VLAN issue on Linksys MR8300 (Dallas)

Hi, I got a new Linksys MR8300, using OpenWrt 22.03.5

Trying to implement a VLAN,

1 for my WiFi - VLAN ID 99
1 for my LAN - VLAN ID 30 - for proxmox network host

image1189×705 31.1 KB

I have created an Interface for Wifi below

image651×530 19.9 KB

My configs are below

ubus call system board

{
        "kernel": "5.10.176",
        "hostname": "OpenWrt",
        "system": "ARMv7 Processor rev 5 (v7l)",
        "model": "Linksys MR8300 (Dallas)",
        "board_name": "linksys,mr8300",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "22.03.5",
                "revision": "r20134-5f15225c1e",
                "target": "ipq40xx/generic",
                "description": "OpenWrt 22.03.5 r20134-5f15225c1e"
        }
}

cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fda7:eee6:b494::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option device 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option device 'eth1'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '0 0 2 3 4'
        option description 'lan'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 0t 5'
        option vid '2'
        option description 'wan'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option ports '0t 0t 1'
        option vid '30'
        option description 'pmox'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option ports '0t 0t'
        option vid '99'
        option description 'Wifi'

config interface 'wifi'
        option proto 'static'
        option device 'eth1.99'
        option ipaddr '192.168.15.1'
        option netmask '255.255.255.0'
        option type 'bridge'

cat /etc/config/firewall

config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option synflood_protect '1'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        list network 'lan'
        list network 'wifi'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        list network 'wan'
        list network 'wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-IGMP'
        option src 'wan'
        option proto 'igmp'
        option family 'ipv4'
        option target 'ACCEPT'

config rule
        option name 'Allow-DHCPv6'
        option src 'wan'
        option proto 'udp'
        option dest_port '546'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-MLD'
        option src 'wan'
        option proto 'icmp'
        option src_ip 'fe80::/10'
        list icmp_type '130/0'
        list icmp_type '131/0'
        list icmp_type '132/0'
        list icmp_type '143/0'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Input'
        option src 'wan'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        list icmp_type 'router-solicitation'
        list icmp_type 'neighbour-solicitation'
        list icmp_type 'router-advertisement'
        list icmp_type 'neighbour-advertisement'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-ICMPv6-Forward'
        option src 'wan'
        option dest '*'
        option proto 'icmp'
        list icmp_type 'echo-request'
        list icmp_type 'echo-reply'
        list icmp_type 'destination-unreachable'
        list icmp_type 'packet-too-big'
        list icmp_type 'time-exceeded'
        list icmp_type 'bad-header'
        list icmp_type 'unknown-header-type'
        option limit '1000/sec'
        option family 'ipv6'
        option target 'ACCEPT'

config rule
        option name 'Allow-IPSec-ESP'
        option src 'wan'
        option dest 'lan'
        option proto 'esp'
        option target 'ACCEPT'

config rule
        option name 'Allow-ISAKMP'
        option src 'wan'
        option dest 'lan'
        option dest_port '500'
        option proto 'udp'
        option target 'ACCEPT'

cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'soc/40000000.pci/pci0000:00/0000:00:00.0/0000:01:00.0'
        option channel '100'
        option band '5g'
        option htmode 'VHT80'
        option cell_density '0'

config wifi-device 'radio1'
        option type 'mac80211'
        option path 'platform/soc/a000000.wifi'
        option channel '1'
        option band '2g'
        option htmode 'HT20'
        option disabled '1'

config wifi-iface 'default_radio1'
        option device 'radio1'
        option network 'lan'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'none'

config wifi-device 'radio2'
        option type 'mac80211'
        option path 'platform/soc/a800000.wifi'
        option channel '36'
        option band '5g'
        option htmode 'VHT80'
        option cell_density '0'

config wifi-iface 'default_radio2'
        option device 'radio2'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'none'
        option network 'wifi'

config wifi-iface 'wifinet2'
        option device 'radio0'
        option mode 'ap'
        option ssid 'OpenWrt'
        option encryption 'none'
        option network 'wifi'

But when I am connecting to this wifi, I am not getting any DHCP IP, also I join with Static IP then I am not able to ping the router.

Hi.
ipq40xx is notoriously known for being buggy regarding VLAN. One way to solve would be to install 23.05.2 which solves this by using DSA.
Carefully follow instruction to install 23.05 and consider you'll have to completly reconfigure (read wiki).

Hi,
Thanks for the advice.
I have successfully upgraded my router. I can see the difference.

Now how to configure VLAN here?

You'll use DSA syntax. If you need specific help, post your default network config file and we can give you specifics. We'll also need to know the VLANs on a per-port basis (what is tagged/untagged on each port).

Hi,
Sure I will go through the documentation and try.
If I face any issue will post here.

Thanks

Thank you so much for your support guys. It was a lot, I found some tutorials out there on youtube that helped me to setup the DSA VLAN.
Below are the links.

DSA VLAN Leaning Tutorial

Configure Firewall for the VLANs

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.