[SOLVED] Lost in DSA (Omnia 6.0.1)

eLRIC · November 1, 2022, 3:12pm

I tried to configure VLANs using DSA but failed in a state where my bridge in in an unstable state and surely miss something important (being new to VLANs, I assume the problem is between the keyboard and the chair)

I got to this state 3 times, each time starting back from a fresh rollback to the post upgrade status thanks to schnapps, so maybe someone more knowledgeable will point me to the right direction.

What I try to achieve as a test scenario (simpler than my future config) :

having LAN2 serve VLANs 11 et 12 both tagged (will go to a managed switch)
having LAN4 serve VLAN 11 as untagged (and PVID)

How I tested :

I configured a bridge (br-vlans) with LAN2 and LAN4 in it, and configured VLANs through luci as described (result in /etc/config/network hereunder)
I added 2 interfaces with their own firewall zone and dhcp server (10.95.vlan_id.1/24)
before playing with the switch, I just plug a Linux laptop in LAN4 and define VLANs on it with
ip link add link enp0s3 name enp0s3.11 type vlan id 11 ip link add link enp0s3 name enp0s3.12 type vlan id 12 ip link set dev enp0s3.11 up ip link set dev enp0s3.12 up

The results I managed to get and errors I encountered :

At first it was working with the laptop, and event with the switch. I played a bit with the tagged / untagged / PVID to to understand how the switch would choose its ip and in my tests had to reboot …
after reboot, bridge does not seem to work anymore

NB : On the Omnia, my standard LAN (br-lan) is untouched and working, as access to WAN and WG connection

in dmesg, lots of lines like

[  689.222379] mv88e6085 f1072004.mdio-mii:10: port 2 failed to delete 26:f8:91:81:a9:7f vid 12 from fdb: -2
[  689.232089] mv88e6085 f1072004.mdio-mii:10: port 2 failed to delete 26:f8:91:81:a9:7f vid 11 from fdb: -2
[  689.279503] mv88e6085 f1072004.mdio-mii:10: port 2 failed to add 26:f8:91:81:a9:7f vid 12 to fdb: -95
[  689.295251] mv88e6085 f1072004.mdio-mii:10: port 2 failed to add 26:f8:91:81:a9:7f vid 11 to fdb: -95
[  689.382169] mv88e6085 f1072004.mdio-mii:10: port 4 failed to add 26:f8:91:81:a9:7f vid 12 to fdb: -95
[  689.397741] mv88e6085 f1072004.mdio-mii:10: port 4 failed to add 26:f8:91:81:a9:7f vid 11 to fdb: -95
[  689.427176] mv88e6085 f1072004.mdio-mii:10: port 4 failed to delete 26:f8:91:81:a9:7f vid 12 from fdb: -2
[  689.436955] mv88e6085 f1072004.mdio-mii:10: port 4 failed to delete 26:f8:91:81:a9:7f vid 11 from fdb: -2
[  689.485222] mv88e6085 f1072004.mdio-mii:10: port 4 failed to add 26:f8:91:81:a9:7f vid 12 to fdb: -95
[  689.501989] mv88e6085 f1072004.mdio-mii:10: port 4 failed to add 26:f8:91:81:a9:7f vid 11 to fdb: -95
...

in /var/log/messages (same lines as in dmesg, plus )

Nov  1 14:55:41 omnia kernel: [   17.646307] mv88e6085 f1072004.mdio-mii:10: p2: hw VLAN 1 already used by port 0 in br-lan
Nov  1 14:55:41 omnia kernel: [   17.660506] mv88e6085 f1072004.mdio-mii:10: p2: hw VLAN 1 already used by port 0 in br-lan
Nov  1 14:55:41 omnia kernel: [   17.706544] mv88e6085 f1072004.mdio-mii:10 lan2: failed to initialize vlan filtering on this port
Nov  1 14:55:41 omnia kernel: [   17.760222] br-vlans: port 1(lan2) entered blocking state
Nov  1 14:55:41 omnia kernel: [   17.765646] br-vlans: port 1(lan2) entered disabled state
Nov  1 14:55:41 omnia kernel: [   18.505259] device lan4 entered promiscuous mode
Nov  1 14:55:41 omnia kernel: [   18.514154] mv88e6085 f1072004.mdio-mii:10: p4: hw VLAN 1 already used by port 0 in br-lan
Nov  1 14:55:41 omnia kernel: [   18.527133] mv88e6085 f1072004.mdio-mii:10: p4: hw VLAN 1 already used by port 0 in br-lan
Nov  1 14:55:41 omnia kernel: [   18.586495] mv88e6085 f1072004.mdio-mii:10 lan4: failed to initialize vlan filtering on this port
Nov  1 14:55:41 omnia kernel: [   18.644434] br-vlans: port 1(lan4) entered blocking state
Nov  1 14:55:41 omnia kernel: [   18.649876] br-vlans: port 1(lan4) entered disabled state

brctl show gives (strange that br-vlans is empty …) :

bridge name	bridge id		STP enabled	interfaces
br-lan		7fff.d858d70036f9	no		wlan0
							lan0
							wlan1
br-vlans		7fff.000000000000	no

ip address :

