So the above post SOLVES original post.
But I have one final question I have indicated in the first post, which I wanted to deal with once VLANs work…
I will add (perhaps unrelated) additional questions, because I am also experiencing some strange behavior on some ports (e.g. look at CSS326 port 10 and port 22 – exactly the same setup, in ether 10 the mesh master does not work, in port 22 it does…)
Meantime I have found the culprit. VLAN setup was exactly the same, but on System tab non-working ports were marked as not trusted.
Now the official documentation confuses, so can someone please explain it to me:
SwitchOS documentation
Trusted ports
Group of ports, which allows DHCP or PPPoE servers to provide a requested information. When enabled, it allows forwarding DHCP client packets towards the DHCP server through this port. Mainly used to limit unauthorized servers to provide malicious information for users, access ports usually do not configure as trusted. Ports that receive DHCP client packets with already added Option-82 must also be trusted, otherwise these packets are dropped. The setting does not apply to DHCPv6 packets.
From that I deducted that “Access ports should normally not be trusted” (which makes logical sense to me). But since I only get IP from DHCP on these servers only when access ports are trusted (“When enabled, it allows forwarding DHCP client packets towards the DHCP server through this port.”) then it seems to be totally contrary statements.
So what should I do? Keep all trusted? Or should I disable the Option-82?