:00.0'
        option channel '48'
        option band '5g'
        option htmode 'VHT80'
        option cell_density '0'
        option country 'CA'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'platform/ahb/18100000.wmac'
        option channel '3'
        option band '2g'
        option htmode 'HT20'
        option cell_density '0'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'LAN 2.4G'
        option encryption 'psk2'
        option key 'realsuperpassword123'

config wifi-iface 'wifinet1'
        option device 'radio0'
        option mode 'ap'
        option ssid 'LAN 5G'
        option encryption 'psk2'
        option key 'realsuperpassword123'
        option network 'lan'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option ssid 'myLAN 5G'
        option encryption 'psk2'
        option key 'realsuperpassword123'
        option network 'myVLAN'

Any help is greatly appreciated!

Delete this:

Delete the bridge line below:

Delete all of this:

And delete this:

Reboot and test again. If it doesn’t work, post the updated configs;

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/wireless
cat /etc/config/dhcp
cat /etc/config/firewall
2 Likes

Hi psherman,

Thank you for the extremely quick reply! I am using the web GUI for configuration. Is it safe to edit the files directly using SSH and then follow the rest of your instructions?

Yes, directly editing the config files is fine, but proofread everything since typos can cause major issues.

You can do some of these edits via LuCI, but some require the direct text edit method.

1 Like

It worked! Thank you so much!

Could you please explain why did this work? I am having a hard time understanding why this worked.

The stuff that needed to be deleted was erroneous and may have caused conflicts. The bridge line in the network interface is shown to actually break the interface (this syntax was deprecated a while ago).

1 Like

It was generated by the LuCI/pre-configuration from the image. To be sure, I will compare the documentation with what LuCI generates in the future until I understand it.

Again, I really appreciate your time. This has been giving me headaches for three days now.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.