When configuring an Access-Point to use dynamic VLANs, devices connected to the same VLAN on the same ath10k-ct 5GHz radio of an access point can’t reach each other (e.g. through ping). If one of the devices is connected via Ethernet or a 2.4GHz Wi-Fi, they are able to reach each other.
Steps to reproduce
Install OpenWrt 21.02.1 on e.g. Archer C7v5 (I saw the same issue on other devices like Archer C7 v2 as well)
Install wpad on the device: opkg update && opkg remove wpad-mini wpad-basic wpad-basic-wolfssl && opkg install wpad
Configure a dynamic VLAN WPA2 Enterprise Wi-Fi using the following /etc/config/wireless
Connect two devices to the Wi-Fi that was just configured
Expected results
The devices should be able to ping each other.
Actual results
It is not possible to reach the other device by pinging it. The following scenarios do work:
Connect one device via Ethernet
If one device is connected to the same VLAN via Ethernet and the other is connected using the dynamic VLAN Wi-Fi, ping works.
Connect one device to a 2.4GHz Wi-Fi with dynamic VLANs
When setting up a 2.4GHz Wi-Fi that also uses dynamic VLAN, similar to how it’s described above, and connecting one device to the 2.4GHz network and the other to the 5GHz network pinging also works.
Connect both devices to a 2.4GHz Wi-Fi with dynamic VLANs
Connecting both devices to a 2.4GHz Wi-Fi with dynamic VLANs that uses the ath9k-ct driver, it is possible to ping between the two devices.
Disable dynamic VLANs and tag all packages into the same VLAN
If the Wi-Fi is configured without dynamic VLANs and statically tags all packets into the same VLAN, e.g. as follows, it is also possible to ping between the two devices
Summary
When configuring an Access-Point to use dynamic VLANs, devices connected to the same VLAN on the same ath10k-ct 5GHz radio of an access point can’t reach each other (e.g. through
ping
). If one of the devices is connected via Ethernet or a 2.4GHz Wi-Fi, they are able to reach each other.Steps to reproduce
opkg update && opkg remove wpad-mini wpad-basic wpad-basic-wolfssl && opkg install wpad
/etc/config/wireless
``` config wifi-device 'radio0' option type 'mac80211' option path 'pci0000:00/0000:00:00.0' option hwmode '11a' option htmode 'VHT40' option country 'DE' option channels '32-48' config wifi-iface 'wifi_5ghz' option ifname 'wifi_5ghz' option device 'radio0' option mode 'ap' option ssid 'my_wifi' option encryption 'wpa2+ccmp' option auth_server '10.220.220.50' option auth_secret 'secret' option dynamic_vlan '2' option vlan_tagged_interface 'eth0' option vlan_bridge 'br-vlan' option vlan_naming '0' option disassoc_low_ack '0' option eap_reauth_period '0' ```/etc/config/wireless
``` config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr '127.0.0.1' option netmask '255.0.0.0' config globals 'globals' config interface 'vlan2220' option ifname 'eth0.2220' option type 'bridge' option proto 'static' option netmask '255.255.255.0' option gateway '10.220.220.1' option dns '137.226.111.1' option ipaddr '10.220.220.242' ```/etc/config/network
Make the radius server tag all devices into VLAN 2220 using the following reply
Connect two devices to the Wi-Fi that was just configured
Expected results
The devices should be able to ping each other.
