OpenWrt behind FAI Network

I have a problem :slight_smile:

I have this config

                       ----->OpenWRT ( TPLink ARCHER V2 ) --> server ( 192.168.1.100)  
                     /
   FAI -> swicth 
                     \
                        ------->HOME  LAN ( 192.168.0.xxxx )

Here is my conf

FAI switch is plugged on Routeur WAN port
Server is plugged on Routeur LAN2

I wish to make on bridge between Routeur WAN to LAN

IS that a good conf :

thanks for reading , sorry for my poor English

1 Like

thanks @vgaetera , but I have firewall rules for my server I want to keep , betweeb WAN and Lan server

So , as I understand, your link is not appropirate

A couple more options:

  • Forward ports from OpenWrt WAN to the server.
  • Connect the home LAN to LAN1.

Assuming you want to reach the server from the home LAN.
Or, perhaps you want to achieve something else?

If you want to reach your server from your home lan I'd suggest exchanging LAN & WAN on the router, as you can always reach wan from lan not the other way round (at least that is true for the standard NAT setup)

Yeah you're right :grin:
In fact I want to bĂŠ sure that my configuration is the good one.

Unfortunetly, I m not sure I understand VLAN concept !
If you look at the first picture , can you explain what the VLAN will do / improve / prevent ?

It makes possible to split and filter traffic, e.g. between LAN1 and LAN2:
https://openwrt.org/docs/guide-user/network/vlan/creating_virtual_switches

A voan is like dividing your switch in smaller switches:

A port that has untagged on vlan 2 is a normal port carrying only signals of vlan2, thus it is off for vlan1 and vice versa.

Tagged ports attach to each dtat packet moving out a tag withthe vlan number it originated from.

On the other side the cpu or another vlan aware switch can read the tags and treat each packet according to the vlan it comes from.

That also means one portto the cpu can be split to several logical ports via vlans.

In your above example both cpu ports carry vlan 1 and 2
Lan port 1 is disabled
Lan ports 2 and 3 are part of vlan 1
The wan port is part of vlan 2

I hope this helps you understand vlans a bit better :wink:

1 Like

Thanks for your replies.
So , do I need several VLAN for my configuration ?
I mean I only want to bridge WAN to LAN, 2 VLAN are necessary ?

You already have 2 VLANs as shown in the OP, add another one to split LAN1.

Hello,

Can you tell me il there is a speed limit on the WAN port ?
My bandwith is never higher than 18Mb /s , it should be 60Mb , and I don't know why