Configuration Wan<->LAN + Guest Wifi + Home Wifi

Hello,

I'm working on a DIR600-B6E (4LAN + 1WAN) and looking to bridge WAN and LAN like switch, and add two wireless to it (Guest + Home).

In first, i've made my home WIFI, without any problems, and put in on LAN interface

i've try to make the Guest-Wireless, without any problems on WAN:
I've created it with this guide
Guest Wireless is working well if i put it on WAN
(How i've try it? i've plug WAN on LAN with cable ...)
-> If i want to have it on LAN switch, i've just to made following change ? :
set firewall.${FIREWALLZONE}_fwd.dest=wan
to
set firewall.${FIREWALLZONE}_fwd.dest=lan

To have LAN with WLAN working, i've just to change VLAN, and ADD WAN on my first VLAN (tagged) and remove 2nd VLAN ? (Tried, not working)

On the Lan Switch (4 Ports) there is no 'firewall' or any rules on it ? Because my freebox don't like to be on the LAN switch of the DIR600, but work well if i add an other NetGear switch.

Thanks for your reading.

Hum ... Sorry maybe too much questions here.
I'm still trying and hope to have it working soon.

Anybody know how to do for the VLAN ?
I've try to create a VLAN 100, TAG port 1,2,3,4 and CPU, and bridge my LAN interface with eth0.100
Seems working, but TV seems to have some freeze every 2-3 seconds

There is no "firewall" on the switch itself. It only looks at Ethernet frames, not the traffic inside of them.

tcpdump (from tcpdump-mini) would be a good tool to see if the packets you expect are flowing to/from the TV or not.


On VLANs, one thing that may catch you is that the vlan configuration item, from what I can tell, basically creates an entry in a table that happens to have its "real" tag and PVID set to the same numeric value. If the UCI entry for VLAN is outside the range of what your switch supports, the results may not be what you expect.

On this Archer C7, there are only VLANs up to 127 available. Some devices have significantly fewer

jeff@office:~$ swconfig dev switch0 help
switch0: ag71xx-mdio.0(Atheros AR8327), ports: 7 (cpu @ 0), vlans: 128
     --switch

You can configure higher-numbered VLANs. You just need to specify the VLAN tag and PVID explicitly. For example

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '1000'
        option ports '6t 1t 2 3 4 5'
config switch_port
        option device 'switch0'
        option port '5'
        option pvid '3'
        option enable_eee '1'

I'm going crazy ...

The working setup is: Freebox V6 => Switch Netgear => Afoundry EW1200 => Freebox Player
The setup not working is: Freebox V6 => Dir600 B6E => Afoundry EW1200 => Freebox Player

What is Crazy ? The EW1200 is on OpenWRT, and no problems ...
(EW1200 configuration is Dumb Access point, same as Dir600 ...)
So, why my Dir600 is the problem ?

Configuration of the switch for EW1200:

root@LEDE:~# swconfig dev switch0 show
Global attributes:
        enable_vlan: 1
        mib: Switch MIB counters
PPE_AC_BCNT0: 0
PPE_AC_PCNT0: 0
PPE_AC_BCNT63: 0
PPE_AC_PCNT63: 0
PPE_MTR_CNT0: 0
PPE_MTR_CNT63: 0
GDM1_TX_GBCNT: 0
GDM1_TX_GPCNT: 0
GDM1_TX_SKIPCNT: 0
GDM1_TX_COLCNT: 0
GDM1_RX_GBCNT1: 0
GDM1_RX_GPCNT1: 0
GDM1_RX_OERCNT: 0
GDM1_RX_FERCNT: 0
GDM1_RX_SERCNT: 0
GDM1_RX_LERCNT: 0
GDM1_RX_CERCNT: 0
GDM1_RX_FCCNT: 0
GDM2_TX_GBCNT: 0
GDM2_TX_GPCNT: 0
GDM2_TX_SKIPCNT: 0
GDM2_TX_COLCNT: 0
GDM2_RX_GBCNT: 0
GDM2_RX_GPCNT: 0
GDM2_RX_OERCNT: 0
GDM2_RX_FERCNT: 0
GDM2_RX_SERCNT: 0
GDM2_RX_LERCNT: 0
GDM2_RX_CERCNT: 0
GDM2_RX_FCCNT: 0

