How Well Does the Linksys EA6350v3 Work With OpenWrt?

Hi

I've just bought a second hand Linksys EA6350v3 and I saw there was support for OpenWrt.

I'm currently expanding my wireless coverage and I'm hoping to connect this wireless router to my VLAN trunk and then split the two LANs into two interfaces. I was looking over the Add support for Linksys EA6350 v3 thread and I was wondering the verdict was in regards to the VLAN support on this router? Ideally the trunk would come into the router via the WAN port. Could someone clarify on this please?

Another member mentioned they had problems loading Instagram and other websites using it as simple AP. Did this ever get fixed or did they find a solution?

I'm also hoping to use wpad-openssl to bridge my Linksys WRT1900ACS and EA6350v3. I don't really need anything fancy from the Linksys EA6350v3 other than receiving a VLAN trunk and routing the VLANs to their designated interfaces with an AP setup for each.

The EA6350v3 is fully supported. In fact, it's one of the most recommended devices since Escalion and I added support for it at the beginning of the year.
Still, it's facing the same VLAN issues as all of the IPQ401x regarding to VLAN in LuCI and the inability to use vlans 1 and 2, which are indeed forced by the driver.
In the sake of completeness, I added a couple of patches (not mine, patches from Christian Lampeter) which never reached upstream and by what other users of my build told me, it works fine using those patches.
The problem is that it requires a custom kernel and a custom network detection script, both such things can only be done by building an image itself.
I won't self publicity myself anymore as I have a hater which is really noisy. I would recommend to try the default OpenWrt first and then try the build to compare results.


Edit: to be clear, my sole purpose is to give OpenWrt users options to choose!

5 Likes

Just be aware that there now is a(n unsupported) v4 hardware revision around (next to the never going to be supported v1 and v2); the marking is often hidden on the paper box (but should be visible on the bottom side of the device itself).

3 Likes

I'm running an EA6350V3 with a current snapshot as an AP and it runs fairly well. The Archer C7 it replaced had somewhat better 2.4GHz performance, but the EA6350v3 excels at 5G. It's getting VLANs (wired) from the main router, and running home WiFi, Guest WiFi, home LAN and home IOT devices on their respective isolated VLANs.

Every once and a while (~weekly?) the LUCI interface inexplicably craps out, lately with:

/usr/lib/lua/luci/dispatcher.lua:251: /etc/config/luci seems to be corrupt, unable to find section 'main'
stack traceback:
	[C]: in function 'assert'
	/usr/lib/lua/luci/dispatcher.lua:251: in function 'dispatch'
	/usr/lib/lua/luci/dispatcher.lua:144: in function </usr/lib/lua/luci/dispatcher.lua:143>

but previously with a complaint about a missing main config file section that was not missing. A simple reboot takes care of it. Minor annoyance that I expect will resolve itself within a few more commits.

1 Like

I take it this means VLAN 1 & 2 are dedicated to their respective interfaces WAN & LAN?

Does this mean as long as I use different VLANs I should be alright?

Yes.
Beware that the configuration needs to be done manually (LuCI does not work) and that a mistake will render the device unusable till it's restored to factory.

2 Likes

Not quite as scary as having to re-flash, as failsafe and restoring network defaults will get you back. However, your config should not touch VLANs 1 or 2 and, at least with the similar IPQ4019 in the EA8300, bridging the same VLAN across the “Internet” port and one or more of the “LAN” ports has “challenges”.

I trunk multiple VLANs on my EA8300s in my configurations.

1 Like

What physical port can be used as the trunk?

Would you mind sharing your VLAN config (etc/config/network) please so I can see how you've setup the four LAN segments? If you don't mind sharing it don't forget to scrub any personal information.

Many thanks in advance

Both/any can be used.

The problem seems to be that a bridge over the two sets, "Internet" port and the "LAN" ports, doesn't ARP properly. While I haven't dug into it yet, I believe it is due to there being two MACs involved, one for the "Internet" port and one for the "LAN" ports. My guess is that the bridge master responds to the ARP, which ends up being "wrong" for the other set.

I noticed you used the WAN (internet port) as the trunk.

Essentially if I left the WAN port as tagged across two VLANs such as 5 and 10 tagged to the CPU (eth0) and then bridged the interfaces to these VLANs e.g. eth0.5 and eth0.10 that should work right?

No, because eth0 is LAN.

My network configs follow. Nothing too fancy. I've not sorted out the VPN VLAN yet on the main router-the network file includes a work in progress Wireguard setup for now. MAC addresses and public keys have been replaced with blah.blah.blah.blah - probably unnecessary, and the exercise reminded me I should change the static IP's of my network to less uncommon, but still uncommon, addresses to thwart fingerprinting. So thanks for that.

