Christian Herzog
New Around Here
Hi,
I have an AC68U running Merlin in AP mode connected to a PCEngines APU2 running Debian stretch that's acting as my home router. In addition to the regular wifi on vlan1 I created two guest networks + vlans (8+9) for IoT and guest devices that get their own IP ranges. My problem now is: about 10-20% of all IPv6 (and IPv4) packets that originate from wifi clients on the 'main' wifi (vlan1) mysteriously get tagged as vlan8, show up on the wrong bridge on the APU and of course never make it to their destination (I first noticed the problem with DNS queries).
what I know:
*IPv6 only, I've never seen the problem with IPv4 not true, on further inspection I found IPv4 too, but not as much
* wifi only - I have lan4 on the same vlan1 bridge on the AC68U as the 'main' wifi, and cable clients don't show the problem
* I can run dig @2a02:xxxx:yyyy:1::1 foo.com from a wifi client 10 times and any number of them will work fine (untagged vlan1) and several will time out or trigger retries because their packets get tagged as vlan8 and never make it to dnsmasq on 2a02:xxxx:yyyy:1::1
I haven't bothered to check if only DNS is affected, but I will do that soon - update: it is not, also other traffic shows up on vlan8 instead of 1, but never on 9.
The AC68U config is here
I'm currently out of ideas on how to debug this, so any hints would be greatly appreciated.
edit: I should probably mention that these issues started as soon as I created the VLANs (around 380.65ish) and are also present in the current alphas, so the Merlin version doesn't seem to matter too much..
thanks,
-Christian
I have an AC68U running Merlin in AP mode connected to a PCEngines APU2 running Debian stretch that's acting as my home router. In addition to the regular wifi on vlan1 I created two guest networks + vlans (8+9) for IoT and guest devices that get their own IP ranges. My problem now is: about 10-20% of all IPv6 (and IPv4) packets that originate from wifi clients on the 'main' wifi (vlan1) mysteriously get tagged as vlan8, show up on the wrong bridge on the APU and of course never make it to their destination (I first noticed the problem with DNS queries).
what I know:
*
* wifi only - I have lan4 on the same vlan1 bridge on the AC68U as the 'main' wifi, and cable clients don't show the problem
* I can run dig @2a02:xxxx:yyyy:1::1 foo.com from a wifi client 10 times and any number of them will work fine (untagged vlan1) and several will time out or trigger retries because their packets get tagged as vlan8 and never make it to dnsmasq on 2a02:xxxx:yyyy:1::1
I haven't bothered to check if only DNS is affected, but I will do that soon - update: it is not, also other traffic shows up on vlan8 instead of 1, but never on 9.
The AC68U config is here
I'm currently out of ideas on how to debug this, so any hints would be greatly appreciated.
edit: I should probably mention that these issues started as soon as I created the VLANs (around 380.65ish) and are also present in the current alphas, so the Merlin version doesn't seem to matter too much..
thanks,
-Christian
Last edited:
