Replicating a VLANs scenario


#1

Hello everyone, I've been making efforts to replicate the following VLANs setup in OpenWRT and have already locked myself out of it once doing so. Curious if anyone can provide a bit of direction: https://rickfreyconsulting.com/basic-vlans-with-switchos-part-2/


#2
  1. That is not a link to an OpenWrt tutorial. Perhaps you should explain what you're trying to accomplish; and what you've already tried.

  2. Have you seen this page:

Screenshot%20from%202019-01-10%2015-43-26

I find it extremely difficult to lock myself out during configuration of VLANs and trunks - when following the images on screen.

  • Add VLAN IDs and tag appropriately
  • Create new Network Interfaces to use those VLANs (e.g. eth0.3, eth0.4, etc.)

#3

The link I provided I've setup on a MikroTik switch using SWOS, exactly how the link stated to do so. Now I'm stepping into configuring OpenWRT router config VLANs to replicate the top part of the link config illustrated for RouterOS. One thing I've noticed is that openWRT doesn't seem to like e.g. VLAN2, VLAN10, VLAN20... likes them in series. So I'm re-configuring SWOS VLANS as VLAN1 for (2), VLAN2 for (10) and VLAN3 for (20). Let you know how it goes! I did see the illustration your provided earlier, was confused on how to push DHCP to each VLAN now thanks! I'll setup each interface accordingly as you stated on your last line, @lleachii thanks!


#4

Many switch chips especially the low-end 10/100 models support only 15 VLANs. It is possible to have such a switch emit tag numbers higher than 15 but LUCI does not support that; you have to manually edit the config file. So if you're building the network yourself it is best to use low numbered VLANs.


#5

One thing that was confusing to me and still is, is why in the graphic VLAN2 belongs to WAN port which is set to untagged - I'll get used to the nomenclature. So just for sanity, if I create e.g. 192.168.88.0/24 on VLAN1 and 10.10.20.0/24 on VLAN2 and 10.10.30.024 on VLAN3 would the following openWRT config work properly, referencing the link I provided and SWOS config section?

VLAN1, CPU(eth0) tagged, LAN1 untagged, WAN off.
VLAN2, CPU(eth0) tagged, LAN1 off, WAN untagged.
VLAN3, CPU(eth0) tagged, LAN1 off, WAN untagged.


#6

On an external port, untagged is used to link to ordinary devices like a PC or cable modem that do not use VLANs.

Since the CPU has only one eth port, the default configuration has VLANs on the CPU side to make the modem and the LAN separate networks. eth0.1 is the LAN (in the LAN physical settings) and eth0.2 is the WAN used to link to the Internet.

A port can be set to untagged in only one VLAN and must be off in the others.

Multiple VLANs can be tagged on a port. The device at the other end of the connection must be able to parse the tags. It is not a good idea to try and mix tagged and untagged on the same port. That is another thing that often does not work on consumer-level switch chips.


#7

Ah, thanks @mk24 I had it wrong then. I'm running an RBM33G OpenWRT which has 3 ports for routing. eth0 (WAN), eth1 (lan1) and eth2 (lan2). LAN2 will not be in use at this time. So if I understand you correctly it should be as follows:

VLAN1, CPU(eth0) tagged, LAN1 untagged, WAN off.
VLAN2, CPU(eth0) tagged, LAN1 off, WAN untagged.
VLAN3, CPU(eth0) tagged, LAN1 tagged, WAN off.
VLAN4, CPU(eth0) tagged, LAN1 tagged, WAN off.

I've got a Mikrotik 24 port switch running SWOS configured as follows:

Ports 1-24 Mode Strict, VLAN Receive any, Default VLAN ID "4" for 20 in the link illustration on ports 1-22, and Default VLAN ID "1" for 2 in the link illustration on ports 23-24.

I'm using port 24 as the uplink port to the RBM33G OpenWRT router to LAN1 port (VLAN1,2 and VLAN3) Hope it works, diving in now!

OK, VLANs are functional :slight_smile: now I'm trying to pass DHCP option 132 with a value of 3... no luck with 132,3 or 132,0011 or 132,s'3'. Anyone know how to pass the DHCP option 132 correctly? I'm wanting it to be VLAN3.


#8

Ok, the following seems to work well for breaking out VLANS.

VLAN1 = Maintenance 192.168.169.0/24 (dhcp serving 100-250)
VLAN2 = WAN Port (dhcp client)
VLAN3 = Voice 10.3.10.0/24 (dhcp serving 100-250)
VLAN4 = Untagged PCs 10.4.10.0/24 (dhcp serving 100-250)

Yealink phone by default have DHCP option 132 turned up which means I should be able to hand off what VLAN they belong to during boot and/or provisioning... however no luck in passing VLAN3 value to them yet...

interfaces

zones

dhcpoption

switch


#9

DHCP option 132 solved. Field must be set to VID=3


#10

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.