Port 0:
        mib: Port 0 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 0
TxMulti    : 0
TxBroad    : 0
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 0
Tx65Byte   : 0
Tx128Byte  : 0
Tx256Byte  : 0
Tx512Byte  : 0
Tx1024Byte : 0
TxByte     : 0
RxDrop     : 0
RxFiltered : 0
RxUni      : 0
RxMulti    : 0
RxBroad    : 0
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 0
Rx65Byte   : 0
Rx128Byte  : 0
Rx256Byte  : 0
Rx512Byte  : 0
Rx1024Byte : 0
RxByte     : 0
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 1
        link: port:0 link:down
Port 1:
        mib: Port 1 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 0
TxMulti    : 0
TxBroad    : 0
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 0
Tx65Byte   : 0
Tx128Byte  : 0
Tx256Byte  : 0
Tx512Byte  : 0
Tx1024Byte : 0
TxByte     : 0
RxDrop     : 0
RxFiltered : 0
RxUni      : 0
RxMulti    : 0
RxBroad    : 0
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 0
Rx65Byte   : 0
Rx128Byte  : 0
Rx256Byte  : 0
Rx512Byte  : 0
Rx1024Byte : 0
RxByte     : 0
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 1
        link: port:1 link:down
Port 2:
        mib: Port 2 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 23967034
TxMulti    : 879198
TxBroad    : 150026
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 118104
Tx65Byte   : 1007507
Tx128Byte  : 3391506
Tx256Byte  : 999201
Tx512Byte  : 6599
Tx1024Byte : 19473341
TxByte     : 27989808055
RxDrop     : 0
RxFiltered : 120
RxUni      : 4598922
RxMulti    : 30594
RxBroad    : 914
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 13109
Rx65Byte   : 72806
Rx128Byte  : 3845312
Rx256Byte  : 696983
Rx512Byte  : 1249
Rx1024Byte : 971
RxByte     : 821985142
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 1
        link: port:2 link:up speed:1000baseT full-duplex
Port 3:
        mib: Port 3 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 10737350
TxMulti    : 117039
TxBroad    : 72981
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 125266
Tx65Byte   : 5853041
Tx128Byte  : 3929381
Tx256Byte  : 920896
Tx512Byte  : 42567
Tx1024Byte : 56219
TxByte     : 1468074501
RxDrop     : 0
RxFiltered : 7880
RxUni      : 46258368
RxMulti    : 1045151
RxBroad    : 174597
RxAlignErr : 0
RxCRC      : 10
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 13
Rx64Byte   : 219184
Rx65Byte   : 1396734
Rx128Byte  : 3459310
Rx256Byte  : 1107633
Rx512Byte  : 126893
Rx1024Byte : 41168385
RxByte     : 61042950266
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 1
        link: port:3 link:up speed:100baseT full-duplex
Port 4:
        mib: Port 4 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 0
TxMulti    : 0
TxBroad    : 0
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 0
Tx65Byte   : 0
Tx128Byte  : 0
Tx256Byte  : 0
Tx512Byte  : 0
Tx1024Byte : 0
TxByte     : 0
RxDrop     : 0
RxFiltered : 0
RxUni      : 0
RxMulti    : 0
RxBroad    : 0
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 0
Rx65Byte   : 0
Rx128Byte  : 0
Rx256Byte  : 0
Rx512Byte  : 0
Rx1024Byte : 0
RxByte     : 0
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 2
        link: port:4 link:down
Port 5:
        mib: Port 5 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 0
TxMulti    : 0
TxBroad    : 0
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 0
Tx65Byte   : 0
Tx128Byte  : 0
Tx256Byte  : 0
Tx512Byte  : 0
Tx1024Byte : 0
TxByte     : 0
RxDrop     : 0
RxFiltered : 0
RxUni      : 0
RxMulti    : 0
RxBroad    : 0
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 0
Rx65Byte   : 0
Rx128Byte  : 0
Rx256Byte  : 0
Rx512Byte  : 0
Rx1024Byte : 0
RxByte     : 0
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 0
        link: port:5 link:down
Port 6:
        mib: Port 6 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 22283954
TxMulti    : 1075745
TxBroad    : 175509
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 22
Tx64Byte   : 22
Tx65Byte   : 913289
Tx128Byte  : 412477
Tx256Byte  : 395493
Tx512Byte  : 125373
Tx1024Byte : 21688577
TxByte     : 33341262030
RxDrop     : 0
RxFiltered : 5626976
RxUni      : 6140204
RxMulti    : 4725420
RxBroad    : 1059723
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 246743
Rx65Byte   : 8085926
Rx128Byte  : 1782536
Rx256Byte  : 1689917
Rx512Byte  : 64221
Rx1024Byte : 56004
RxByte     : 1732398508
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 0
        link: port:6 link:up speed:1000baseT full-duplex
Port 7:
        mib: Port 7 MIB counters
TxDrop     : 0
TxCRC      : 0
TxUni      : 0
TxMulti    : 0
TxBroad    : 0
TxCollision: 0
TxSingleCol: 0
TxMultiCol : 0
TxDefer    : 0
TxLateCol  : 0
TxExcCol   : 0
TxPause    : 0
Tx64Byte   : 0
Tx65Byte   : 0
Tx128Byte  : 0
Tx256Byte  : 0
Tx512Byte  : 0
Tx1024Byte : 0
TxByte     : 0
RxDrop     : 0
RxFiltered : 0
RxUni      : 0
RxMulti    : 0
RxBroad    : 0
RxAlignErr : 0
RxCRC      : 0
RxUnderSize: 0
RxFragment : 0
RxOverSize : 0
RxJabber   : 0
RxPause    : 0
Rx64Byte   : 0
Rx65Byte   : 0
Rx128Byte  : 0
Rx256Byte  : 0
Rx512Byte  : 0
Rx1024Byte : 0
RxByte     : 0
RxCtrlDrop : 0
RxIngDrop  : 0
RxARLDrop  : 0