My home set-up consists of a bridged modem feeding a main Edgerouter X that runs DNS and DHCP for all the VLANs. The Edgerouter ports have the home security system and two wired lines carrying the VLANs to AP's on the first and second floors of our house plugged into them. The Edgerouter X network file follows first for context, followed by the EA6350v3 network file:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix '2606:ed00:2:5910::/64'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option ipaddr '10.10.10.1'
	option ip6hint '0'

config device 'lan_dev'
	option name 'eth0.1'
	option macaddr 'blah.blah.blah.blah'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'dhcp'
	option peerdns '0'
	option dns '1.1.1.1 9.9.9.9'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr 'blah.blah.blah.blah'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'
	option peerdns '0'
	option dns '2606:4700:4700::1111 2620:fe::fe'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '1'
	option ports '1 2 3 6t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '0 6t'
	option vid '2'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '1t 2t 6t'
	option vid '10'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option ports '1t 2t 6t'
	option vid '20'

config switch_vlan
	option device 'switch0'
	option vlan '5'
	option ports '1t 2t 6t'
	option vid '30'

config switch_vlan
	option device 'switch0'
	option vlan '6'
	option vid '40'
	option ports '1t 2t 4 6t'

config interface 'GST'
	option proto 'static'
	option ifname 'eth0.20'
	option ipaddr '10.10.12.1'
	option netmask '255.255.255.0'

config interface 'IOT'
	option proto 'static'
	option ifname 'eth0.30'
	option ipaddr '10.10.13.1'
	option netmask '255.255.255.0'

config interface 'SEC'
	option proto 'static'
	option ifname 'eth0.40'
	option ipaddr '10.10.14.1'
	option netmask '255.255.255.0'

config wireguard_WRG
	option public_key 'blah.blah.blah.blah='
	list allowed_ips '0.0.0.0/0'
	list allowed_ips '::/0'
	option route_allowed_ips '1'
	option endpoint_host 'us1.wg.azirevpn.net'
	option endpoint_port '51820'

config interface 'VPN'
	option ifname 'eth0.10'
	option proto 'static'
	option ipaddr '10.10.11.1'
	option netmask '255.255.255.0'

and the EA6350v3 network file:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd4:d633:48ed::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0'
	option proto 'static'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option gateway '10.10.10.1'
	option ipaddr '10.10.10.2'
	option ip6hint '0'

config device 'lan_dev'
	option name 'eth0'
	option macaddr 'blah.blah.blah.blah'

config interface 'wan'
	option ifname 'eth1'
	option proto 'dhcp'
	option auto '0'

config device 'wan_dev'
	option name 'eth1'
	option macaddr 'blah.blah.blah.blah'

config interface 'wan6'
	option ifname 'eth1'
	option proto 'dhcpv6'
	option auto '0'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 2 3 0'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '0t 1t'
	option vid '10'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option ports '0t 1t'
	option vid '20'

config switch_vlan
	option device 'switch0'
	option vlan '5'
	option ports '0t 1t 4'
	option vid '30'

config switch_vlan
	option device 'switch0'
	option vlan '6'
	option ports '0t 1t'
	option vid '40'

config interface 'GST'
	option proto 'dhcp'
	option ifname 'eth0.20'
	option type 'bridge'

config interface 'IOT'
	option proto 'dhcp'
	option ifname 'eth0.30'
2 Likes

Thanks for that. I will have a look over so that I can digest it and work it out in my head; I usually work with LuCI so looking at the VLAN section straight from a config file won't click straight away.

Does anyone know if I can compile my own firmware for this router or is it a case of using the snapshot or 19.07.0-rc1 builds at the moment?

It's been on master for a long time, so if you want to build from source, take your pick of openwrt-19.07 or master. You might want to look at

$ git log --pretty=oneline --grep ipq40xx master ^openwrt-19.07 

to help you decide.

Of course you can; you always can. If you're just after including extra packages though, you might want to take a look at the image builder instead of the buildroot.

1 Like

Since looking for building a firmware yourself and because you're planning to use vlan... You might want to check this.

2 Likes

Is there a chance of getting this upstreamed? I think you were instrumental in adding device support into OpenWrt?

1 Like

Well, Christian Lampeter, the guy who made the commit (I did the patch and fixed the detection script which he forgot to do) indeed had authority to upstream the patch by himself. However, he didn't do.
Mostly because it fixes most of the ipq4018 devices but breaks most of the ipq4019.
In such a case, we have to wait not for OpenWrt but for the Linux kernel. Thy must have to find a way to fix it in a future kernel.

Or, as I did, apply an ad-hoc patch for your particular target.

2 Likes