35: br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether c2:69:68:xx:xx:xx brd ff:ff:ff:ff:ff:ff
36: br-vlans.12@br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
    link/ether c2:69:68:4exxxx:xx brd ff:ff:ff:ff:ff:ff
    inet 10.95.12.1/24 brd 10.95.12.255 scope global br-vlans.12
       valid_lft forever preferred_lft forever
37: br-vlans.11@br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN group default qlen 1000
    link/ether c2:69:68:xx:xx:xx brd ff:ff:ff:ff:ff:ff
    inet 10.95.11.1/24 brd 10.95.11.255 scope global br-vlans.11
       valid_lft forever preferred_lft forever

ip link :

35: br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
    link/ether c2:69:68:xx:xx:xx brd ff:ff:ff:ff:ff:ff
36: br-vlans.12@br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether c2:69:68:4exxxx:xx brd ff:ff:ff:ff:ff:ff
37: br-vlans.11@br-vlans: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state LOWERLAYERDOWN mode DEFAULT group default qlen 1000
    link/ether c2:69:68:xx:xx:xx brd ff:ff:ff:ff:ff:ff

/etc/config/network

config device
	option type 'bridge'
	option name 'br-vlans'
	list ports 'lan2'
	list ports 'lan4'

config bridge-vlan
	option device 'br-vlans'
	option vlan '11'
	list ports 'lan2:t'
	list ports 'lan4:u*'

config interface 'vlans_11'
	option device 'br-vlans.11'
	option proto 'static'
	option ipaddr '10.95.11.1'
	option netmask '255.255.255.0'

config bridge-vlan
	option device 'br-vlans'
	option vlan '12'
	list ports 'lan2:t'

config interface 'VLANS_12'
	option device 'br-vlans.12'
	option proto 'static'
	option ipaddr '10.95.12.1'
	option netmask '255.255.255.0'

/etc/config/dhcp

config dhcp 'vlans_11'
	option interface 'vlans_11'
	option start '10'
	option limit '10'
	option leasetime '2m'
	option force '1'
	list ra_flags 'none'

config dhcp 'VLANS_12'
	option start '100'
	option limit '150'
	option interface 'VLANS_12'
	option leasetime '2m'
	list ra_flags 'none'

dhopfm · November 1, 2022, 3:31pm

Where does the br-lan bridge come from? Could you post the according configuration as well, please?

eLRIC · November 1, 2022, 4:03pm

sure

relevant part in /etc/config/network

config device 'br_lan'config interface 'lan'
    option proto 'static'
    option ip6assign '60'
    option ipaddr '10.91.1.1'
    option netmask '255.255.0.0'

option device 'br-lan'
    option name 'br-lan'
    option type 'bridge'
    list ports 'lan0'

an in /etc/config/dhcp

config dhcp 'lan'
        option interface 'lan'
        option start '25601'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'
        option ra_management '1'
        list dhcp_option '6,10.91.1.1'
        option force '1'
        option limit '16'

jklaas · November 1, 2022, 5:21pm

I’m not sure if this will help, but here’s the OpenWRT tutorial on DSA:

eLRIC · November 1, 2022, 5:31pm

Thanks, that’s what I used to set up my config (and OneMarcFifty’s video, except I did not replace br-lan but created a separated bridge to test vlans). I wonder if someone managed to have a working config on omnia : the only difference I can see is that I try to preserve my non-vlan bridge at the same time I configure a vlan-bridge

moeller0 · November 1, 2022, 5:43pm

I think that does not work, at least not with VLAN filtering. So the first step is to change the normal br-lan over ot br-lan.1 after that it should be easier. OpenWrt at one point changed the old swconfig default br-lan over to VLAN1 to make this easier, but that never made it over to DSA.

Have a look at @hagrid’s instructions here:

eLRIC · November 1, 2022, 6:35pm

Thanks, that did the trick (and survived a reboot). I suspected an issue around the native VLAN / VLAN1 and the post you pointed out really clarifies it

I did look on the forum, but obviously not deeply enough … thanks a lot

moeller0 · November 1, 2022, 9:47pm

I ran into exactly the same issue on my first interaction with DSA. I agree with @hagrid that defaulting to br-lan.1 would be more userfriendly, but that is mostly in the court of upstream OpenWrt

system · November 4, 2022, 9:47pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.