Actual results
It is not possible to reach the other device by
ping
ing it. The following scenarios do work:Connect one device via Ethernet
If one device is connected to the same VLAN via Ethernet and the other is connected using the dynamic VLAN Wi-Fi,
ping
works.Connect one device to a 2.4GHz Wi-Fi with dynamic VLANs
When setting up a 2.4GHz Wi-Fi that also uses dynamic VLAN, similar to how it’s described above, and connecting one device to the 2.4GHz network and the other to the 5GHz network
ping
ing also works.Connect both devices to a 2.4GHz Wi-Fi with dynamic VLANs
Connecting both devices to a 2.4GHz Wi-Fi with dynamic VLANs that uses the ath9k-ct driver, it is possible to
ping
between the two devices.Disable dynamic VLANs and tag all packages into the same VLAN
If the Wi-Fi is configured without dynamic VLANs and statically tags all packets into the same VLAN, e.g. as follows, it is also possible to
ping
between the two devices
``` config wifi-iface 'wifi_5ghz' option ifname 'wifi_5ghz' option device 'radio0' option network 'lan' option mode 'ap' option ssid 'my_wifi' option encryption 'wpa2+ccmp' option auth_server '10.220.220.50' option auth_secret 'secret' option disassoc_low_ack '0' option eap_reauth_period '0' ```/etc/config/wireless
Software versions used
OpenWrt 21.02.1, r16325-88151b8303 on an Archer c7v5
``` ath10k-board-qca988x - 20201118-3 ath10k-firmware-qca988x-ct - 2020-11-08-1 base-files - 1434-r16325-88151b8303 busybox - 1.33.1-6 ca-bundle - 20210119-1 cgi-io - 2021-09-08-98cef9dd-20 curl - 7.79.1-1 dropbear - 2020.81-2 firewall - 2021-03-23-61db17ed-1 fstools - 2021-01-04-c53b1882-1 fwtool - 2019-11-12-8f7fe925-1 getrandom - 2020-10-25-9ef88681-2 hostapd-common - 2020-06-08-5a8b3662-35 ip6tables - 1.8.7-1 iptables - 1.8.7-1 iw - 5.9-8fab0c9e-1 iwinfo - 2021-04-30-c45f0b58-2.1 jshn - 2021-05-16-b14c4688-2 jsonfilter - 2018-02-04-c7e938d6-1 kernel - 5.4.154-1-79c5dc6db69102eb2943a96b9bec8b63 kmod-ath - 5.4.154+5.10.68-1-1 kmod-ath10k-ct - 5.4.154+2021-09-22-e6a7d5b5-1 kmod-ath9k - 5.4.154+5.10.68-1-1 kmod-ath9k-common - 5.4.154+5.10.68-1-1 kmod-cfg80211 - 5.4.154+5.10.68-1-1 kmod-gpio-button-hotplug - 5.4.154-3 kmod-hwmon-core - 5.4.154-1 kmod-ip6tables - 5.4.154-1 kmod-ipt-conntrack - 5.4.154-1 kmod-ipt-core - 5.4.154-1 kmod-ipt-nat - 5.4.154-1 kmod-ipt-offload - 5.4.154-1 kmod-lib-crc-ccitt - 5.4.154-1 kmod-mac80211 - 5.4.154+5.10.68-1-1 kmod-nf-conntrack - 5.4.154-1 kmod-nf-conntrack6 - 5.4.154-1 kmod-nf-flow - 5.4.154-1 kmod-nf-ipt - 5.4.154-1 kmod-nf-ipt6 - 5.4.154-1 kmod-nf-nat - 5.4.154-1 kmod-nf-reject - 5.4.154-1 kmod-nf-reject6 - 5.4.154-1 kmod-nls-base - 5.4.154-1 kmod-phy-ath79-usb - 5.4.154-1 kmod-ppp - 5.4.154-1 kmod-pppoe - 5.4.154-1 kmod-pppox - 5.4.154-1 