Hello,
Networks
Three Subnets.
xxx.xxx.1.0/24 Lan
xxx.xxx.2.0/24 IoT
xxx.xxx.3.0/24 Guest
All three subnets are VLAN tagged, the first on LAN Port 1, the second on Lan Port 2, the third on LAN Port 3.
All three subnets have an interface with physical settings
eth0.1
eth0.2
eth0.3
Bridged Interfaces
All thee interfaces are bridged with a Wireless interfaces, i.e.
br-lan xxx.xxx.1.0/24 (2.4 GHz)
br-Iot xxx.xxx.1.0/24 (5GHz)
br-Guest xxx.xxx.1.0/24 (5GHz)
All three networks are in their own firewall zone, i.e.
Zones
Lan --> LanZone
IoT --> IoTZone
Guest-->GuestZone
(Intrazone) --> Interzone forwardings
LanZone (Accept,Accept,Reject) --> IoT,Guest,Wan
IoTZone (Accept,Accept,Reject) --> Reject
GuestZone (Reject,Accept,Reject) --> Wan
Traffik rules
Guest and IoT have DNS and DHCP ports 53, 67, 68 opened for router device
All three interfaces have (dynamic) DHCP servers enabled.
IoT Net
There is already a Philips Hue bridge added to the IoT net. DHCP client was on. The MAC address of the Hue bridge is xx:xx:xx:xx:xx:8c.
SSH Log
When I log in to router console and start
logread -f
before I connect with my iPad to the br-IoT xxx.xxx.2.0/24 net, I get following output...
I am not an expert but this looks like as if the Hue bridge with mac address xx:xx:xx:xx:xx:8c tries to get an IP but not from br-IoT xxx.xxx.2.0/24 but from br-lan xxx.xxx.1.0/24.
I think this is wrong isn't it?
Question
What exactly must be fullfilled that a dhcp client in a vlan tagged subnet gets an ip addresse from this subnet?
Thanks.
Regards,
Equi