IPQ40xx Switch Config "Strangeness"

Hi Thomas
I have a Meraki MR33 with the IPQ4029. It does not recognise Alan tagging from what I can tell. My MAC with VLAN1, 100 and 200 can see the VLANS trunked on my switch coming from a WRT32X, but it can only see VLAN1 on the MR33. I'm no expert on OpenWRT and customer build configs, though I have a build environment set up and ready to compile. Is there any way I can patch the IPQ4029 (using DSA on a snapshot) so that it will recognise the VLANS? Help?

1 Like

hi on 19.07.2 this simple vlan for wan2 worked ok, now on 19.07.4 does not work.

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '1'
	option ports '4 3 2 0'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '0t 1 5'

config interface 'wanb'
	option ifname 'eth0.2'
	option proto 'dhcp'

Yes the issue with the VLAN is still here, on my MR8300, manual conf doesn't work and from Luci, the router will disconnect from the network (I am using VLAN 100)

Can someone say if I can use the wan port for vlan tagging? I used openwrt master with 5.4 kernel and just doing eth1.42 worked without configuring the switch.

Now I realized the 5.4 kernel is broken on the IPQ40XX. Every time I receive something on the wan port the throughput stays at 1.5 Mbit/s. Sending has no issues.

I can not easily get to this router again, so I don't know what happens if I just flash master with 4.19 kernel. If everything breaks, that would be very problematic. :confused:

I just got vlan tagging on wan port in my EA8300 with OpenWRT 19.03 unomodified and this config:

config interface 'wan'
        option type 'bridge'
        option proto 'pppoe'
        option username 'ONHxxxx@vodafone'
        option password 'xxxx'
        option ipv6 '0'
        option ifname 'eth1.100'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0 1 2 3 4'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '100'
        option vid '100'
        option ports '0t 5t'

got it thanks to this post by jeff:
https://forum.openwrt.org/t/solved-vlans-on-ipq40xx-alternative-config-for-fritzbox-4040/41832/4

Are u sure that u can just put the wan port on vlan 100? (even if it is trunked)

I didn’t try adding more VLANs to my LAN ports. My ISP only accepts the PPPOE connection if the WAN traffic is VLAN tagged with vlan 100. And with that config it finally worked.

Note that I also needed ifname eth1.100 in the WAN config. Both that setting and the switch0 setting to mark port 5 as tagged were neccesary.

Interesting that u use eth1 instead of eth0.

In my Linksys EA8300, eth1 is the WAN port assigned to port 5 in the internal switch. eth0 is for LAN and ports 0-4, and I don't want to VLAN tag any LAN ports (as I said my objective was to VLAN tag the WAN port so my ISP would accept the PPPOE connection).

Hi,

exists the possibility to use the Vlan tag 2? My ISP require it for the WAN.

FYI: I made a PR that adds a kernel flag to restore the "old" behavior. Lets see if it will be merged.

So, if I could apply that to my openwrt master branch, I'd be able to use the old switch0 vlan syntax in /etc/config/network again, for the ea8300?
How can I "test" this PR in the openwrt master branch? I'm not a github guru, sorry!
Thanks.

In the image-builder just do

curl https://github.com/openwrt/openwrt/commit/ced3840240e4095085706b3f9622c85ea646c33e.patch | git am 

Then do make clean and make target/linux/clean and compile again.

If this patch gets accepted as it is, port isolation will be default again.

Thanks. That works a treat.
I see now you can also do:
git fetch origin pull/3596/head:pr3596
git checkout pr3596

I have a GL-S1300 and had the same question as @JFlo. After mucking around all morning wondering why my vlan id=2 setting was not working for WAN, I found this thread.

I am using OpenWrt SNAPSHOT, r14966-7330348f2d (Linux 5.4.75), and for this version it's possible to reassign the internal vlan id used for the virtual wan interface. I changed it from 2 to 3 with sysctl:

# /etc/sysctl.conf

# Use vlan id=3 for virtual wan interface hack.
net.edma.default_group2_vlan_tag=3
net.edma.default_wan_tag=3

Then I set up my switch like this (port 0 is cpu and port 5 is wan):

# /etc/config/network

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

# this vlan is used internally by the driver for lan
config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '0t 1 2 3 4'

# this vlan is the one my isp requires for pppoe
config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'
        option ports '0t 5t'

# this vlan is used internally by the driver for wan
config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '3'
        option ports '0t 5'

Thanks!

1 Like

I tested the vlan tag 2 with the current stable release 19.07.5.
Now it's possible to use vlan 2 together with the wan port, but the performance is only about 65% of the stock Asus firmware.

A "for me too" posting from me as I was directed here from my thread

The hardware is a D-Link DAP-2610 (got it wrong in the initial posting over there) and I would like to ask what I can try to make VLANs work with that hardware.

Checkout this link:

Thanks, will do.
In the meantime I made progress and got 3 VLANs working, I assume.
Right now I am waiting for the (remote) tester of the Wifis bridged to the interfaces.
I can't test that myself as I am a few hundred kms away from that hardware (yeah, that makes configuration extra fun).
In a few hours I should know more.