Effective workarounds for bridged VAPs not working at boot

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2, 3, 4  Next
Author Message
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11526
Location: Wherever the wind blows- North America

PostPosted: Tue Apr 27, 2021 11:19    Post subject: Reply with quote
I finally got to test the script posted above on a repeater that has a physical connection that has open encryption but I have encryption (WPA2-Personal)on the virtual. It still does not work. You must have the same encryption on both the physical and virtual for repeater mode to work. (tested at home on two other repeaters) My traveling repeater is still running 36154. It's the last build where this worked correctly with open encryption on the physical.

redhawk
Sponsor
msj100
DD-WRT Novice


Joined: 30 Jul 2007
Posts: 33
Location: Melbourne, Australia

PostPosted: Tue Apr 27, 2021 11:36    Post subject: Reply with quote
redhawk0 wrote:
I finally got to test the script posted above on a repeater that has a physical connection that has open encryption but I have encryption (WPA2-Personal)on the virtual. It still does not work. You must have the same encryption on both the physical and virtual for repeater mode to work. (tested at home on two other repeaters) My traveling repeater is still running 36154. It's the last build where this worked correctly with open encryption on the physical.

redhawk


Confirmed - I am using the same encryption (WPA2-Personal) on all interfaces (physical and virtual).

Sorry - my intention wasn't to fix that particular (different encryption) problem - it was just to make it easier to restart 'the right interfaces' across disparate routers (that happen to be running the same encryption).

_________________
Asus RT-AC87U - dd-wrt
Asus RT-AC68U - dd-wrt
Asus RT-N16 - dd-wrt
TP-Link TL-MR3020 - OpenWRT
VAPs / VLANs / PBR / Entware
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11526
Location: Wherever the wind blows- North America

PostPosted: Wed Apr 28, 2021 10:21    Post subject: Reply with quote
msj100 wrote:
Confirmed - I am using the same encryption (WPA2-Personal) on all interfaces (physical and virtual).

Sorry - my intention wasn't to fix that particular (different encryption) problem - it was just to make it easier to restart 'the right interfaces' across disparate routers (that happen to be running the same encryption).


Understood… and it does work on the same encrypted routers in the home network. I was hopeful that maybe it fixed the dissimilar encryption too.

My intention was not to take away from your work…. You done good.

redhawk
jmk
DD-WRT Novice


Joined: 28 Apr 2020
Posts: 5

PostPosted: Thu May 27, 2021 3:07    Post subject: R7000P VAP Support Reply with quote
Does anyone have wireless and VAPs working on the R7000P?

I'm currently testing DD-WRT v3.0-r46772 std (05/26/21). I have two SSIDs. The first is used for wl0 (2.4 Ghz) and wl1 (5Ghz). The eth1/eth2 interfaces are then bridged with a VLAN used to carry traffic from my other APs. The second SSID is assigned to wl0.1 and wl1.1. The wl0.1 interface is bridged with a different VLAN. All networks use WPA2-PSK.

I'm able to reliably connect to the first SSID. However the connection is dropped after a few seconds.

If I run the following, I'm able to sometimes connect to the second SSID:

nvram set wl1.1_hwaddr=
nvram commit
stopservice nas; wlconf eth1 down; wlconf eth2 down; wlconf eth1 up; wlconf eth2 up; startservice nas; logger "VAP workaround executed";

However, the connection is dropped after a few seconds and subsequent attempts to connect fail to authenticate.

I should also note that the wl1.1 interface does not show up on the Setup\Networking page or via "wl". In fact, the above "wlconf eth2 up" command above displays in its output "wl1.1: No such device".

I'm hoping there is a known firmware version to test with R7000P or other fix. Ideally, I'd have the VAPs working, but I'll take just stable wifi on the primary interface at this point.
msj100
DD-WRT Novice


Joined: 30 Jul 2007
Posts: 33
Location: Melbourne, Australia

PostPosted: Thu May 27, 2021 11:33    Post subject: Re: R7000P VAP Support Reply with quote
jmk wrote:
Does anyone have wireless and VAPs working on the R7000P?

