I am trying to setup an OpenWrt openwrt-19.07.7-x86-generic-combined-ext4.img.gz. with a single network interface and a TP-Link TL-SG108E smart switch. I had everything working smoothly with one client PC connected to the switch. The next day, I connected the rest of my network and can no longer reach the internet. I completely started over by resetting the switch and reinstalled OpenWRT. For some reason, I cannot get back on the internet with the setup that was working initially. I have been having annoying internet issues for several week that I think is due to the cable company's modem (Spectrum) but they do not see any problems on their end. Is there a way to setup another PC as a "dummy" ISP that will provide an "external" IP address? My thinking is that if the dummy setup works, then there is an issue with Spectrum modem or service in general. Thanks for taking a look at this.
The problem is likely that the SG-108 management interface took your single public IP from the cable line. The switch management listens on all VLANs (a huge security don't, but there's no way to turn that off). So set the SG108 to a static IP in your LAN, not DHCP.
Also turn off the loop detection since the modem will latch to the first MAC address it hears and that will be the loop detection packets from the switch. Found that out the hard way. Took a week to debug remotely over the phone.
I disabled DHCP on the switch and set the IP address to one inside and outside the address pool. I also disabled loop detection. Unfortunately, I am still not getting to the internet.
Did you do the cable modem dance?
- turn off modem
- turn off router
- turn on router
- wait 40 seconds or so
- turn on modem
This procedure clears the MAC address lock on the modem.
Also if you're using the switch on the WAN side you must put the port connected to the modem in its own VLAN.
Some cable companies require leaving the modem off (unplugged) for 30 minutes to forget the last MAC and be ready to issue an IP to a new router.
I am on the internet but with some issues- mainly some websites load very fast and others aren't found. Usually if I click Try again, they will load. I can't get a ping response from Google.com
My current setup is this:
Modem connected to Port 1 on switch. Single NIC x86 connected to Port 2 on switch. Ports 3-8 are LAN ports.
On the TL-SG108E
Static IP address set outside the IP pool of the x86.
Loop Prevention is disabled.
802.1Q VLAN
802.1Q PVID
In OpenWrt
Interfaces
WAN eth0.10
LAN br-lan (eth0)
Interfaces > WAN > Advanced Settings tab
Checked Use Broadcast Flag.
Custom DNS servers set at 1.0.0.1 and 1.1.1.1
Based on dlakelan's post, I probably need to tweak the VLAN settings. How?
I don't know how to read your data, but I think you have VLAN 10 as the WAN untagged and the modem plugged into port 1... with port VID on port 1 = vlan 10
Now the router is plugged to port 2. So port 2 should be tagged for vlan 1 and 10, and eth0.1 is your LAN and eth0.10 is your WAN on OpenWrt. With all that in place, it should work with an appropriate reboot.
I think what you need to do is make port 2 tagged for vlan 1 and 10.
Yes the only port that should be tagged is 2, it should be tagged in both VLANs and untagged in none. Port 1 is untagged in 10 and its PVID must be 10. Similarly the lan ports 3-8 are untagged in VLAN1 and PVID 1. I don't think the PVID of port 2 matters since your router should never send an untagged packet to it anyway. This is done on the router by making lan eth0.1 and wan eth0.10, and not having plain eth0 on any network.
I added pictures to my previous post to make it clearer.
I changed the LAN interface to eth0.1 and is bridged. On the switch, I now have:
VLAN
PVID is the same as previous.
I am very new to this, but this seems to be more logical. So, in the future, if I wanted to take out one of the LAN ports (say 8) and connect WAN of another router for a completely separate network, would I remove it from VLAN 1 and tag it in say VLAN 80 with 1 untagged and then PVID of port 8 is 80?
That doesn't seem quite right and I'm not sure what would be.
Also would it be better to take 2-8 out of the built-in default VLAN 1 and put in VLAN 2 and generally avoid the Default?
Yes that configuration looks right.
In order for any traffic to flow through the switch, every VLAN needs at least two ports in it. I'm not sure what you mean by having the WAN of a separate router. A better example would be a guest network. Here you could have a desktop PC for guests connected to port 8 (untagged), which switches back to the main router on port 2 (tagged). There would be a new VLAN in the switch (80) and a new network in the router connected to eth0.80. The VLAN number really wouldn't matter as long as it is the same in the switch and the router.
Since the SG-108E management interface listens on all VLANs there isn't anything special about VLAN 1. Though VLAN 1 can't be deleted, you can remove all ports from it.