OpenWrt VLAN configuration with a Managed Switch

Hi, my intended network setup is as follows:


View high-resolution
I have a Linksys WRT3200ACM running OpenWRT as a Router/Wireless Access Point, that gets WAN from the ISP modem. There is one LAN, the default one, that I connfigured to use 10.230.0.1 as the IP address, and that LAN has a DHCP server that hands out 10.230.0.x IP addresses to my devices. There is one device, which is a Hyper-V server (Workstation 2 in the picture), and Workstation 1, that are in the same room, and I would Worsktation 2 to be in a different VLAN, such as 10.230.1.1. I have purchased an 8-Port Netgear GS108Ev3 Managed Switch and connected it to the router. Then, I connected one cable to each workstation. What I want to know, is how to put Workstation 2 in a different VLAN than Workstation 1, given that they are connected to a Managed Switch? If each workstation were connected to a physical port in the router, I could easily do this, however, they are only technically connected to one physical port on the router. How would the router know which VLAN each workstation is on?

Tagged packets on the cable between the router and the switch. The switch then examines the tags, removes them, and directs the resulting untagged packets only to the workstation port(s) that belong to that VLAN.

1 Like

@mk24
Thanks a lot for the answer.
Would you mind explaining that in a bit more detail? While I appreciate your answer, my networking knowledge is not enough to understand straight away how the switch and the OpenWRT router would be configured. If I create a VLAN in the Netgear switch, and call it VLAN 10 for example, how, in the OpenWRT settings, do I tell that traffic in VLAN 10 on the Netgear switch has to have a 10.230.1.x address, and everything else has 10.230.0.x?

Please read https://openwrt.org/docs/guide-user/network/vlan/switch_configuration
Return GS108Ev3 if you can and get a better switch.

1 Like

@MagicPants, welcome to the community!

You'll need to improve your skills - quickly.

Using VLAN 10 as an example:

  • Create a new Interface under Network > Interfaces with an available VLAN ID (e.g. VLAN 10), you can call it lan2- you will address it as 10.230.1.1/24 - the PHY you enter is eth0.10
  • Enable DHCP (optional)
  • Add it to a firewall zone
  • Configure the switch to trunk VLANs 1 (LAN) and 10 (LAN2) - in this example, I used switch port no. 4

  • Configure a port on the switch to receive VLANs 1 and 10 via trunking/tagging
  • Connect cable to Netgear switch's trunk port (configured for VLANs 1 and 10); and to the OpenWrt's trunk port (now configured for VLANs 1 and 10 also)
  • Configure access ports on switch for either VLAN 1 or 10
  • Connect devices to appropriate ports
  • Done!
2 Likes

@lleachii
Thanks a lot for your help.
Here's what I've done:
I already had, in OpenWRT, a VLAN with VLAN ID of 3 (10.230.2.0), that I created using this tutorial. I tagged the LAN 4 port on it, as funny enough it was the one I wanted to use, and also tagged it in VLAN 1 (10.230.0.0), just like on your image. Then, in the Netgear Switch, I created a VLAN with VLAN ID of 1, and another with a VLAN ID of 3, just like in the OpenWRT Router. The cable coming from the OpenWRT Router, connected to the Switch, was connected to Port 1, so, I tagged this port in both VLANS, and untagged the ports that I wanted to use for each VLAN. Here are some screenshots:
https://imgur.com/a/MbGQFCF
The VLANS in the Netgear Switch:
I cannot take a screenshot right now, but they are configured as follows:
VLAN ID 1 - Port 1 tagged, Ports 6,7 and 8 untagged;
VLAN ID 3 - Port 1 tagged, Ports 2,3,4 and 5 untagged;
Port 1 is the one connected to the router, in LAN 4.

I did all this, and devices connected any of the ports, even to ports untagged for VLAN 1, all get 10.230.2.x addresses, which is for VLAN 3. Any ideas?

@lleachii
Here is a screenshot:
This is a Windows Server machine that has 4 NICs. One of the NICs is connected to VLAN 1 in the Netgear Switch, and one of them is connected to VLAN 3. There are two hyper-V switches that are external switches to those NICs. I named them VLAN 1 and VLAN 3, for the sake of making it easier to see which one is not working properly.

the setting you show is not the only setting. you should also go to the port pvid and set that up, basically this tells how the switch should tag inbound packets to each port.

@dlakelan
Thanks for replying.
I also did that, but forgot to send the screenshot.