I'm currently testing DD-WRT v3.0-r46772 std (05/26/21). I have two SSIDs. The first is used for wl0 (2.4 Ghz) and wl1 (5Ghz). The eth1/eth2 interfaces are then bridged with a VLAN used to carry traffic from my other APs. The second SSID is assigned to wl0.1 and wl1.1. The wl0.1 interface is bridged with a different VLAN. All networks use WPA2-PSK.

I'm able to reliably connect to the first SSID. However the connection is dropped after a few seconds.

If I run the following, I'm able to sometimes connect to the second SSID:

nvram set wl1.1_hwaddr=
nvram commit
stopservice nas; wlconf eth1 down; wlconf eth2 down; wlconf eth1 up; wlconf eth2 up; startservice nas; logger "VAP workaround executed";

However, the connection is dropped after a few seconds and subsequent attempts to connect fail to authenticate.

I should also note that the wl1.1 interface does not show up on the Setup\Networking page or via "wl". In fact, the above "wlconf eth2 up" command above displays in its output "wl1.1: No such device".

I'm hoping there is a known firmware version to test with R7000P or other fix. Ideally, I'd have the VAPs working, but I'll take just stable wifi on the primary interface at this point.


I don't have an R7000P - so just commenting based on what I've seen work on my Broadcom (Asus) routers.

Is there a reason you delete the MAC address for wl1.1? That seems unusual.

I've never used the same SSID across two different Wi-Fi bands - I guess it should work(?), however, I'd start with a 1-to-1 mapping between SSID and each combination of Wi-Fi band and Wi-Fi physical interface / virtual interface.

I'm running 5 SSIDs on one of my Asus RT-AC68Us - 3 SSIDs on 2.4GHz (1 physical + 2 virtual interfaces), 2 SSIDs on 5GHz (1 physical + 1 virtual interface) - all 5 interfaces have their own unique MAC address (I haven't explicitly set any of them - so assume dd-wrt is generating them).

I'm running DD-WRT v3.0-r46446 std.

Good luck !

_________________
Asus RT-AC87U - dd-wrt
Asus RT-AC68U - dd-wrt
Asus RT-N16 - dd-wrt
TP-Link TL-MR3020 - OpenWRT
VAPs / VLANs / PBR / Entware
msj100
DD-WRT Novice


Joined: 30 Jul 2007
Posts: 33
Location: Melbourne, Australia

PostPosted: Sat May 29, 2021 6:52    Post subject: Reply with quote
There may already be tools to do this - however, I put together a quick script to tie together the Ethernet interfaces + Wi-Fi interfaces + VLAN IDs + SSIDs.

Sharing in case others might find it useful.

[Edit: 30-May - switched Wi-Fi interface and MAC address fields around - as it's more logical and switched from gawk to awk which is embedded in dd-wrt]



wifi_list.tar
 Description:
Shell script to list Wi-Fi interfaces in context of Ethernet interfaces, VLAN IDs and SSIDs

Download
 Filename:  wifi_list.tar
 Filesize:  4.5 KB
 Downloaded:  169 Time(s)


_________________
Asus RT-AC87U - dd-wrt
Asus RT-AC68U - dd-wrt
Asus RT-N16 - dd-wrt
TP-Link TL-MR3020 - OpenWRT
VAPs / VLANs / PBR / Entware
Glucose
DD-WRT Novice


Joined: 17 Oct 2014
Posts: 8

PostPosted: Sat Jul 17, 2021 5:43    Post subject: Re: R7000P VAP Support Reply with quote
Similar problem with the 5Ghz interface on my R7000p.
None of the current solutions seem to have worked.

Trying to run a Guest network via a Virtual Interface/VAP bound to the wl1 5 GHz/802.11ac interface on my R7000P.

Had had an Asus RT-AC66U with several problems(flash memory failures and slow perf), but where the guest network worked fine.

Tried setting it up on the R7000P, and although basic functionality on the 5Ghz is there, the wl1.1 virtual interface simply does not appear/startup, despite it clearly being set up in the configuration and showing on the config GUI.

