I have an ASUS RT-AC66U-B1 WiFi AP with AsusWrt-Merlin version 386.3_2
I have a central router (Mikrotik) and this router is connected to the AP's of the house.
I use the AP to provide two wireless connectivity: one for the family and one for the guests.
The former is served in untagged packets, the guests are connected over the wired network with tagged packets, where the VLAN ID is 526.
This setup works well with other devices (I have more than one AP), but it does not work with ASUS.
I used to use the ASUS device as an AP (no routing functionality).
I have the following setup:
Filtering the ethernet frames coming out from the ASUS AP, VLAN tagging seems to work only for a few minutes.
After a sufficiently long time (in this experiment after 4 minutes, but this period is not deterministic at all) tagging suddenly disappears.
You can see the output of Mikrotik packet sniffer below.
In the experiment I was pinging one of the devices on the untagged part of the network, which is different in IP range/pool.
Only the relevant part is shown: note that in the first line, VLAN tag is set to 526 -- there are plenty of similar packets beforehand, and this is the right behavior.
In the second line, though, VLAN tagging is missing -- there are plenty of similar packets afterwards -- this is faulty.
What happened between this two ethernet frames? I do not know.
Let me clarify, that the infrastructure setup works well with other devices (including an openwrt device) , so the problem is at the ASUS AP.
I do not plan to use ASUS in the future (it is unreliable), this post is intended to help the developers, if interested.
I have a central router (Mikrotik) and this router is connected to the AP's of the house.
I use the AP to provide two wireless connectivity: one for the family and one for the guests.
The former is served in untagged packets, the guests are connected over the wired network with tagged packets, where the VLAN ID is 526.
This setup works well with other devices (I have more than one AP), but it does not work with ASUS.
I used to use the ASUS device as an AP (no routing functionality).
I have the following setup:
Code:
admax@RT-AC66U_B1-A8F0:/tmp/home/root# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.1831bfe4a8f0 no vlan1
eth1
eth2
br1 8000.1831bfe4a8f0 no vlan526
wl0.1
admax@RT-AC66U_B1-A8F0:/tmp/home/root# ifconfig
br0 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
inet addr:[CENSORED] Bcast:[CENSORED] Mask:255.255.252.0
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:733871 errors:0 dropped:0 overruns:0 frame:0
TX packets:148254 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:100585703 (95.9 MiB) TX bytes:15080592 (14.3 MiB)
br1 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:41659 errors:0 dropped:0 overruns:0 frame:0
TX packets:58 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5915875 (5.6 MiB) TX bytes:6612 (6.4 KiB)
eth0 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:865513 errors:0 dropped:0 overruns:0 frame:0
TX packets:345427 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:331947878 (316.5 MiB) TX bytes:58798812 (56.0 MiB)
Interrupt:179 Base address:0x4000
eth1 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:27891 errors:0 dropped:0 overruns:0 frame:2216860
TX packets:304803 errors:22 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6418769 (6.1 MiB) TX bytes:65020870 (62.0 MiB)
Interrupt:163
eth2 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F4
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:36171 errors:0 dropped:0 overruns:0 frame:14737
TX packets:487320 errors:43 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9453161 (9.0 MiB) TX bytes:103664109 (98.8 MiB)
Interrupt:169
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:441327 errors:0 dropped:0 overruns:0 frame:0
TX packets:441327 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:103101719 (98.3 MiB) TX bytes:103101719 (98.3 MiB)
lo:0 Link encap:Local Loopback
inet addr:127.0.1.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
vlan1 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:651377 errors:0 dropped:0 overruns:0 frame:0
TX packets:261418 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:116248210 (110.8 MiB) TX bytes:42362800 (40.3 MiB)
vlan526 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:40220 errors:0 dropped:0 overruns:0 frame:0
TX packets:6864 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5699426 (5.4 MiB) TX bytes:686418 (670.3 KiB)
wl0.1 Link encap:Ethernet HWaddr 18:31:BF:E4:A8:F1
UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1
RX packets:101031 errors:0 dropped:0 overruns:0 frame:2216860
TX packets:246908 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:19249091 (18.3 MiB) TX bytes:212641946 (202.7 MiB)
admax@RT-AC66U_B1-A8F0:/tmp/home/root# robocfg show
Switch: enabled
Port 0: DOWN enabled stp: none vlan: 1 jumbo: off mac: dc:2c:6e:39:6d:66
Port 1: 100FD enabled stp: none vlan: 1 jumbo: off mac: c4:b3:01:c2:bc:75
Port 2: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 4: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 5: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 18:31:bf:e4:a8:f0
Port 7: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 8: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
VLANs: BCM5301x enabled mac_check mac_hash
1: vlan1: 0 1 2 3 4 5t
2: vlan2: 5t
526: vlan526: 0t 1t 2t 3t 4t 5t
admax@RT-AC66U_B1-A8F0:/tmp/home/root# nvram show |grep ifname |grep "^br\|^lan"
size: 54014 bytes (11522 left)
br0_ifnames=vlan1 eth1 eth2
lan1_ifname=br1
br1_ifnames=vlan526 wl0.1
br0_ifname=br0
lan_ifnames=vlan1 eth1 eth2
br1_ifname=br1
lan_ifname=br0
lan1_ifnames=vlan526 wl0.1
admax@RT-AC66U_B1-A8F0:/tmp/home/root# nvram show |grep ^vlan526
vlan526ports=vlan1 wl0.1
vlan526hwname=et0
size: 54014 bytes (11522 left)
Filtering the ethernet frames coming out from the ASUS AP, VLAN tagging seems to work only for a few minutes.
After a sufficiently long time (in this experiment after 4 minutes, but this period is not deterministic at all) tagging suddenly disappears.
You can see the output of Mikrotik packet sniffer below.
In the experiment I was pinging one of the devices on the untagged part of the network, which is different in IP range/pool.
Only the relevant part is shown: note that in the first line, VLAN tag is set to 526 -- there are plenty of similar packets beforehand, and this is the right behavior.
In the second line, though, VLAN tagging is missing -- there are plenty of similar packets afterwards -- this is faulty.
What happened between this two ethernet frames? I do not know.
141 time=141.392 num=142 direction=rx src-mac=1A:ED:77:00:9C:57 dst-mac=C4:AD:34:77:E2:4B vlan=526 interface=bridge src-address=192.168.131.172 dst-address=[CENSORED] protocol=ip ip-protocol=icmp size=102 cpu=2 fp=no ip-packet-size=84 ip-header-size=20 dscp=0 identification=24729 fragment-offset=0 ttl=64
142 time=142.392 num=143 direction=rx src-mac=1A:ED:77:00:9C:57 dst-mac=C4:AD:34:77:E2:4B interface=bridge src-address=192.168.131.172 dst-address=[CENSORED] protocol=ip ip-protocol=icmp size=98 cpu=3 fp=no ip-packet-size=84 ip-header-size=20 dscp=0 identification=52547 fragment-offset=0 ttl=64
Let me clarify, that the infrastructure setup works well with other devices (including an openwrt device) , so the problem is at the ASUS AP.
I do not plan to use ASUS in the future (it is unreliable), this post is intended to help the developers, if interested.