Adding VLAN Blows Up Netgear WNDR3700v2

Installing and Using OpenWrt Network and Wireless Configuration
1

Netgear WNDR3700v2
OpenWrt 19.07.4 r11208-ce6496d796 / LuCI openwrt-19.07 branch git-20.247.75781-0d0ab01

Adding a VLAN via LuCi causes the router to be completely inaccessible via web and SSH at the next boot. Must invoke recovery mode to get back control.

For this router, the LAN is VLAN 1, eth0. The WAN is on eth1.

VLAN 2 is created for external port 4, internally seen as port 0. Tagging of the port and/or CPU has no effect on the outcome.

The config looks good via the CLI, so I'm not sure what is causing the problem. Even if I create an interface for VLAN2 prior to the reboot the outcome is the same.

EDIT: The lockup/lockout does not occur if I do not assign a port to the new VPN. Only after the port is assigned via LuCi following a separate reboot/edit/reboot does the router fail.

The following are the contents of /etc/config/network:

Factory default:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd0a:5b2d:5487::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'e2:46:9a:37:e6:a9'

config interface 'wan'
        option ifname 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth1'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
        option blinkrate '2'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0 1 2 3 5'

config switch_port
        option device 'switch0'
        option port '1'
        option led '6'

config switch_port
        option device 'switch0'
        option port '2'
        option led '9'

config switch_port
        option device 'switch0'
        option port '5'
        option led '2'

After the creation of VLAN2 assigned to external port 4, internal port 0:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd0a:5b2d:5487::/48'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ifname 'eth0.1'

config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'e2:46:9a:37:e6:a9'

config interface 'wan'
        option ifname 'eth1'
        option proto 'dhcp'

config interface 'wan6'
        option ifname 'eth1'
        option proto 'dhcpv6'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
        option blinkrate '2'
        option enable_vlan4k '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '1 2 3 5'

config switch_port
        option device 'switch0'
        option port '1'
        option led '6'

config switch_port
        option device 'switch0'
        option port '2'
        option led '9'

config switch_port
        option device 'switch0'
        option port '5'
        option led '2'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0'
2

For the LAN interface two actions are needed:

Declare β€œeth0.x” interface
Define switch_vlan configuration for each of the switch ports.

When vlans are defined on the switch ports VLAN0 cannot be used on eth0 any more. So the default router configuration must be changed, otherwise traffic stops on the switch ports and hard reset is needed.

3

Two errors here:

  • VLAN1 should be tagged on the CPU port, otherwise, "eth0.1" points to a nonexisting interface.

  • VLAN2 has only one interface assigned, it should at least have the CPU port and one LAN port.

1 Like
4

Thank you. This helped clarify my mistake. Made sure to create the interface AND tag the CPU, which I hadn't done at the same time.

1 Like
5

Thank you. Re-reading the wiki quote helped to clarify my error.

1 Like
6

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.