        pvid: 0
        link: port:7 link:down
VLAN 1:
        vid: 1
        ports: 0 1 2 3 6t
VLAN 2:
        vid: 2
        ports: 4 6t

Configuration of the DIR600:

root@LEDE:~#  swconfig dev switch0 show
Global attributes:
        enable_vlan: 1
        alternate_vlan_disable: 0
        bc_storm_protect: 0
        led_frequency: 0
Port 0:
        disable: 0
        doubletag: 0
        untag: 1
        led: 5
        lan: 1
        recv_bad: 0
        recv_good: 0
        tr_bad: 0
        tr_good: 0
        pvid: 1
        link: port:0 link:down
Port 1:
        disable: 0
        doubletag: 0
        untag: 1
        led: 5
        lan: 1
        recv_bad: 0
        recv_good: 34883
        tr_bad: 0
        tr_good: 61709
        pvid: 1
        link: port:1 link:down
Port 2:
        disable: 0
        doubletag: 0
        untag: 1
        led: 5
        lan: 1
        recv_bad: 0
        recv_good: 21674
        tr_bad: 0
        tr_good: 5596
        pvid: 1
        link: port:2 link:down
Port 3:
        disable: 0
        doubletag: 0
        untag: 1
        led: 5
        lan: 1
        recv_bad: 0
        recv_good: 49032
        tr_bad: 0
        tr_good: 35565
        pvid: 1
        link: port:3 link:up speed:100baseT full-duplex
Port 4:
        disable: 0
        doubletag: 0
        untag: 0
        led: 5
        lan: 0
        recv_bad: 0
        recv_good: 0
        tr_bad: 0
        tr_good: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        disable: 1
        doubletag: 0
        untag: 0
        led: ???
        lan: 1
        recv_bad: 0
        recv_good: 0
        tr_bad: 0
        tr_good: 0
        pvid: 0
        link: port:5 link:down
Port 6:
        disable: 0
        doubletag: 0
        untag: 0
        led: ???
        lan: ???
        recv_bad: ???
        recv_good: ???
        tr_bad: ???
        tr_good: ???
        pvid: 0
        link: port:6 link:up speed:1000baseT full-duplex
VLAN 1:
        ports: 0 1 2 3 6t

I've try many things, nothing working.
I've just saw something, it's possible that the problems is between EW1200 and DIR600 ?

I jump from my seat, and remove EW1200, add the netgear switch and try ...
(Freebox V6 => DIR600 B6E => Netgear Switch => Freebox Player)
Still the same, not working.

I've done some test, on LEDE factory settings:
Try to ping my EW1200 behind my DIR600 : Not Wokring
Try to connect on the access point of DIR600: i can ping Freebox V6, but not EW1200
Try to connext on the access point of EW1200: Can't ping DIR600 or Freebox V6
(Freebox V6 => DIR600 B6E => Afoundry EW1200 => Freebox Player)

So i think there is a problem on my DIR600, with the switch

I agree.

It seems you want SSIDs, one to appear on WAN and one on LAN.

  • FIrst, WAN on most OpenWRT devices (usually eth0.2/VLAN 2) is not configured on a bridge, you have to add it to a bridge in order to connect it to the WiFi card
  • Ensure your device can do SSIDs from different VLANs
  • You then add one SSID to LAN, and the other to WAN