kmod-slhc - 5.4.154-1 kmod-usb-core - 5.4.154-1 kmod-usb-ehci - 5.4.154-1 kmod-usb-ledtrig-usbport - 5.4.154-1 kmod-usb2 - 5.4.154-1 libblobmsg-json20210516 - 2021-05-16-b14c4688-2 libc - 1.1.24-3 libcurl4 - 7.79.1-1 libgcc1 - 8.4.0-3 libip4tc2 - 1.8.7-1 libip6tc2 - 1.8.7-1 libiwinfo-data - 2021-04-30-c45f0b58-2.1 libiwinfo-lua - 2021-04-30-c45f0b58-2.1 libiwinfo20210430 - 2021-04-30-c45f0b58-2.1 libjson-c5 - 0.15-2 libjson-script20210516 - 2021-05-16-b14c4688-2 liblua5.1.5 - 5.1.5-9 liblucihttp-lua - 2021-06-11-3dc89af4-1 liblucihttp0 - 2021-06-11-3dc89af4-1 libnghttp2-14 - 1.43.0-1 libnl-tiny1 - 2020-08-05-c291088f-2 libpthread - 1.1.24-3 libubox20210516 - 2021-05-16-b14c4688-2 libubus-lua - 2021-06-30-4fc532c8-2 libubus20210630 - 2021-06-30-4fc532c8-2 libuci20130104 - 2020-10-06-52bbc99f-5 libuclient20201210 - 2021-05-14-6a6011df-1 libustream-wolfssl20201210 - 2020-12-10-68d09243-1 libwolfssl4.8.1.66253b90 - 4.8.1-stable-4 libxtables12 - 1.8.7-1 logd - 2020-10-25-9ef88681-2 lua - 5.1.5-9 luci - git-20.074.84698-ead5e81 luci-app-firewall - git-21.295.66767-8eceb63 luci-app-opkg - git-21.079.58598-6639e31 luci-base - git-21.295.67054-13df80d luci-lib-base - git-20.232.39649-1f6dc29 luci-lib-ip - git-20.250.76529-62505bd luci-lib-jsonc - git-19.317.29469-8da8f38 luci-lib-nixio - git-20.234.06894-c4a4e43 luci-mod-admin-full - git-19.253.48496-3f93650 luci-mod-network - git-21.295.67048-4d3de0e luci-mod-status - git-21.295.66779-853a128 luci-mod-system - git-21.295.66903-8acd0d7 luci-proto-ipv6 - git-21.148.49484-14511e5 luci-proto-ppp - git-21.163.64918-6c6559a luci-ssl - git-20.244.36115-e10f954 luci-theme-bootstrap - git-21.298.68362-d24760e mtd - 26 muninlite - 2.1.1-1 netifd - 2021-07-26-440eb064-1 odhcp6c - 2021-01-09-53f07e90-16 odhcpd-ipv6only - 2021-07-18-bc9d317f-3 openwrt-keyring - 2021-02-20-49283916-2 opkg - 2021-06-13-1bf042dd-1 ppp - 2.4.8.git-2020-10-03-3 ppp-mod-pppoe - 2.4.8.git-2020-10-03-3 procd - 2021-02-23-37eed131-1 px5g-wolfssl - 3 rpcd - 2021-03-11-ccb75178-1 rpcd-mod-file - 2021-03-11-ccb75178-1 rpcd-mod-iwinfo - 2021-03-11-ccb75178-1 rpcd-mod-luci - 20210614 rpcd-mod-rrdns - 20170710 swconfig - 12 uboot-envtools - 2021.01-10 ubox - 2020-10-25-9ef88681-2 ubus - 2021-06-30-4fc532c8-2 ubusd - 2021-06-30-4fc532c8-2 uci - 2020-10-06-52bbc99f-5 uclient-fetch - 2021-05-14-6a6011df-1 uhttpd - 2021-03-21-15346de8-2 uhttpd-mod-ubus - 2021-03-21-15346de8-2 urandom-seed - 3 urngd - 2020-01-21-c7f7b6b6-1 usign - 2020-05-23-f1f65026-1 wireless-regdb - 2021.04.21-1 wpad - 2020-06-08-5a8b3662-35 xinetd - 2.3.15-11 ```opkg list-installed
If you need any more information please let me know, I am able to reproduce the issue 100% of the time and am very happy to help you in any way.