Hey everyone,
A newbie here. I am trying to create a setup with 4 VLANs passed on the WAN side and 3 VLANs on the LAN PORT 1. The device connected on PORT1 will get IP via DHCP and will run traffic on 3 VLANs.
Can someone help me with what should be my config in this case?
What specific device is this? Are the WAN and LAN ports on a common switch inside that hardware, or are they on routed ports?
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
Use the swconfig package - it's only compatible with specific chipsets.
ubus call system board
{
"kernel": "4.4.60",
"hostname": "OpenWrt",
"system": "ARMv7 Processor rev 4 (v7l)",
"model": "Qualcomm Technologies, Inc. IPQ5018\/AP-MP03.3",
"release": {
"distribution": "OpenWrt",
"version": "Chaos Calmer",
"revision": "eea552a+r49254",
"codename": "chaos_calmer",
"target": "ipq\/ipq50xx",
"description": "OpenWrt Chaos Calmer 15.05.1"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'auto'
config switch
option name 'switch0'
config interface 'lan'
option ifname 'eth1'
option force_link '1'
option type 'bridge'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option multicast_querier '0'
option igmp_snooping '0'
config interface 'wan'
option ifname 'eth0'
option proto 'dhcp'
config interface 'wan6'
option ifname 'eth0'
option proto 'dhcpv6'
Time to upgrade. This old version is unsupported and has many known and actively exploited security vulnerabilities.
This seems like it may be a vendor specific firmware, not an official OpenWrt version. This means you should probably ask whoever made this device.
It appears that you have two routed ports here. This means that the only way to get the VLANs to pass through from the wan port to the lan port is to setup a bridge. This may drastically impact performance and is not recommended. Additionally, I don't remember how to do a bridge like this for such an old version -- methods used in modern versions (21.02 and 19.07) may not work with your old device.
Consider instead using a managed switch for this purpose. Or get a new device that has a built-in switch and can run an up-to-date version of OpenWrt.
For reference, the configuration would be roughly like this:
config interface vlan1
option type bridge
option ifname "eth0.1 eth1.1"
option proto static
option ipaddr 192.168.1.1
option netmask 255.255.255.0
config interface vlan2
option type bridge
option ifname "eth0.2 eth1.2"
option proto static
option ipaddr 192.168.2.1
option netmask 255.255.255.0
config interface vlan3
option type bridge
option ifname "eth0.3 eth1.3"
option proto static
option ipaddr 192.168.3.1
option netmask 255.255.255.0
config interface vlan4
option ifname eth0.4
option proto dhcp
If you do not need IP addresses on the router, use proto none instead of proto static and omit the ipaddr and netmask options. Note that the "vlan4" interface is not a bridge but that it terminates on the local system and acting as DHCP client; adjust as needed.
You also need to remove the preexisting "lan" and "wan" interfaces or adjust them accordingly. Also keep in mind that the firewall configuration might need changes since it refers to the "lan" and "wan" interface names.
Check the target, to my knowledge it has never been supported by OpenWrt (it wasn't even around when 15.05 got released). So 100% vendor SDK.
…and with a very 'temperamental' switch hardware/ driver implementation.