custom dhcp for wireless guest networks

perkins1724 · May 25, 2017

I am trying to setup custom dhcp using dnsmasq for my wireless guest networks (RT87U / Firmware:380.66).

i have a startup script that works for the 2.4GHz channels (virtual interfaces wl0.1, wl0.2 and wl0.3). However it does not work for the 5GHz channels (virtual interfaces vlan4000, vlan4001 and vlan4002).

Using ifconfig I can see that the 2.4GHz channels all have unique HWaddr values. However the 5GHz channels have an identical HWaddr value - which is the same as the eth0 / eth1 / vlan1 interfaces.

Using
nvram show | grep hwaddr | grep -E "wl0|wl1"
I can see that the hwaddr values for the wl0 nvram entries match the wl0 interfaces. However the hwaddr values for the wl1 nvram entries do not match the vlan400X interfaces.

Using tcpdump I also dont get any traffic on the vlan400X interfaces, it all seems to appear on the eth0/eth1/vlan1 interfaces instead - and this seems to be the issue with using dnsmasq.

Just to clarify - the guest networks all appear to work correctly from a mobile device perspective. However because the traffic is not coming through the vlan400X interfaces I can't get the dnsmasq assignments to correctly work.

Is there a possibility that the vlan400X interfaces are not being created correctly in this version of firmware? Are there instead supposed to be wl1/wl1.1/wl1.2/wl1.3 interfaces?

Any assistance / suggestions greatly appreciated.

Fitz Mutch · May 25, 2017

https://www.snbforums.com/threads/guest-networks-and-dhcp.14141/page-2#post-286748

http://rtr.ca/merlin/enable_dhcp_for_guests.sh

perkins1724 · May 25, 2017

Thanks Fitz Mutch. Yes, that is pretty much the script I am using. It also specifies that the 5Ghz guest interfaces should be coming up as wl1.1/wl1.2/wl1.3.

How can I go about debugging why the 5GHz interfaces are spawning as vlan4000/vlan4001/vlan4002 instead of wl1.1/wl1.2/wl1.3?

I am using an RT-AC87U with Firmware:380.66.

Code:

#ifconfig
br0       Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:223277 errors:0 dropped:0 overruns:0 frame:0
          TX packets:14314 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:189728586 (180.9 MiB)  TX bytes:6627398 (6.3 MiB)

br0:0     Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:169.254.39.1  Bcast:169.254.39.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1

eth0      Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:169.254.17.33  Bcast:169.254.255.255  Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:225126 errors:0 dropped:0 overruns:0 frame:0
          TX packets:477835 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:195306414 (186.2 MiB)  TX bytes:310246969 (295.8 MiB)
          Interrupt:180 Base address:0x5000

eth1      Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:156 errors:0 dropped:0 overruns:0 frame:398
          TX packets:12022 errors:191934 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32129 (31.3 KiB)  TX bytes:7505330 (7.1 MiB)
          Interrupt:163

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
          RX packets:961 errors:0 dropped:0 overruns:0 frame:0
          TX packets:961 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:176286 (172.1 KiB)  TX bytes:176286 (172.1 KiB)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:XXX.XXX.XXX.XXX  P-t-P:XXX.XXX.XXX.XXX  Mask:255.255.255.255
          UP POINTOPOINT RUNNING MULTICAST  MTU:1492  Metric:1
          RX packets:1448 errors:0 dropped:0 overruns:0 frame:0
          TX packets:178244 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:493213 (481.6 KiB)  TX bytes:38020365 (36.2 MiB)

tap21     Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:28 errors:0 dropped:0 overruns:0 frame:0
          TX packets:186844 errors:0 dropped:1076 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:4047 (3.9 KiB)  TX bytes:170423320 (162.5 MiB)

vlan1     Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:223663 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15013 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:190766864 (181.9 MiB)  TX bytes:7037605 (6.7 MiB)

vlan4000  Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:192.168.104.1  Bcast:192.168.104.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:95630 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:87809333 (83.7 MiB)

vlan4001  Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:192.168.105.1  Bcast:192.168.105.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94858 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:87104424 (83.0 MiB)

vlan4002  Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:50
          inet addr:192.168.106.1  Bcast:192.168.106.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94071 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:86372335 (82.3 MiB)

wl0.1     Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:51
          inet addr:192.168.101.1  Bcast:192.168.101.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:398
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wl0.2     Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:52
          inet addr:192.168.102.1  Bcast:192.168.102.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:398
          TX packets:1103 errors:96609 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:357120 (348.7 KiB)

wl0.3     Link encap:Ethernet  HWaddr XX:XX:XX:CA:61:53
          inet addr:192.168.103.1  Bcast:192.168.103.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:398
          TX packets:9019 errors:87981 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:4676863 (4.4 MiB)

RMerlin · May 26, 2017

The RT-AC87U does not have a wl1 interface because the 5 GHz interface isn't created within the firmware's environment but within a separate firmware running on a separate CPU. So, that hardware interface does not exist on the primary firmware environment.

perkins1724 · May 26, 2017

RMerlin said:
The RT-AC87U does not have a wl1 interface because the 5 GHz interface isn't created within the firmware's environment but within a separate firmware running on a separate CPU. So, that hardware interface does not exist on the primary firmware environment.

Thankyou for that RMerlin.

I have tried a lot more, but I cant get it to work on the 5GHz side it looks like on the RT-AC87U it is not going to be possible to split the dhcp via dnsmasq for the 5GHz guest networks (the 2.4GHz guest networks work fine). It also appears (in my testing) that the setting to disable intranet access from the 5GHz guest networks does not work (well, on the RT-AC87U) which seems like a bit of a security hole particularly if anyone has created an open 5GHz guest network so I have disabled my 5GHz guest networks now anyway.

Thread starter	Title	Forum	Replies	Date
P	dnsmasq custom domain doesn't work on windows 10	Asuswrt-Merlin	1	Apr 16, 2024
	hostapd custom config	Asuswrt-Merlin	4	Mar 30, 2024
L	Custom DDNS vs Drop Down List for Same Provider	Asuswrt-Merlin	3	Mar 19, 2024
	custom domains report NXDOMAIN for IPv6 DNS and fail to resolve in Alpine OS	Asuswrt-Merlin	2	Feb 18, 2024
K	Lower refresh rate for custom DDNS update on failure, do avoid update loop	Asuswrt-Merlin	0	Jan 10, 2024
J	Solved OpenVPN clients can't resolve custom domains defined in dnsmasq config	Asuswrt-Merlin	2	Dec 28, 2023
P	Custom DNS for Guest Network Possible?	Asuswrt-Merlin	15	Dec 17, 2023
	Custom DDNS not auto updating	Asuswrt-Merlin	1	Dec 2, 2023
	Custom WAN DNS not working	Asuswrt-Merlin	35	Nov 12, 2023
R	Problem with my New ASUS RT-88U PRO Merlin and NordVPN pre-configured/custom configuration and DNS settings .	Asuswrt-Merlin	36	Oct 22, 2023

Search

Search

custom dhcp for wireless guest networks

perkins1724

Occasional Visitor

Fitz Mutch

Senior Member

perkins1724

Occasional Visitor

RMerlin

Asuswrt-Merlin dev

perkins1724

Occasional Visitor

Similar threads

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Members online