chore: initial repo setup with baseline config backup
- Pull current config from router (OpenWRT 24.10.2) - Add backup, safe-apply, and push-all scripts - Add CLAUDE.md with workflow rules and context - Add network-map.md with current topology and planned VLANs Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
60
docs/pre-implementation-findings.md
Normal file
60
docs/pre-implementation-findings.md
Normal file
@@ -0,0 +1,60 @@
|
||||
# Pre-Implementation Findings
|
||||
|
||||
Notes from live router investigation before VLAN implementation begins.
|
||||
|
||||
---
|
||||
|
||||
## DSA and Bridge Architecture
|
||||
|
||||
**Concern raised:** OpenWRT 24.10+ uses DSA (Distributed Switch Architecture) on the MT7621. The implementation plan needed to be validated against the actual router interface naming and bridge support before work begins.
|
||||
|
||||
**Finding: bridge-per-VLAN approach is confirmed valid.**
|
||||
|
||||
`ip link show` output from the live router:
|
||||
|
||||
```
|
||||
1: lo
|
||||
2: eth0 — uplink to MT7621 switch ASIC
|
||||
3: wan — WAN port (PPPoE)
|
||||
4: lan1@eth0 — UP — LAN port 1 (wired, device connected)
|
||||
5: lan2@eth0 — NO-CARRIER — LAN port 2 (nothing plugged in)
|
||||
6: lan3@eth0 — UP — LAN port 3 (Sonos Connect)
|
||||
7: lan4@eth0 — NO-CARRIER — LAN port 4 (nothing plugged in)
|
||||
8: br-guest — guest bridge (already live)
|
||||
9: br-lan — main flat LAN bridge
|
||||
10: pppoe-wan
|
||||
11: phy0-ap0 → br-lan — Moonshield (2.4GHz)
|
||||
12: phy1-ap0 → br-lan — Moonshield (5GHz)
|
||||
13: phy0-ap1 → br-guest — guest SSID (2.4GHz) — already attached
|
||||
14: phy1-ap1 → br-guest — guest SSID (5GHz) — already attached
|
||||
```
|
||||
|
||||
**Key conclusions:**
|
||||
|
||||
- DSA port names are `lan1`–`lan4` — use these in `list ports` when defining bridge devices in `config/network`.
|
||||
- `br-guest` is already running in production with two wireless VAPs attached — the bridge-per-VLAN pattern is proven on this hardware.
|
||||
- Both radios support `AP` and `AP/VLAN` modes with up to ~4 VAPs per radio, so adding Cloud Connected and Pinball Map SSIDs will not hit hardware limits.
|
||||
- The `config/network` entry for `br-guest` currently has no `list ports` entry (bridge_empty '1'), confirming that wireless-only bridges work fine without a wired port.
|
||||
|
||||
---
|
||||
|
||||
## Pending Validation Test
|
||||
|
||||
**Test: assign a physical port to `br-guest`, connect a device, verify it gets a `10.10.10.x` IP.**
|
||||
|
||||
This validates the full stack — port assignment, bridge isolation and DHCP — using a live but low-risk interface before touching the main VLAN work.
|
||||
|
||||
**Steps (when physically at the router):**
|
||||
|
||||
1. Edit `config/network` — add `list ports 'lan4'` to the `br-guest` device block
|
||||
2. `./scripts/safe-apply.sh network 5`
|
||||
3. Plug a device into LAN 4
|
||||
4. Confirm it gets an IP in `10.10.10.100`–`10.10.10.249` (pool: start 100, limit 150)
|
||||
5. Verify on router: `ssh openwrt "cat /tmp/dhcp.leases"`
|
||||
6. **Clean up:** remove `list ports 'lan4'` and re-push before starting real implementation
|
||||
|
||||
**Status: complete — passed 2026-04-02.**
|
||||
|
||||
Result: device on LAN 4 was issued `10.10.10.101` (within pool `10.10.10.100`–`10.10.10.249`). Port assignment, bridge isolation and DHCP all confirmed working end-to-end.
|
||||
|
||||
**Next step:** remove `list ports 'lan4'` from the `br-guest` device block and re-push before starting VLAN implementation.
|
||||
Reference in New Issue
Block a user