I am trying to vlan a Netgear Nighthawk R7500v2 router that I just purchased. The base image flashed without problem, but I'm trying to configure interfaces for IoT and Secure (basically everything else to isolate confidential information from notorious IoT devices.
My Lan is on 192.168.2.0/24 (FIOS has the .1 network), and the two additional network interfaces are on .3 and .4.
Creating this, I tried to use the ifname eth1.2 (primary lan, vlan 2), and eth1.3 and eth1.4 for the other two interfaces. I'm also creating SSID's on wireless for IoT and Secure and linking them to the respective interfaces. Every time I try to use the eth1.x notation, the router won't allow me in.
This is even before I add the VLAN's 3 and 4 to the switch, although I have added them to the switch previously and had the same result. Any help would be appreciated.
I'm going through LAN port 1. I also have opened SSH and LEDE for upstream access (still inside my FIOS router network) and access from a computer from the WAN network.
I've never worked on this switch chip before... is it really administered as one switch with CPU eth0 and CPU eth1 on the same switch, rather than two switches?
That's how Lede was configured when I loaded the fresh image, so I have to assume so. I also have it working with that base image, but without the additional interfaces and vlans configured.
It does make some sense since it has a dual core CPU. I just figured they were separating the core usage, directing one to LAN and the other to WAN.
The problem comes when adding those additional interfaces and vlans.
Well, if I read things right LAN port 1 is 5 and eth0 is 0 and I do not see anything that would foul this up on the other definitions so the access to WAN should remain working,
Before you add the additional VLANs, is the switch already active with enable_vlan="1" and the switch_vlan statement present for vlan 1? Or does that all appear when you add the VLANs? Maybe it is merely enabling the switch that is causing issues.
The switch is active and all those vlans were showing up - until I rebooted the router that is. After that, failsafe was the only way to gain access. I removed the additional vlan sections and it started properly again.
One thing that just clicked with me today is that the Lucy diagram shows port 4 connected on the switch, but the wire is in the socked called 1. I read about some router switches having different internal assignments than are on the label. I'm not sure if that would cause the problem. I do have two vlans tied to port 4 on the config I had and they weren't tagged.
Will try updating with your config options when I get home. Also, can anyone verify that the eth1.2, etc. nomenclature is correct? I've seen postings in various places that would use 1_2. I've also seen the switch referred to as ethX rather than switch0. I just don't know if some of that is outdated or oriented to a different router/chipset.
Unless they were in error, someone at some point added this line to the init files in board.d for your model:
ucidef_add_switch "switch0"
"1:lan" "2:lan" "3:lan" "4:lan" "6@eth1" "5:wan" "0@eth0"
...which actually I should have said in my last post that WAN port is 5, not LAN1. But that is consistent with what you seem to be trying to do.
...the numbers printed on the plastic, if they are different, should be after each of those entries. That is,
if port 4 was actually labeled 1, it should read "4:lan:1" instead. It could be worth swapping wires around and
hunting for the correct ports... the person that added that might have done so not knowing that the plastic
numbers can be listed .
Also once this is figured out the OpenWRT wiki could use an update, since the LEDE wiki does not have a page for that device.
All of this is beside the point that the WAN port should stay working. Could you check where you got the image for a .manifest file and verify swconfig is a preinstalled package?
Holy Cow!!!! I just recreated the network through LuCI and everything worked. I think the difference was the order in which I did the setup. Specifically, I added the VLAN's first, and then the Interfaces. When I saved the first new VLAN, I had a message pop-up saying that the LAN network was being converted to eth1.1. Everything worked fine after that. LAN should ideally be eth1.2 because it will be the .2 network, but I think I'm just going to let it be for now.
I don't know if the issue was in the order of the setup or if LuCI hits some configuration in addition to the files in /etc/config. My network file doesn't look much different to me, but I'll post it. I know that most people were hesitant to use LuCI in openWRT because it had both limitations and odd quirks. There are still things it cannot do, but I expect that it may be the best way to ensure the base configuration is properly established.
Network file follows. I'll update the post if problems reoccur. I'll also look at updating the documentation for this model after I get a bit further and confirm that I'm stable. For now, I'm going to fight the battle of the intentional double NAT - I must be out of my mind
@skids - I tried to open the img file in Windows but it says it is corrupt. I know that isn't the case because I used it to flash the router and I verified the check sum. Any recommendations on how to open it? BTW, I got the file from the LEDE site for my router model.
I've seen funny things happen when LUCI gets ahold of a hand-made /etc/config/network as well. I was almost going to mention the order looked off, but it wasn't off in the same way I saw problems with before. Good you are working. Since you are, don't worry about swconfig -- you must have it already.
LUCI could really use an apply, wait, and revert if not confirmed dialogue especially for switch configuration, but also for firewall and IP config.