With the same setup on the wl0 2.4Ghz interface, I can get the Guest VAP set up and it works perfectly(I see a wl0.1 interface show up), but with my application, I really need it to work via 5Ghz.

The only startup errors in messages/dmesg are
"daemon.warn dnsmasq: warning: interface wl1.1 does not currently exist"

Doing an "ifconfig -a" on the SSH shell CLI shows the wl0.1 VAP hanging off of the 2.4Ghz interface, but wl1.1 doesn't get started up. ifconfig output in the attachment.

Is this fixable?

Thank you.



ifconfig.txt
 Description:

Download
 Filename:  ifconfig.txt
 Filesize:  3.89 KB
 Downloaded:  88 Time(s)

kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 13112
Location: Texas, USA

PostPosted: Sat Jul 17, 2021 14:25    Post subject: Reply with quote
Have you tried any of the startup script commands... fair warning, we have run the gamut of this topic and it's getting painfully obvious that nobody is reading through it.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.
Because they are tired of bottom-feeders and the same old hat.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Glucose
DD-WRT Novice


Joined: 17 Oct 2014
Posts: 8

PostPosted: Sat Jul 17, 2021 17:49    Post subject: Reply with quote
kernel-panic69 wrote:
Have you tried any of the startup script commands... fair warning, we have run the gamut of this topic and it's getting painfully obvious that nobody is reading through it.


Yes, have read the thread(or as much as I could understand the back and forth), and currently have this in the startup for my R7000:
sleep 20
stopservice nas
wlconf eth1 down
wlconf eth1 up
wlconf eth2 down
wlconf eth2 up
startservice nas

Also did this:
#nvram set brcm_unlock=1
#nvram commit
rebooted the router


Nothing seems to help. 5Ghz basic service works, yes, but the VAP interface(wl1.1) never comes into existence.

Same errors as before(IE, ifconfig -a shows the 2Ghz wl0.1 interface as existing, but not the 5Ghz wl1.1).

Will be trying some more permutations with the startup scripting.

Edit: To be more specific, having "done" linux for "a few" years, (in my experience) if the interface doesn't show up in an ifconfig listing, it's usually due to a missing/malfunctioning kernel module, or modprobe config failing to pull in the kernel module. Since the 5Ghz driver is obviously being started, and the VAP driver(is it a separate driver?) is capable of being started(for the 2Ghz if), then my expectation would be the former - defective driver module.

Not sure how fiddling with the higher-level abstractions/configs will help with this(?). The kernel functionality has to be there.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 13112
Location: Texas, USA

PostPosted: Thu Aug 19, 2021 22:18    Post subject: Reply with quote
Has anyone tested 08/19/2021 - r47206 yet to see if bridged VAPs require the workarounds anymore? Reason for inquiry is the patches that fixed MAC filtering (mostly for Broadcom).
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.
Because they are tired of bottom-feeders and the same old hat.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Glucose
DD-WRT Novice


Joined: 17 Oct 2014
Posts: 8

PostPosted: Thu Aug 19, 2021 23:01    Post subject: Reply with quote
kernel-panic69 wrote:
Has anyone tested 08/19/2021 - r47206 yet to see if bridged VAPs require the workarounds anymore? Reason for inquiry is the patches that fixed MAC filtering (mostly for Broadcom).


Have applied r47206 to my Netgear R7000P, and all previous functionality still seems to be there.

It doesn't appear, however, to have helped my issue with a non-bridged VAP on the wl1 5Ghz interface not getting started.

The wl1.1 VAP interface is still not getting loaded/created.

No errors showing in dmesg or /var/log/messages other than the same one from dnsmasq complaining that it needs to apply settings to wl1.1, but no such interface exists.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 13112
Location: Texas, USA

PostPosted: Thu Aug 19, 2021 23:26    Post subject: Reply with quote
Unbridged VAPS should not require anything:

Quote:
VAPs not working at boot fixed for unbridged VAPs in 40562 - 40566. Effective startup commands discussion thread is here.


