Posted: Tue Sep 17, 2019 11:45 Post subject: Configuration of STP bridge doesn't work on v3.0-r41027 std
There seems to be an issue since the first betas which persists in the current build (v3.0-r41027 std), when running on an ASUS-RT-AC68U.
Scenario: add a new virtual wireless to a new bridge configured with a DHCP server. Configuration:
* Wireless: add new virtual wireless interface (wl1.1)
- AP Isolation: disable
- Multicast To Unicast: disable
- Network Configuration: bridged
* Setup, Networking: add a new bridge, add the virtual wireless interface to it and map a new DHCP server:
- Create new bridge:
> name: br1
> STP: STP
> IGMP Snooping: off
> Prio: 32768
> Forward Delay: 15
> Max Age: 20
> MTU: 1500
> Root MAC: 38:2C:4A:E2:D6:B0 (same as br0's)
- Network Configuration br1:
> TX Queue Length: 1000
> MTU: 1500
> Multicast forwarding: disable
> Net Isolation: disable
> Forced DNS Redirection: disable
> IP Address: 192.168.11.1
> Subnet Mask: 255.255.255.0
> L2Mesh enable: unchecked
- Assign virtual wireless interface (wl1.1) to the bridge:
> Assignment: br1
> Interface: wl1.1
> STP: on
> Prio: 128
> Path cost: 100
> Hairpin Mode: unchecked
- Add new DHCP server for the new bridge
> DHCP 0: br1
> On
> Start: 128
> Max: 50
> Lease time: 1440
Behaviour:
Clients cannot connect to the configured wireless because the interface wl1.1 doesn't stay up.
The log file shows repeatedly:
Sep 17 01:41:33 router daemon.info mstpd[587]: set_if_up: Port wl1.1 : up
Sep 17 01:41:33 router daemon.info mstpd[587]: error, ethtool_get_speed_duplex: Cannot get speed/duplex for wl1.1: Not supported.
The message in the log file is informational, indeed. But it must be related to the incapacity of clients to obtain an IP address when trying to connect to the virtual wireless interface. If I bind the DHCP server directly to the interface (unbridged mode), it works. But not when using a bridge.
I hope that I've provided you with enough information for this issue.
Posted: Wed Oct 02, 2019 5:26 Post subject: Same Issue
I tried the exact same steps and can't get this to work. I am trying to create a guest network and clients can't connect as it seems dhcp never hands out an ip address.
I tried in earlier build (r40559) as well and still does not work.
I keep seeing this error in my log
error, CTL_set_cist_bridge_config: Couldn't find bridge with index 18
it looks as if it can't find the new br1 I added and gets an index error.
Joined: 24 Feb 2013 Posts: 1634 Location: Belgrade
Posted: Wed Oct 02, 2019 8:46 Post subject: Re: Same Issue
nmarmolejo wrote:
I am trying to create a guest network and clients can't connect it looks as if it can't find the new br1 I added and gets an index error.
On broadcom, VAP (guest network) works ONLY on unbridged interface (unbridge wl0.1 from br0)...
this is known and problem is broadcom driver...
forget about mstp, it has nothing todo with this problem...
Posted: Mon Oct 07, 2019 3:40 Post subject: Re: Same Issue
Mile-Lile wrote:
nmarmolejo wrote:
I am trying to create a guest network and clients can't connect it looks as if it can't find the new br1 I added and gets an index error.
On broadcom, VAP (guest network) works ONLY on unbridged interface (unbridge wl0.1 from br0)...
this is known and problem is broadcom driver...
forget about mstp, it has nothing todo with this problem...
thanks Mile-lile, is there updated instructions to make this work on unbridged or are you saying VAP (guest network) is not possible with broadcom based router?
Joined: 10 Jan 2015 Posts: 270 Location: Minnesota
Posted: Wed Oct 09, 2019 3:03 Post subject: Re: Same Issue
nmarmolejo wrote:
Mile-Lile wrote:
nmarmolejo wrote:
I am trying to create a guest network and clients can't connect it looks as if it can't find the new br1 I added and gets an index error.
On broadcom, VAP (guest network) works ONLY on unbridged interface (unbridge wl0.1 from br0)...
this is known and problem is broadcom driver...
forget about mstp, it has nothing todo with this problem...
thanks Mile-lile, is there updated instructions to make this work on unbridged or are you saying VAP (guest network) is not possible with broadcom based router?
I just setup a guest network that can't talk to my LAN or other clients connected to the guest network (also added a few firewall rules so that guest network clients couldn't access SSH or the router's web interface).
(rules to deny SSH access on the guest network. dport is the protocol port which can be changed to any other protocol you want to block)
If anyone knows how to give a guest network/VAP IPv6 access using SLAAC (DNSmasq or radvd?), it would be most appreciated.
I know Per Yngve Berg has a configuration for DHCP6C, but devices like Android that do not support DHCPv6 would not work in that situation. _________________ LATEST DD-WRT FW IS LOCATED HERE: https://dd-wrt.com/support/other-downloads/?path=betas%2F