With 19.07 i had a set-up with VLANS as my TV decoder requires a public IP address to enable the interactive functions, my home cinema set-up needs to be on the LAN, and I only have a single (powerline) connection to my living room. This set-up was working well, but after installing 21.02 I cannot get this this work. I've read a lot about the move from swcongif to DSA, and i've spent many hours trying all the suggestions I could find, but never succeeded to get both VLAN1 and VLAN10 to work.
The set-up I need is:
The set-up i had on 19.07 was:
(NOTE: i've changed from VLAN2 in old set-up to VLAN10 in new set-up, access point TL-WR1043N has been adjusted accordingly.)
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd68:925a:e2cd::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option device 'br-lan.1'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config bridge-vlan
option device 'br-lan'
option vlan '1'
list ports 'lan1:t'
list ports 'lan2:u*'
list ports 'lan3:u*'
list ports 'lan4:u*'
config bridge-vlan
option device 'br-lan'
option vlan '10'
list ports 'lan1:t'
With this set-up everything connected via router LAN2, and the devices on LAN 2 & 3 on the accesspoint connected via the powerline do work and have internet access with 192.168.1.x addresses
The question is now: how to get a public ip address on VLAN10?
Note: I'm not a networking export, so please explain in simple terms.
In order for DSA switching between hardware switched physical ports to work, all the ports need to be in the same overall bridge. So bring wan into br-lan. I usually rename it br-eth at that point to reflect that it is all the Ethernet ports, not just the lan ones. By running VLANs inside that bridge, different ports can be in separate networks and also packets can be tagged/untagged and hardware switched between ports just like with swconfig.
Then the bridge-vlan for the WAN VLAN (2) will be untagged on the wan port and tagged on the trunk cable port. Of course the router on the other end of the trunk cable port needs to be set up with the same VLAN numbers. Since the devices you can't change (the TV box and the modem) use untagged packets, you can use any numbers you want for the internal tagging, but it has to be consistent throughout your network. br-eth.2 is the wan interface for the router to go to the modem for Internet. The TV box is now also switched directly to the modem.
Thanks mk24. I had tried that before but without success. I have tried again, and this is my config:
(NOTE: i'm using vlan 1 and 10, and this has been made consistent on the receiving end of the trunk.
config interface 'lan'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
option device 'br-eth.1'
config interface 'wan'
option device 'wan'
option proto 'dhcp'
config interface 'wan6'
option device 'wan'
option proto 'dhcpv6'
config device
option type 'bridge'
option name 'br-eth'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'wan'
config bridge-vlan
option device 'br-eth'
option vlan '1'
list ports 'lan1:t'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config bridge-vlan
option device 'br-eth'
option vlan '10'
list ports 'lan1:t'
list ports 'wan'
This results in the TV decorder to get a public IP, but internet on all other machines (LAN) doesn't work. I can ping everything internally, but no internet access.
Apart from above set-up i tried with this as well, but no joy:
config bridge-vlan
option device 'br-eth'
option vlan '1'
list ports 'lan1:t'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'wan'
config interface 'wan'
option device 'br-eth.10'
option proto 'dhcp'
the TV decoder gets an ip of 169.254.10.10 and is not interactive (e.g. doesn't get a public IP). PC in the lan can ping google, but ONLY over IPv6. When I change as well wan6 to have option device 'bre-eth.10' nothing can get outside, ping -4 and ping -4 don't work.
When wan & wan6 did have option device 'wan' the TV decoder did get a public IP.
And when I check in luci, the wan interface doesn't get an IP4 anymore from my ISP when i change the device to br-eth.10. Have tried with a reboot of my cable modem, router and I have set the 'use broadcast' flag as well on the wan interface.
Generally a customer is only granted one public IP from the cable system, since public IPv4s are limited. So bridging two devices into a cable modem running in bridge mode is going to have the first one take the public IP and the other one will not get a DHCP response. Are you sure the TV box is supposed to work this way? Was the modem operating in router mode before?
Yes, that did work. I’ve opted for a (cable) modem only installation by my isp, and I’ve installed my own router (the Linksys with openwrt).
However, to proof the point I downgraded and loaded my backup (from that older version, so it has a version match). But with my old setup it’s the same problem, nothing working anymore….It was working before I did the install of 21.02.
Have gone for a modem restart, so now waiting to see what happens. I will be gone for the weekend, so can test further when back.
Thanks @mk24, I just logged in remotely and everything seems to be fine now with the new setup. Modem restart with some patience, and your help solved the problem.
And for others in Belgium: this is the way to solve the problem of telenet decoders requiring public IP if you want to have both decoder and other devices connected with a single cable from your router.
