I.m triyng to make a vlan conection on my router but withou sucess, with this DHCP and NETWORK configs i get IP on lan1 but not on lan2, what i should change?
What device are we talking about, exactly?
You have devices called WAN, LAN1, LAN2, but also ETH0? Are you sure about that?
I think that "start" and "limit" do not work how you think.
it looks like youre mixing a few different methods of setup here and that might be causing some of your issues, how deep down this setup are you? can you start over fresh? setup the vlans first then configure the rest
i can start over, no problem. Right now i have IPV4 on both lans but IPV6 only in LAN1. Each PC is getting the DNS that are in config file. Probably a firewall config or the use off the relay on both ports...
You are assigning a /60 to each internal network, but you probably just need a /64. You might be running out of networks, unless you have a /54 on the WAN.
i change for /64 but no connection to outside IPv6 so i copy i copy some firewall configs ipv6 from lan. If helps someone:
dhcp:
config dhcp 'wan'
option interface wan
option ignore 1
option master 1
option dhcpv6 relay
option ra relay
option ndp relay
config dhcp 'lan'
option interface lan
option start 2
option limit 50
option leasetime 12h
option dhcpv4 server
option dhcpv6 relay
option ra relay
option ndp relay
option ra_slaac 1
list ra_flags 'managed-config'
list ra_flags 'other-config'
list dhcp_option 6,1.1.1.1,8.8.8.8
config dhcp 'vlan20'
option interface vlan20
option start 2
option limit 50
option leasetime 12h
option dhcpv4 server
option dhcpv6 relay
option ra relay
option ndp relay
option ra_slaac 1
list ra_flags 'managed-config'
list ra_flags 'other-config'
list dhcp_option 6,1.1.1.1,8.8.8.8
network:
config interface 'loopback'
option device lo
option proto static
option ipaddr 127.0.0.1
option netmask 255.0.0.0
config globals 'globals'
option ula_prefix fd7d:xxxx:xxxx::/48
option packet_steering 1
config interface 'wan'
option device wan
option proto dhcp
config interface 'wan6'
option device wan
option proto dhcpv6
config interface 'lan'
option device br-lan
option proto static
option ipaddr 10.2.1.1
option netmask 255.255.255.0
option ip6assign 64
config device
option name br-lan
option type bridge
list ports lan1
config interface 'vlan20'
option device br-vlan20
option proto static
option ipaddr 10.2.20.1
option netmask 255.255.255.0
option ip6assign 64
config device
option name br-vlan20
option type bridge
list ports lan2
Firewall:
config zone
option name vlan20
list network vlan20
option input REJECT
option output ACCEPT
option forward REJECT
config forwarding
option src vlan20
option dest wan
config rule
option name Isolate-vlan20
option src vlan20
list dest_ip 10.1.1.1/24
option dest *
list proto all
option target REJECT
config rule
option name vlan20-DNS
option src vlan20
option dest_port 53
option proto 'tcp udp'
option target ACCEPT
config rule
option name vlan20-DHCP
option src vlan20
option dest_port 67-68
option proto 'tcp udp'
option target ACCEPT
config rule
option name vlan20-Allow-DHCPv6
option src vlan20
option proto udp
option dest_port 546
option family ipv6
option target ACCEPT
config rule
option name vlan20-Allow-ICMPv6-Input
option src vlan20
option proto icmp
list icmp_type echo-request
list icmp_type echo-reply
list icmp_type destination-unreachable
list icmp_type packet-too-big
list icmp_type time-exceeded
list icmp_type bad-header
list icmp_type unknown-header-type
list icmp_type router-solicitation
list icmp_type neighbour-solicitation
list icmp_type router-advertisement
list icmp_type neighbour-advertisement
option limit 1000/sec
option family ipv6
option target ACCEPT