Hi folks,
First post, first time using OpenWRT.
Device: Samsung CY-SWR1100, OpenWRT version 19.07.7
I want to have two vlans, with a separate subnet and DHCP server for each.
The router will have a WAN connection to an internet router.
I would appreciate any pointers on what needs to be configured here. I am assuming it is possible.
Kind regards,
Stuart
Should be possible. Could you post the output of uci export network , just to make sure?
Hello Trendy,
Here you go:
root@OpenWrt:~# uci export network
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd7c:fbd8:aa2f::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.0.1'
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr '34:08:04:cd:53:d0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_eth0_2_dev'
option name 'eth0.2'
option macaddr '34:08:04:cd:53:cb'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '0 1 2 3 9t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '4 9t'
root@OpenWrt:~#
There is a switch, so you can take one port from vlan1 and assign it to a new vlan3. Use that vlan3 for the new interface.
OK.
What I want to achieve is this:
The switch should be able to communicate with a cloud server by either vlan, which I will test by changing the switch management vlan and also by setting the switch management IP address.
I have a little experience configuring switches by GUI, and know of Cisco iOS CLI config.
What I'm hoping to find out is what I need to do to OpenWRT to configure the above.
This won't be for heavy traffic, it's for proof of config.
Thanks,
Stuart
First set up a guest network. Since the guest network is a bridge you can add more physical connections to it. It does not necessarily have to have a local wifi AP. There are several pages in the OpenWrt wiki about guest networks here is one of them, though it looks like it is for an old version.
Tagged and untagged packets on the same port does not always work with consumer hardware. It is better (in both a consumer and enterprise situation) to make the cable a true trunk with all VLANs tagged.
The web Network-Switch page makes setting up VLANs simpler. On the page click Add at the bottom and number your new VLAN 254. Make it tagged both on the trunk cable and the CPU. Also change the trunk cable in VLAN 1 from Untagged to Tagged. Then go to the network edit, physical settings and note that there is a new device in the list eth0.254. Attach that to the guest network.
Some older switch chips have problems with VLAN numbers higher than 16 or 128. This can be worked around with CLI setting both option vlan and option vid. Or, if you have the choice use only low VLAN numbers in your network.
Hi mk24. Thanks for that, for now I need to try with the layout I mentioned before, as this needs to be tested with this config.
No WiFi so far, just the switchports and wan connection:
root@OpenWrt:~# uci export network
package network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd0:f350:7cd2::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.0.1'
option delegate '0'
config device 'lan_eth0_1_dev'
option name 'eth0.1'
option macaddr '34:08:04:cd:53:d0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_eth0_2_dev'
option name 'eth0.2'
option macaddr '34:08:04:cd:53:cb'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
option max_length '3'
option enable_vlan4k '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '9t 0 1 2 3'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '9t 4'
config interface 'lan2'
option proto 'static'
option ifname 'eth0.1'
option type 'bridge'
option ipaddr '10.254.254.1'
option netmask '255.255.255.0'
option delegate '0'
list dns '192.168.1.1'
option gateway '192.168.1.1'
config switch_vlan
option device 'switch0'
option ports '9t 0t'
option vlan '10'
root@OpenWrt:~#
How's that look?
Cheers,
Stuart
lan2 needs to be a different VLAN such as eth0.10 not eth0.1 which is already in use by the regular lan.
It is implied that the gateway of a lan network will be this router. Don't specify gateway in lan sections when there is lan to wan routing. Also the DNS setting will be locally this router and that DNS server already will recurse to the wide area DNS picked up from the wan, so don't specify dns in a lan section either.
It appears you intend to use switch port 0 for the trunk so make it tagged in both VLAN 1 and VLAN 10.
Hi Mk24,
Here's the vlan setup:
I saw in documentation that vlan 2 is for the WAN connection, so vlan 10 was added.
vlan 10 is in place of 254.
Cheers,
Stuart
It is correct, however I'd recommend to avoid the untagged+tagged mix.
Configured, up and running.
namaste
Now to tackle the arcane language of the ACL...
Cheers, folks.
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks, this case is now solved, but not by me, by the ppl below.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
