Hi,
New to openwrt, used it a few years back on a much simpler device. Do have dd-wrt running on a r7000. Could someone help me work out how to setup a SSID WLAN attached to a VLAN. Using a Redmi AX6S. The AX6S will act as a wireless router and switch, with a firewalla device managing the internet, vlan, DHCP etc.
I am confuse between eth0 and lan1,2,3
root@OpenWrt:~# ls -l /sys/class/net
lrwxrwxrwx 1 root root 0 May 20 15:10 br-lan -> ../../devices/virtual/net/br-lan
lrwxrwxrwx 1 root root 0 Jan 1 1970 eth0 -> ../../devices/platform/1b100000.ethernet/net/eth0
lrwxrwxrwx 1 root root 0 Jan 1 1970 lan1 -> ../../devices/platform/1b100000.ethernet/mdio_bus/mdio-bus/mdio-bus:00/net/lan1
lrwxrwxrwx 1 root root 0 Jan 1 1970 lan2 -> ../../devices/platform/1b100000.ethernet/mdio_bus/mdio-bus/mdio-bus:00/net/lan2
lrwxrwxrwx 1 root root 0 Jan 1 1970 lan3 -> ../../devices/platform/1b100000.ethernet/mdio_bus/mdio-bus/mdio-bus:00/net/lan3
lrwxrwxrwx 1 root root 0 Jan 1 1970 lo -> ../../devices/virtual/net/lo
lrwxrwxrwx 1 root root 0 Jan 1 1970 wan -> ../../devices/platform/1b100000.ethernet/mdio_bus/mdio-bus/mdio-bus:00/net/wan
lrwxrwxrwx 1 root root 0 May 20 15:10 wlan0 -> ../../devices/platform/18000000.wmac/net/wlan0
lrwxrwxrwx 1 root root 0 May 20 15:10 wlan0-1 -> ../../devices/platform/18000000.wmac/net/wlan0-1
Can someone help me out?
My 1st attempt in setting this up
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf4:f0cf:830d::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config device
option name 'wan'
option macaddr '5c:02:14:4e:01:dc'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config device
option type 'bridge'
option name 'br-secureLan'
option bridge_empty '1'
list ports 'eth0'
list ports 'lan2'
config bridge-vlan
option device 'br-secureLan'
option vlan '8'
list ports 'eth0:t'
list ports 'lan2:t'
config device
option type '8021q'
option ifname 'br-secureLan'
option vid '8'
option name 'br-secureLan.8'
config interface 'secureLan'
option proto 'static'
option device 'br-secureLan'
option ipaddr '192.168.8.2'
option netmask '255.255.255.0'
option gateway '192.168.8.1'
config device
option type 'bridge'
option name 'br-iot'
option bridge_empty '1'
list ports 'eth0'
list ports 'lan2'
config bridge-vlan
option device 'br-iot'
option vlan '99'
list ports 'eth0:t'
list ports 'lan2:t'
config device
option type '8021q'
option ifname 'br-iot'
option vid '99'
option name 'br-iot.99'
config interface 'iot'
option proto 'static'
option device 'br-iot'
option ipaddr '192.168.99.2'
option netmask '255.255.255.0'
option gateway '192.168.99.1'
Not working
A physical port can be part of a single bridge. I think you could try sometihing like:
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf4:f0cf:830d::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth0'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config bridge-vlan
option device 'br-lan'
option vlan '8'
list ports 'eth0:t'
list ports 'lan2:t'
config bridge-vlan
option device 'br-lan'
option vlan '99'
list ports 'eth0:t'
list ports 'lan2:t'
config interface 'lan'
option device 'br-lan.8'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'iot'
option proto 'static'
option device 'br-lan.99'
option ipaddr '192.168.99.2'
option netmask '255.255.255.0'
option gateway '192.168.99.1'
1 Like
Thanks. I made some minor changes but mostly what you provided seems to work.
I removed eth0 from the bridge as I have no idea what that is and what it does
this is my /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdf9:4f9e:92fc::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config bridge-vlan
option device 'br-lan'
option vlan '8'
list ports 'lan2:t'
config bridge-vlan
option device 'br-lan'
option vlan '99'
list ports 'lan2:t'
config interface 'securelan'
option device 'br-lan.8'
option proto 'static'
option ipaddr '192.168.8.2'
option netmask '255.255.255.0'
option gateway '192.168.8.1'
option type 'bridge'
config interface 'iot'
option proto 'static'
option device 'br-lan.99'
option ipaddr '192.168.99.2'
option netmask '255.255.255.0'
option gateway '192.168.99.1'
config device
option name 'wan'
option macaddr '5c:02:14:4e:01:dc'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
/etc/config/wireless
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/18000000.wmac'
option channel '1'
option band '2g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option ssid 'Minion'
option encryption 'sae-mixed'
option key 'xxx'
option network 'iot'
config wifi-device 'radio1'
option type 'mac80211'
option path '1a143000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
option channel '36'
option band '5g'
option htmode 'HE80'
option cell_density '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option ssid '8lurpee'
option encryption 'sae-mixed'
option key 'xxx'
option network 'securelan'
config wifi-iface 'wifinet2'
option device 'radio1'
option mode 'ap'
option ssid 'Minion'
option encryption 'sae-mixed'
option key 'xxx'
option network 'iot'
Some follow up questions, how can I allow internet access to the openwrt router via LAN and how can I isolate a LAN port to a particular VLAN?