captain-graubart
New Around Here
Hello.
I would like to build three separate wireless networks and i am having trouble with vlan tagging. The router is in AP mode and is connected to a linux machine which acts as a dhcp server. On the server side the vlan ids are used to provide ips from different subnets. (vlan11 = 192.168.35.0/24, vlan12 = 192.168.36.0/24, vlan13 = 192.168.37.0/24).
I am able to authenticate and to connect to the right subnets, on each SSID. Unfortunately the vlan ids get mixed up somehow.
tcpdump (dhcp server) showing the traffic of a ping request (wifi client):
This is my bridge setup:
This is how the swich is configured (just added vlans 11,12,13):
I used "et robowr * * *" to add the new vlans.
Thank you!
I would like to build three separate wireless networks and i am having trouble with vlan tagging. The router is in AP mode and is connected to a linux machine which acts as a dhcp server. On the server side the vlan ids are used to provide ips from different subnets. (vlan11 = 192.168.35.0/24, vlan12 = 192.168.36.0/24, vlan13 = 192.168.37.0/24).
I am able to authenticate and to connect to the right subnets, on each SSID. Unfortunately the vlan ids get mixed up somehow.
tcpdump (dhcp server) showing the traffic of a ping request (wifi client):
Code:
[B]15:38:22.321801 3c:77:e6:68:4d:a3 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 407: vlan 12, p 0, ethertype IPv4, 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 3c:77:e6:68:4d:a3, lengt
h 361
15:38:22.326337 4c:02:89:0a:d6:02 > 3c:77:e6:68:4d:a3, ethertype 802.1Q (0x8100), length 346: vlan 12, p 0, ethertype IPv4, 192.168.36.1.67 > 192.168.36.180.68: BOOTP/DHCP, Reply, length 300[/B]
15:38:22.337123 3c:77:e6:68:4d:a3 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 60: vlan 12, p 0, ethertype ARP, Request who-has 192.168.36.180 tell 0.0.0.0, length 42
15:38:22.542048 3c:77:e6:68:4d:a3 > 33:33:00:00:00:16, ethertype 802.1Q (0x8100), length 94: vlan 12, p 0, ethertype IPv6, fe80::3e77:e6ff:fe68:4da3 > ff02::16: HBH ICMP6, multicast listener report v2, 1 gr
oup record(s), length 28
15:38:23.571569 10:c3:7b:52:f9:88 > 01:80:c2:00:00:00, 802.3, length 60: LLC, dsap STP (0x42) Individual, ssap STP (0x42) Command, ctrl 0x03: STP 802.1d, Config, Flags [none], bridge-id 8000.10:c3:7b:52:f9:
88.8001, length 43
15:38:23.698565 3c:77:e6:68:4d:a3 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 60: vlan 12, p 0, ethertype ARP, Request who-has 192.168.36.180 tell 0.0.0.0, length 42
15:38:24.714078 4c:02:89:0a:d6:02 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 46: vlan 13, p 0, ethertype ARP, Request who-has 192.168.37.180 tell 192.168.37.1, length 28
15:38:25.162679 3c:77:e6:68:4d:a3 > ff:ff:ff:ff:ff:ff, ethertype 802.1Q (0x8100), length 60: vlan 12, p 0, ethertype ARP, Request who-has 192.168.36.180 tell 0.0.0.0, length 42
15:38:25.571583 10:c3:7b:52:f9:88 > 01:80:c2:00:00:00, 802.3, length 60: LLC, dsap STP (0x42) Individual, ssap STP (0x42) Command, ctrl 0x03: STP 802.1d, Config, Flags [none], bridge-id 8000.10:c3:7b:52:f9:
88.8001, length 43
... somehow the vlan ids are screwed up here ...
15:42:09.911464 3c:77:e6:68:4d:a3 > 4c:02:89:0a:d6:02, ethertype 802.1Q (0x8100), length 102: [B]vlan 11[/B], p 0, ethertype IPv4, [B]192.168.36.180 > 8.8.8.8[/B]: ICMP echo request, id 8608, seq 220, length 64
15:42:09.926107 4c:02:89:0a:d6:02 > 3c:77:e6:68:4d:a3, ethertype 802.1Q (0x8100), length 102: [B]vlan 12[/B], p 0, ethertype IPv4,[B] 8.8.8.8 > 192.168.36.180[/B]: ICMP echo reply, id 8608, seq 220, length 64
15:42:10.919644 3c:77:e6:68:4d:a3 > 4c:02:89:0a:d6:02, ethertype 802.1Q (0x8100), length 102: vlan 11, p 0, ethertype IPv4, 192.168.36.180 > 8.8.8.8: ICMP echo request, id 8608, seq 221, length 64
15:42:10.934297 4c:02:89:0a:d6:02 > 3c:77:e6:68:4d:a3, ethertype 802.1Q (0x8100), length 102: vlan 12, p 0, ethertype IPv4, 8.8.8.8 > 192.168.36.180: ICMP echo reply, id 8608, seq 221, length 64
15:42:11.916962 3c:77:e6:68:4d:a3 > 4c:02:89:0a:d6:02, ethertype 802.1Q (0x8100), length 102: vlan 11, p 0, ethertype IPv4, 192.168.36.180 > 8.8.8.8: ICMP echo request, id 8608, seq 222, length 64
15:42:11.931610 4c:02:89:0a:d6:02 > 3c:77:e6:68:4d:a3, ethertype 802.1Q (0x8100), length 102: vlan 12, p 0, ethertype IPv4, 8.8.8.8 > 192.168.36.180: ICMP echo reply, id 8608, seq 222, length 64
Code:
1# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.10c37b52f988 yes vlan1
eth1
eth2
br-ap11 8000.10c37b52f988 no vlan11
wl0.1
wl1.1
br-ap12 8000.10c37b52f988 no vlan12
wl0.2
wl1.2
br-ap13 8000.10c37b52f988 no vlan13
wl0.3
wl1.3This is how the swich is configured (just added vlans 11,12,13):
Code:
# robocfg show
Switch: enabled gigabit
Port 0: DOWN enabled stp: none vlan: 2 jumbo: off mac: 00:00:00:00:00:00
Port 1: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 4c:02:89:0a:d6:02
Port 2: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 4: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 8: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 10:c3:7b:52:f9:88
VLANs: BCM53115 enabled mac_check mac_hash
1: vlan1: 1 2 3 4 8t
2: vlan2: 0 8u
11: vlan11: 0t 1t 2t 3t 4t 8t
12: vlan12: 0t 1t 2t 3t 4t 8t
13: vlan13: 0t 1t 2t 3t 4t 8tI used "et robowr * * *" to add the new vlans.
Code:
# vlan 11 : 0t 1t 2t 3t 4t 8t
et robowr 0x05 0x81 0x000b
et robowr 0x05 0x83 0x1C11F
et robowr 0x05 0x80 0x0000
et robowr 0x05 0x80 0x0080
# vlan 12 : 0t 1t 2t 3t 4t 8t
et robowr 0x05 0x81 0x000c
et robowr 0x05 0x83 0x1C11F
et robowr 0x05 0x80 0x0000
et robowr 0x05 0x80 0x0080
# vlan 13 : 0t 1t 2t 3t 4t 8t
et robowr 0x05 0x81 0x000d
et robowr 0x05 0x83 0x1C11F
et robowr 0x05 0x80 0x0000
et robowr 0x05 0x80 0x0080Thank you!
