Interfaces - VLAN - Switch relationship confusion

Greetings all,

on my router, I have the following devices on the lan interface: (i) br-lan, (ii) eht0, (ii) eth0.1, (iv) eth1. As best as I understand, the eth0 is the (part of?) the CPU controlling the network, i.e., the LAN ports, eth1 is the (part of?) the CPU controlling the network, i.e., the WAN port.

The virtual device eth0.1 is a VLAN 1 defined on the eth0. It is unclear why it was created automatically. I have verified this by re-setting the router several times with the same result.

I also observed that the VLAN 1 is (automatically) added to the Network - Switch, and probably by the operation of the the virtual device br-lan bridges all the ports into the eth0.1 VLAN.

So,how do I go about creating more VLANs? Do I created them as eth0.X in the Network - Interfaces - Devices, or in the Network Switch, or both? Or, am I completely confused?

Kindest regards,

M

There is model dependency to the explanation, and this assumes that the device uses swconfig (not DSA) for addressing the switch.

In your case, the CPU has two ethernet ports -- eth0 and eth1. As you noted, eth1 is connected to the wan port. In some cases, this may be a direct connection, but in others it actually might be a second connection to a build in swithc chip.

Anyway, as far as eth0 is concerned -- the switch chip inside your device is vlan aware. As such, the switch has been configured (by default) to use VLAN ID 1 for the lan. This uses tagged VLAN 1 (which is why you see eth0.1 -- the .1 part is the VLAN ID and this will be tagged as part of the dotted notation method) between the CPU and the switch. The switch is then configured such that the physical lan ports on your device are (by default) access ports for VLAN 1 (untagged; basically 'normal' ethernet ports.)

That's really the whole of it... but the cool thing is that it's really easy to setup multiple VLANs on the switch this way, so if you want to have different subnets connected to the ethernet ports, it's really simple to add additional VLAN IDs and they'll be accessable to the CPU as eth0.x and configurable on the switch as access ports and/or part of a trunk (carrying multiple networks over a single port/cable).

2 Likes

your observation is correct and eth0.1 is automatically created and is internal only in the default config i.e. it will be stripped of its VLAN tag when it leaves the ports so your computer doesn't need to be VLAN aware to connect to the device.

1 Like

Greetings psherman, papdee,

thank you for your replies and the confirmation that I am not a complete idiot.

Now, to the question of how to add the additional VLANs, as eth0.X in the Network - Interfaces - Devices, in the Network Switch, or both? It seems that the VLAN(s) configuration can be done either via Bridge VLAN Filtering or by settings at the switch, but not both as the configuration could be inconsistent.. Is one preferable over the other?

Another question prompted by your clause:

Does it make a difference from a user perspective?

Kindest regards,

M

Your device clearly uses swconfig.

Yes... and no.

  • totally different syntax.
  • But same end result and functionality when you do it correctly.

You'll use the older swconfig syntax to add VLANs. Bridge-VLANs are really a DSA concept (although it may be possible to get them to work on swconfig, I wouldn't recommend even trying).

Hi psherman,

thank you for the reply, it is very valuable.

Now I need to read about the difference and how the difference manifests itself in LuCI.

Kindest regards,

M