dan/openwrt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ee41bf8810ce1c39446ff51f0bf56a70a1d8b51
openwrt/docs/pre-implementation-findings.md
Dan Head 4ee41bf881 chore: initial repo setup with baseline config backup 
- Pull current config from router (OpenWRT 24.10.2)
- Add backup, safe-apply, and push-all scripts
- Add CLAUDE.md with workflow rules and context
- Add network-map.md with current topology and planned VLANs

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-02 23:37:53 +01:00

61 lines
2.9 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Pre-Implementation Findings
Notes from live router investigation before VLAN implementation begins.
---
## DSA and Bridge Architecture
**Concern raised:** OpenWRT 24.10+ uses DSA (Distributed Switch Architecture) on the MT7621. The implementation plan needed to be validated against the actual router interface naming and bridge support before work begins.
**Finding: bridge-per-VLAN approach is confirmed valid.**
`ip link show` output from the live router:
```
1: lo
2: eth0 — uplink to MT7621 switch ASIC
3: wan — WAN port (PPPoE)
4: lan1@eth0 — UP — LAN port 1 (wired, device connected)
5: lan2@eth0 — NO-CARRIER — LAN port 2 (nothing plugged in)
6: lan3@eth0 — UP — LAN port 3 (Sonos Connect)
7: lan4@eth0 — NO-CARRIER — LAN port 4 (nothing plugged in)
8: br-guest — guest bridge (already live)
9: br-lan — main flat LAN bridge
10: pppoe-wan
11: phy0-ap0 → br-lan — Moonshield (2.4GHz)
12: phy1-ap0 → br-lan — Moonshield (5GHz)
13: phy0-ap1 → br-guest — guest SSID (2.4GHz) — already attached
14: phy1-ap1 → br-guest — guest SSID (5GHz) — already attached
```
**Key conclusions:**
- DSA port names are `lan1``lan4` — use these in `list ports` when defining bridge devices in `config/network`.
- `br-guest` is already running in production with two wireless VAPs attached — the bridge-per-VLAN pattern is proven on this hardware.
- Both radios support `AP` and `AP/VLAN` modes with up to ~4 VAPs per radio, so adding Cloud Connected and Pinball Map SSIDs will not hit hardware limits.
- The `config/network` entry for `br-guest` currently has no `list ports` entry (bridge_empty '1'), confirming that wireless-only bridges work fine without a wired port.
---
## Pending Validation Test
**Test: assign a physical port to `br-guest`, connect a device, verify it gets a `10.10.10.x` IP.**
This validates the full stack — port assignment, bridge isolation and DHCP — using a live but low-risk interface before touching the main VLAN work.
**Steps (when physically at the router):**
1. Edit `config/network` — add `list ports 'lan4'` to the `br-guest` device block
2. `./scripts/safe-apply.sh network 5`
3. Plug a device into LAN 4
4. Confirm it gets an IP in `10.10.10.100``10.10.10.249` (pool: start 100, limit 150)
5. Verify on router: `ssh openwrt "cat /tmp/dhcp.leases"`
6. **Clean up:** remove `list ports 'lan4'` and re-push before starting real implementation
**Status: complete — passed 2026-04-02.**
Result: device on LAN 4 was issued `10.10.10.101` (within pool `10.10.10.100``10.10.10.249`). Port assignment, bridge isolation and DHCP all confirmed working end-to-end.
**Next step:** remove `list ports 'lan4'` from the `br-guest` device block and re-push before starting VLAN implementation.
Reference in New Issue View Git Blame Copy Permalink