I have a simple hardware setup with a central router and two directly-connected cAP access points. I wish to set up a vlan for guests, which will comprise just one “station” (the 5Ghz one, in ap-bridge mode) of just one cAP, a trunk for the guest-vlan from that cAP to the router, and the guest ip services in the router.
What is the difference between attaching a specific vlan interface to the (entire 5GHz) wireless interface or, alternatively, setting the vlan-mode and vlan-id directly thru /interface wireless?
because this means that wireless interface is tagged while in reality wireless is untagged in all but very special use cases.
There are two ways of dealing with VLAN tags for wireless: setting vlan attributes on wireless interface as you mentioned or setting wireless interface as access port of vlan-aware bridge. From functionality point of view, most of times they are identical. However, setting vlan attributes on wireless interfaces seems to becoming obsolete, wifiwave2 drivers currently don’t support it. So it seems it’s safer to go with vlan-enabled bridge.
