So I have an HP 1810-24G as my main switch, which is connected to my router. On a trunk port there going to my RT-N16 , I have vlans 10 and 90 trunked (vlan 1 is not used and is left untagged). My RT-N16, running shibby, has all the ports bridged (ie WAN is bridged with the rest of the LAN ports), and the ports have been reversed so the numbering matches they physical ports.
Connected to the RT-N16 is an Ubiquiti Unifi AC Pro. It has 2 wifi networks, one operating in vlan 10 and the other in vlan 90. It's connected to the WAN port. The Unifi requires that one vlan on it's line be untagged for management (it won't vlan tag its own traffic going to the management software, which is running on vlan 10). Other ports on the RT-N16 are untagged on vlan 10 only.
So I have Router -> HP switch -> RT-N16 -> Unifi AC.
These are my settings (not sure if I need the bridge setups, but it didn't seem to work at all without them). I can't post images yet as a new user, so:
Advanced -> VLANs
VLAN 1: VID -> 1 (nothing else checked)
VLAN 2: VID -> 99 (nothing checked), bridge -> WAN
VLAN 9: VID -> 90, Port 3 -> yes, Port 4 -> Yes, Port 4 tagged -> on, WAN port -> yes, WAN tagged -> yes, bridge -> LAN 1
VLAN 10: VID -> 10, Port 1 -> yes, Port 4 -> Yes, WAN port -> yes, WAN tagged -> yes, default, bridge -> LAN
Basic -> Network
br0 -> 192.168.42.11
br1 -> 192.168.42.3
So VLAN 10 works fine. I can plug into port 1 and use vlan 10, and port 4 works on vlan 10 as well. However VLAN 90 does not. I assigned port 3 to be untagged on VLAN 90 and plugged into it, and I cannot get a DHCP lease, nor can I manually set the IP and ping the router. tcpdump on the router shows no traffic coming on the interface for vlan90 when I do this. It works fine when I assign a port as untagged on VLAN 90 on the HP switch, so it's definitely something with the Tomato configuration.
Any thoughts? What am I doing wrong? My initial guess is that I need to make port 4 also tagged on vlan 10, but then untagged traffic arriving on port 4 is not properly being assigned to vlan 10 (ie I lose connectivity to the Unifi itself and it can't contact the controller on vlan 10). Even so, this wouldn't explain why port 3 cannot contact the router on vlan 90 via the WAN port.