Mapping ethernet ports to LAN vs. WAN

Is there a documentation on the wiki o the like explaining how OpenWRT on x86 maps the ethernet interfaces it finds to LAN vs. WAN functionality ?

AFAIK, i could even rename the name of ethernet interfaces on linux level (hve to remember how), so maybe that would be a way to have OpenWRT do what i want.

Right now my x86 box has eth0,eth1,eth2,eth3 and OpenWrt assigns eth1 as the WAN interface which is not very nice (you usually want the first or last interface to be WAN, also easier physically to distinguish then.

Would be good to know also if OpenWrt has a logic to recognize multiple WAN interfaces, as i want to make 2 of the ports separate WAN interfaces.

OpenWrt provides logical abstraction layer above physical interfaces.
It applies to network, firewall and most of the other service configurations.
So you basically have no need to operate physical interfaces.

  • First Interface LAN
  • Second Interface WAN
  • Others not configured, you have to configure/bridge them yourself
1 Like

thanks, vgaetera

I understand how to configure stuff with whats availale today, but its just plain ugly. The linux level names of interfaces often don't match whats on the outside label, and one would often like to change outside labels.
Then the logic of selecting simply the second interface as WAN is very limited.
Then LUCI simply calls in the GUI one interface WAN and all the others LANi.

All of these things can somehow be configured/changed under the hood, but its not documented. For eample someone told me where to find the LUCI piece that creates the labels. But i can't find that forum thread anymore sigh.

This is not only about making the router look "nice", its also to avoid misconfiguration that happens easily when one gets confused about all the strange mappings done between UCI, LUCI, linux, enclosure-labels.

I've got an 8 port switch on my desk behind a printer. I often want to know which port things are in. I found using a thermal label printer and sticking the label tape on top of the box was really useful, trunk, printer, access point, desktop, ATA, etc... :grin:

I am changing to UBNT switches/AP for L2 because they give me via their controller software a simple network wide visibility of whats connected to which wired port or AP/radio (MAC/IP/name). Pricey though.

Wish that other L2 switch vendors would wake up too, recognizing this type of diagnostics is needed even for home users price range.

uci -q delete firewall.lan_wan
uci set firewall.lan_wan="forwarding"
uci set firewall.lan_wan.src="lan"
uci set firewall.lan_wan.dest="wan"
uci commit firewall
/etc/init.d/firewall restart

So, there's no need for physical interface names when you define them once in the network config.
And even if you need to use physical interface names, the correct way is:

tcpdump -ni $(uci get network.wan.ifname) tcp port 853

Not sure exactly what you are explaining there, but my most simple problem is for example that i need the first ethernet to be the WAN to get the desired physical port assignment. How would i do that ?

LuCI > Network > Interfaces > WAN > Edit > Physical Settings > Interface > ... > Save & Apply

Make sure you understand what you are doing and be ready to perform factory reset if you mess the settings:
https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset

I do not if this works but following is worth a try.

find /etc/board.d/02_network

Search for your device name, append as needed or to something below? I previously had to try a few configuration before I could my WAN to the physical port I need.

ucidef_set_interfaces_lan_wan "eth1" "eth0"
ucidef_add_switch "switch0"
"0@eth1" "1:lan:3" "2:lan:2" "3:lan:1" "4:wan" "5@eth0"