The only thing that was still broken was bridged VAPs, last we knew. This must be a separate issue which I will likely have to email BrainSlayer about. I presume "save" and "apply" do not bring any joy? Again, I am asking about *bridged* VAPs in the current release. May have to split your issue out to a separate topic.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.
Because they are tired of bottom-feeders and the same old hat.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
InfoCGagn
DD-WRT Novice


Joined: 15 Jul 2021
Posts: 30

PostPosted: Wed Sep 01, 2021 4:23    Post subject: Reply with quote
R7000 running build r47282. VAP works when bridged to br1 on both gateway router and access point router setups.

It works only if I save this command at startup: (not needed on r35531 or older)
sleep 10;stopservice nas;wlconf eth1 down;wlconf eth1 up;wlconf eth2 down;wlconf eth2 up;startservice nas

This one worked as well:
sleep 20;stopservice nas;wlconf eth1 down;wlconf eth1 up;wlconf eth2 down;wlconf eth2 up;startservice nas

Do you think it have something to do with the specific router model I'm using or it affects any broadcom routers?

I really think continuing the support for broadcom routers is very important as these are way too popular to be ignored even if they use proprietary drivers. I can live without WPA3 support (available on atheros routers) on my R7000 since not all devices supports it anyway.

Thanks! =)

Update: The workaround finally failed, the vap started disconnecting after a while. I tried every other workarounds but no success. I will just give up the VAP/Guest WiFi functionality for now. I will just use the latest DD-WRT build and lan vlan functionality then connect a 2nd cheap wifi router to the vlan lan port so it will be isolated. Unfortunately Atheros routers dont support lan vlans like Broadcom routers so I must continue using broadcom routers.


Last edited by InfoCGagn on Sun Sep 26, 2021 3:52; edited 6 times in total
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 13112
Location: Texas, USA

PostPosted: Wed Sep 01, 2021 4:45    Post subject: Reply with quote
It's a known issue on Broadcom routers, all of them. I was hoping that the wlconf fix for MAC filtering / Access Restrictions would fix the issue, but apparently not yet. Fair warning (again), this thread will not turn into a dumping ground asking for help or posting success stories. It *will* wind up getting locked and cleaned up. Not trying to be rude or anything, but we are not going to have threads that are 2-300 pages in size because they are painful reads and do not serve the community at large.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
At some point, people just get plain tired of this place.
Because they are tired of bottom-feeders and the same old hat.

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
jwh7
DD-WRT Guru


Joined: 25 Oct 2013
Posts: 2666
Location: Indy

PostPosted: Tue Nov 30, 2021 15:58    Post subject: Reply with quote
redhawk0 wrote:
Azaka wrote:
Router Model: Netgear WNDR4000
Build Version(s): v3.0-r45735 mega (02/11/21)
Working Workaround (exact command):
Code:
sleep 10; stopservice cron; stopservice wlconf; wlconf eth1 up; wlconf eth2 up; startservice cron
cron? What does that have to do with the network config? Do you use a special cron job for setting up network configs?

redhawk
Azaka wrote:
Apologies for any confusion. I am no expert on these matters, you are probably much better informed. I will try to give some more background.
[...]
I cannot tell why it works. It is one of the options listed in the OP of this thread under "Some possible workarounds that I have found are:". Running this from the Startup section causes my VAP to accept client connections.

Feel free to ask for further clarification. If it would be helpful I can see if can pull more information from my access point for troubleshooting.

EDIT:
I went back to the OP and you guys are right. The cron bit wasn't there. I must have been confused with another piece of code. However, this snippet does help my router to get the VAP accessible. Shoot me, I don't understand why but it does work.
[Closing the loop here for future reference and so I can update the wiki] It was likely seen in the wiki which I got from egc via ryanbtc.

I will update the wiki and reorder for the redhawk method (but to save in the Firewall per @the-joker's edit), but I had a question first:
The older mentions have the `startservice nas` after the `wlconf * up` commands, while the screenshot has it before. I just want to confirm the which is correct/better? And if the latter, while we're deep-diving, should we e.g. have a `sleep 1` between them or something?

_________________
# NAT/SFE/CTF: limited speed w/ DD # Repeater issues # DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo #
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250
|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Goto page Previous  1, 2, 3, 4  Next Display posts from previous:    Page 2 of 4
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum