Hi Anav,
thanks for your point of view. My configuration is pretty simple.
I run 2 CAP-ACs in CAPS Mode, Manager Forwarding mode, both having a SSID for 2,4Ghz (PVID20) and 5Ghz (PVID).
CAP Devices on CAPSMAN are in main bridge BR-MAIN. If both of them are already tagging the traffic from incoming clients with appropriate PVID (10/20) my thoughts were, that i do not need them to set in the Bridge VLAN config.
Interfaces:
Columns: NAME, TYPE, ACTUAL-MTU, L2MTU, MAX-L2MTU, MAC-ADDRESS
# NAME TYPE ACTUAL-MTU L2MTU MAX-L2MTU MAC-ADDRESS
0 R ether1 - WAN ether 1500 1596 2026 DC:2C:6E:81:0B:C8
1 RS ether2 - HomeAssistant ether 1500 1596 2026 DC:2C:6E:81:0B:C9
2 RS ether3 - Proxmox ether 1500 1596 2026 DC:2C:6E:81:0B:CA
3 R ether4 - AP1 ether 1500 1596 2026 DC:2C:6E:81:0B:CB
4 R ether5 - AP2 ether 1500 1596 2026 DC:2C:6E:81:0B:CC
5 X sfp1 ether 1500 1596 2026 DC:2C:6E:81:0B:CD
6 R BR-MAIN bridge 1500 1596 DC:2C:6E:81:0B:C9
7 DRS IoT 2.4Ghz-AP1-1 cap 1500 1600 18:FD:74:C2:2E:3A
8 DRS IoT 2.4Ghz-AP2-1 cap 1500 1600 48:A9:8A:56:B7:3F
9 DRS Owcahome 5Ghz-AP1-1 cap 1500 1600 18:FD:74:C2:2E:3B
10 DRS Owcahome 5Ghz-AP2-1 cap 1500 1600 48:A9:8A:56:B7:40
11 R VLAN10 - WIFI vlan 1500 1592 DC:2C:6E:81:0B:C9
12 R VLAN20 - IOT vlan 1500 1592 DC:2C:6E:81:0B:C9
13 R VLAN50 - LAN vlan 1500 1592 DC:2C:6E:81:0B:C9
14 R VPN wg 1420
15 X ppp-out1 ppp-out
Bridge:
0 R name="BR-MAIN" mtu=auto actual-mtu=1500 l2mtu=1596 arp=enabled arp-timeout=auto mac-address=DC:2C:6E:81:0B:C9 protocol-mode=none fast-forward=yes igmp-snooping=no auto mac=yes ageing-time=5m vlan-filtering=yes ether-type=0x8100 pvid=1 frame-types=admit-all ingress-filtering=no dhcp-snooping=no
Bridge VLAN:
Flags: X - disabled, D - dynamic
0 ;;; Wifi
bridge=BR-MAIN vlan-ids=10 tagged=BR-MAIN,Owcahome 5Ghz-AP1-1,Owcahome 5Ghz-AP2-1 untagged="" current-tagged=BR-MAIN,Owcahome 5Ghz-AP1-1,Owcahome 5Ghz-AP2-1 current-untagged=""
1 ;;; IoT
bridge=BR-MAIN vlan-ids=20 tagged=BR-MAIN,ether3 - Proxmox,IoT 2.4Ghz-AP1-1,IoT 2.4Ghz-AP2-1 untagged=ether2 - HomeAssistant current-tagged=BR-MAIN,ether3 - Proxmox,IoT 2.4Ghz-AP2-1,IoT 2.4Ghz-AP1-1 current-untagged=ether2 - HomeAssistant
2 ;;; LAN
bridge=BR-MAIN vlan-ids=50 tagged=BR-MAIN,ether3 - Proxmox untagged="" current-tagged=BR-MAIN,ether3 - Proxmox current-untagged=""
3 D bridge=BR-MAIN vlan-ids=1 tagged="" untagged="" current-tagged="" current-untagged=BR-MAIN,ether3 - Proxmox
As you can see, I have added the CAPs as tagged on the VLAN as well. Dunno if this is really necessary, so I'm happy if somebody can advise.