That is
config interface 'wan'
option proto 'dhcp'
option ifname 'eth0.2'
Also I noticed that you have multiple VLANs with same ports settings.
2 Likes
The VLAN configuration for this particular router is rather special and complicated, as it includes two different hardware switches (lantiq and realtek) just as well as connecting the dedicated rt3883 WLAN SOC via (wired!) VLAN as well, with lots of implicit VLAN requirements. It's not an easy or beginner friendly device.
2 Likes
@Hegabo and @mk24
I am ashamed. That was too easy. It works. Thank you!!
I only tried eth0.1.
@slh
That's why I do not understand the many VLANs myself.
Is it possible to assign LAN port 1 - 4 different VLANs?
As far as I can see, all LAN ports are summarized as an interface. Probably I can not differentiate but would have to connect a switch with VLAN tagging on the router?
Yes, but not in a particularly straight forward way (as different ports are on different switches), you'll need to read the thread on the archived forum for a glimpse into the gory details. Accomplishing this would be much easier on a more conventional router.
1 Like
If you set an external port to be tagged, the device on the other end of the cable needs to be VLAN capable and set up to tag with matching VLAN numbers. This is commonly used to send a "trunk" of several networks between two routers.
VLANs inside the switch are used to make separate networks internally from the CPU out to different port(s). When the port is set to untagged, the tags are removed before sending data on the cable. The use of VLANs inside the switch have no effect on a device on an untagged port. Arbitrary VLAN numbers can be used.
1 Like
Which thread you mean?
According to wiki:
Ethernet: RTL8367RB 4x 10/100/1000 Mbit/s vlan support
use all 4 LAN-Ports the same Hardware Switch (Realtek).
@mk24
So if I understand you correctly, I can put the VLAN ID's on the LAN ports, connect a switch with VLAN function, and assign ports to the VLAN I want. The VLAN must be configured on both the router and the switch.
I understand the 2nd part so that this is also possible directly for the 4 LAN ports of the router?
For this, the corresponding port must be tagged with the desired VLAN? I do not know how to configure a single port, as these are only displayed as 1 interface.
What @slh is saying the internal switch in the Lantiq CPU is also involved, sending to the Realtek switch. So for example if you want to add another network from the CPU to one of the Ethernet ports, you'd have to add a VLAN to both switches.
This is all inside the router. If you're using ordinary devices that don't require tagging you don't need any extra hardware outside.
1 Like
Short explanation I was actually before.
I would like to create several VLANs to separate different device classes and restrict access to each other via firewall.
Attached is a screenshot of the switch config.
I have (not seen in the picture) created a VLAN 102, assigned to both switches. Tagged CPU and LAN at Lantiq and CPU and LAN2 at Realtek. After that, WLAN did not work anymore, internet was not working anymore, etc.
Can someone explain to me from the drawing what I need to hire?
It looks like "LAN "on the Lantiq switch is the link to the Realtek switch that runs the four yellow ports, and WAN is the other physical port. Confirm by unplugging the cable from the black WAN port, the icon should change to disconnected.
The link between the switches should be tagged in all the VLANs that are of interest to the Realtek switch. Do not have tagged and untagged on the same port. So in the LAN column, change VLAN 1 to tagged then add more if you want.
For these internal VLANs it is conventional to use sequential numbers starting from 1. Likely not the case here, but some old chips did not like numbers higher than 15, and others have a limit of 128.
1 Like
You have right with WAN-Port.
Since I tagged VLAN 1 an Lantiq Switch to "LAN", the WLAN don't work. I am not receive IP with WLAN.
With LAN I receive IP and have access to WebIF, but no more access to Internet.
Since I reboot the OpenWrt after tagged VLAN 1, the Router don't boot more. It only shows Error on Display from Router. I must reset with fullimage.img und install sysupgrade.bin.
Have you read what @slh referred to? It seems that the WLAN is an Ethernet-like device on this model.
1 Like
Yes I have read, but I know no details, because I do not know which thread he refers to.
But this is definitely not an explanation why the router apparently also destroys his system.
It seems to me with this router really not an optimal condition for my imagination to be.
Do yourself a favour and pick some simpler/ more conventional hardware for your experimenting (you can find lots of interesting stuff very cheap on the used market), the easybox 904 xDSL really isn't any fun when it comes to non-trivial VLAN setups, due its hardware specific complexities.
1 Like
@slh
Do you have any recommendation for a model? May cost a few euros. The cost should not be the problem. If there are appropriate routers, but I would have another request. The router should support several SSIDs which I can assign to different VLANs.
Thank you all for you help. Very fast and friendly.
It really depends on what you're looking for in terms of performance and features.
- most of the contemporary ar71xx/ ath79 should work fine (>8 MB flash, at least 128 MB RAM)
- if you want a VDSL modem onboard, the BT Home Hub 5 Type A is always worth looking at.
- usually I'd (strongly) recommend ipq40xx, but that's a bit limited in terms of VLAN configurability until it switches to DSA switch drivers.
- mt7621 should be nice, if you aren't looking for top CPU performance (but fast routing/ networking acceleration).
- entry level mvebu (or top end, depending on your interests/ price frame) would do the job
- depending on your budget, ipq806x is also worth looking at.
The Easybox 904 xDSL just ist very special and fragile in many regards, particularly in terms of the switch setup, basically all other routers are easier to work with. Top ten routers currently in use? would be a potential selection (avoid ipq40xx for the time being, if you're after VLAN specifics).
1 Like
I look at the chipsets / devices in peace.
DSL modem is not needed, because I will soon receive a fiber optic connection. However, the operator imposed a modem, my router is then connected via LAN.
But several WLAN SSID's with different VLAN tag would be really good. For this I have found this guide:
Is this feature basically supported or does it depend on the chipset?
With fibre/ ftth, specifically speeds up to 1 GBit/s, your choices are limited to highend mvebu or x86, the other devices can't cope with those routing throughputs (the Easybox 904 xDSL won't do more than ~60 MBit/s anyways).
Yes, multiple SSIDs are (wireless-) hardware specific, for details you need to check the valid interface combinations in the "iw list" output.
1 Like
The first concern when buying a new router is to have enough CPU power for your ISP speed. With fiber you'd want something high performance. There is the hardware recommendations section.
With gigabit ISP it is best to go to separate boxes: a wired only router, almost has to be an x86, feeding to wired users and wifi AP(s). The APs don't need as much CPU since they aren't doing any routing or firewalling or VPN.
Thanks again for your answers.
I think for this thread all questions are answered.
I'll look at the router with mvebu or x86 closer and read me on the Internet and here in the forum.
In such a powerful router, I can completely replace the FritzBox.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.