I'm having trouble getting my VLAN setup working on DSA since I installed OpenWrt from the latest snapshot (kernel 5.4, which uses DSA).
My VLAN setup is fairly simple, this is how I had it before (on stock firmware, I never used OpenWrt swconfig):
switch0 contains eth1, eth2, eth3, and eth4.
It's given 192.168.1.0/24.
I configured switch-port eth1 to pvid 3, and switch-port eth3 & switch-port eth4 to pvid 2. Each pvid has its respective vif which has its own network (eg. 192.168.2.0/24) and stuff.
I have tried for some time to get it working on DSA, but I don't understand some aspects or how to do it properly. I've seen this GitHub pull but still have trouble adapting it to my setup (which I think might be a lot more simpler than the setups used there)
I found out that I have to install ip-bridge to use the bridge utility. Also I installed ip-full because the busybox version gives an error when running ip link set dev br-lan type bridge vlan_filtering 1. But that's pretty much it. I don't know what bridge v commands I need to run.
Anyway, to my understanding switch0 represents the same thing as br-lan I think? And I'm also not sure what I should add as ifname in /etc/config/network, would it be br-lan.2 for example?
I'm guessing the hotplug script which I need to make will run after /etc/init.d/network is started, so I'll just type the commands in the terminal for now and when I'm sure of my config I'll write it as a hotplug script (that way I can just reboot the device if I messed up my network connection).
Any help/guidance on how to setup the VLANs with the bridge utility and what I need to put as ifname for the new VLANs is appreciated. Thanks for any input.
Edit: Alright so I think I almost figured it out.
I have this:
bridge vlan
port vlan-id
eth1 3 PVID Egress Untagged
eth2 1 PVID Egress Untagged
eth3 2 PVID Egress Untagged
eth4 2 PVID Egress Untagged
br-lan 1 PVID Egress Untagged
2
3
/etc/config/network:
...
config interface 'vlan2'
option ifname 'br-lan.2'
option proto 'static'
option ipaddr '192.168.2.1'
option netmask '255.255.255.0'
config interface 'vlan3'
option ifname 'br-lan.3'
option proto 'static'
option ipaddr '192.168.3.1'
option netmask '255.255.255.0'
...
DHCP server is enabled on both of them.
HOWEVER, trying to connect to anything (eg. curl 1.1.1.1) from a device in one of the VLANs will get an error "Connection refused" except for the router SSH/webpage.
Messing around with the bridge vlan commands fixes it for one of the VLANs, but causes the other to fail, or cause both VLANs to fail except for the non-VLAN area, etc. I feel like I'm missing something very small but very crucial to get them all working at the same time. Does anyone know what I'm doing wrong?? I'm really not sure what I should be putting on br-lan, I've tried a combination of things but I haven't got it to work yet.