VLAN: Fixed DNS/NAT issues, ready for activation
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Issues fixed after first activation attempt: - DHCP DNS now points to each VLAN gateway - DNS redirect rules cover all VLANs - VLAN interfaces added to LAN firewall list - NAT masquerade for VLAN→AdGuard traffic CSS326 switch configured via SwOS. MikroTik backup saved. Ready to enable VLAN filtering when convenient.
This commit is contained in:
@@ -1,5 +1,27 @@
|
||||
# Infrastructure Changelog
|
||||
|
||||
## 2026-01-26
|
||||
|
||||
### VLAN Activation Attempt & Fixes
|
||||
- [VLAN] Configured CSS326 switch VLANs via SwOS web interface
|
||||
- [VLAN] Enabled VLAN filtering on MikroTik - caused internet outage
|
||||
- [VLAN] Rolled back VLAN filtering to restore connectivity
|
||||
- [VLAN] **ROOT CAUSE IDENTIFIED:** Multiple configuration issues
|
||||
|
||||
### Issues Fixed
|
||||
- [FIX] DHCP DNS now points to each VLAN gateway instead of legacy 192.168.31.1
|
||||
- VLAN 20: 192.168.20.1, VLAN 25: 192.168.25.1, etc.
|
||||
- [FIX] Added DNS redirect rules for all VLANs (src-address-list=all-vlans)
|
||||
- [FIX] Added all VLAN interfaces to LAN firewall interface list
|
||||
- [FIX] Added NAT masquerade rules for VLAN traffic to AdGuard container
|
||||
- [BACKUP] MikroTik config saved before activation attempt
|
||||
|
||||
### Current Status
|
||||
- MikroTik: Fully configured, fixes applied, ready for activation
|
||||
- CSS326: VLANs configured, port assignments done
|
||||
- VLAN Filtering: OFF (ready to enable when convenient)
|
||||
- Next: Enable VLAN filtering + force DHCP renewal on devices
|
||||
|
||||
## 2026-01-25 (Update 3)
|
||||
|
||||
### VLAN Phase 1 Complete
|
||||
|
||||
Reference in New Issue
Block a user