What is the easiest way to convert LAN1/2/3/4 into separate devices so that I can put them in one bridge and then use ebtables to isolate them? I used to do this with VLANs in 19.07, but am not having any success in 21.07 with DSA.

Disable L2 offload on DSA is not possible on kernel 5.4, which means you can't use ebtables to filter the traffic, unfortunately.

Is it possible to create an interface for each LAN1/2/3/4 port (hoping no VLANs are needed in this case)? Then I could use a firewall zone to control communications between interfaces.

You can with DSA make a device for each 4 (5 with WAN) ports and specify an interface for each device.

Thx, I have ended up creating three interfaces lan2/lan3/lan4 while disabling forwarding the lan zone and it all worked.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.