Latest master build automatically migrated the settings for me.
But enabling VLAN filtering here breaks ethernet access to the router, is it really supposed to do that?
Yes it can, please see below IRC chat on how to implement it. I didn't find time for that so far.
[2021-05-31] [19:05:59 CEST] jow: i was thinking about adding "switch" LuCI page that would display each switch port port and its status (carrier, speed)
[2021-05-31] [19:06:20 CEST] jow: so there is no easy way to list available switches and their ports?
[2021-05-31] [19:07:58 CEST] rmilecki: you can read this information with ethtool, and use the board.d config to know which switch ports are there
[2021-05-31] [19:08:54 CEST] info (carrier, speed) is already in ubus in network.device
[2021-05-31] [19:09:15 CEST] Hauke: so i guess i'm looking for board.json then
[2021-05-31] [19:12:01 CEST] rmilecki: there is an easy way actually
[2021-05-31] [19:12:27 CEST] rmilecki: recent kernels expose a DEVTYPE=xxx property in the sysfs uevent files
[2021-05-31] [19:13:58 CEST] rmilecki: # grep DEVTYPE= /sys/class/net/lan1/uevent
[2021-05-31] [19:13:58 CEST] DEVTYPE=dsa
[2021-05-31] [19:14:17 CEST] oh, nice!
[2021-05-31] [19:16:06 CEST] to group DSA ports by switch, I found two ways
[2021-05-31] [19:16:19 CEST] 1) group by the result of readlink /sys/class/net//device
[2021-05-31] [19:16:44 CEST] 2) group by the contents of /sys/class/net//phys_switch_id
[2021-05-31] [19:17:12 CEST] however due to the lack of an actual multi-DSA-switch device here I cannot confirm that it'd actually work multiple DSA switches
[2021-05-31] [19:17:17 CEST] but I suppose it would
[2021-05-31] [19:18:49 CEST] ah, actually I forgot about a 3rd way which is the most reliable
[2021-05-31] [19:19:00 CEST] cat /sys/class/net/*/iflink
[2021-05-31] [19:19:11 CEST] that will contain the ifindex of the physical parent interface
[2021-05-31] [19:19:26 CEST] e.g. on a zbt wg2626 it reports iflink=2 for lan1, lan2, lan3, lan4 and wan
[2021-05-31] [19:19:33 CEST] 2 corresponds to "eth0"
[2021-05-31] [19:19:52 CEST] so one can deduce that lan1..lan4 + wan are DSA ports of switch eth0
[2021-05-31] [19:20:09 CEST] all that info is available through "ubus call luci-rpc getNetworkDevices" in current master
[2021-05-31] [19:20:21 CEST] it is just not exposed as a kind of switch overview in LuCI yet
[2021-05-31] [19:20:55 CEST] should be fairly easy to do though, e.g. by providing a partial status applet in /www/luci-static/resources/view/status/include/
[2021-05-31] [19:28:59 CEST] jow: thanks, i'll see if I can implement that using info you provided!
[2021-05-31] [19:40:26 CEST] rmilecki: in luci-rpc getNetworkDevices filter for "devtype": "dsa" and group by "parent": ...
[2021-05-31] [19:40:36 CEST] jow: just found it
[2021-05-31] [19:40:46 CEST] jow: getNetworkDevices is great
[2021-05-31] [19:41:16 CEST] thought i'm not big fan of naming things like that with "luci" prefix
[2021-05-31] [19:41:34 CEST] well it's LuCI's private luci.so rpcd plugin
[2021-05-31] [19:41:59 CEST] we could move it into a separate sysinfo.so kind of plugin, along with other generic functionality
[2021-05-31] [19:42:17 CEST] sounds good
[2021-05-31] [19:42:24 CEST] sysinfo like plugin
I am willing to try to write it myself.
Is there any example I could base myself on?
I admit that my experience with Luci code is zero, but I have written widgets for pfsense in the past so maybe I could try my hand with that as well.
Downloaded switch.js from my main wifi AP.
Is the code in it, still relevant for DSA somehow?
Like it was mentioned elsewhere, it could be useful to add the port status table to main system overview status page.
Or maybe put it on the device list page under Network->Interfaces
Just adding columns with network port state/speed/duplex for relevant devices.
@matrix200: for an example / code base you can take some existing LuCI code that is the closest to what you want to achieve. I don't have enough LuCI experience to provide you a full guidance.
As for LuCI development I can recommend two ways:
[18:15] <jow> rmilecki: I usually mount the target rootfs using sshfs and then I copy files directly fro mthe luci repo back & forth
Clone LuCI repository and use feeds.conf with something like src-link luci /home/matrix200/luci
Then you can make changes and compile + copy packages using make package/luci/compile V=s && scp ./bin/packages/*/luci/*.ipk root@192.168.1.1:/tmp/
Is there an issue where the switch device is not reset and holds previous settings. It seems in testing different setups, on occasion, a reboot will generate errors, resolved by way of a power cycle. One example:
[ 17.652703] mv88e6085 f1072004.mdio-mii:00: p5: failed to load multicast MAC address
from a mamba, when this occurs other errors will follow:
/bin/sh: /etc/hotplug.d/ntp/25-unbound: line 23: can't create /var/lib/unbound/hotplug.time: nonexistent directory
What do you do exactly to trigger that error? You click "Add" to add one VLAN and then you get a lot of duplicates? It is hard to tell what "this" is and what error you get from the description and screenshot alone.
Local means that the system (bridge device ) itself will see the traffic of that VLAN, it is remotely comparable to adding the CPU port with swconfig. You only need to add the wan port to the bridge if you want it to participate in one of the VLANs involving other lan ports. If the wan ports operaties in a strictly isolated manner then you can simply use it as device directly in the logical wan interface.
I think I understand the part about Local, but not entirely sure I get the using the WAN as a device directly.
My ISP uses VLAN 6 for PPOE, so I assumed I needed to create br-lan.6 as above and then use that while setting up a PPOE connection. Or can I just set the Device there directly to wan.6 and call it a day?
VLAN 4 is used for IPTV (currently not connected), but that is situation where I would also set the port to which the tvbox connects as tagged correct?
Yes, exactly. You can just use wan.6. That will instruct netifd to spawn a VLAN 6 device on top of wan. No need to setup bridge VLAN filtering for that. However, since your WAN is essentially a VLAN trunk and since you need to bridge at least one VLAN (4, for IPTV) with a LAN port, see below.
Yeah, assuming you need to pass-through WAN side VLAN 4 to to one of your LAN ports you need to change your configuration like this:
Also add the WAN port to the br-lan bridge, add a VLAN 6 with local checked and only WAN port set to tagged
Change your PPPoE interface from wan.6 to br-lan.6
Add a VLAN 4, include WAN port as tagged and a LAN port of your choice as tagged (or is the IPTV STB expecting untagged traffic? In this case set the chosen LAN port to untagged). Local can be disabled for the VLAN 4 as the router itself does not really need to "see" / deal with bridged IPTV traffic
Assuming your IPTV STB is connected to LAN 1 and expects untagged traffic, the VLAN settings on br-lan should look like this:
VLAN ID
Local
lan1
lan2
lan3
wan
1
[x]
-
u
u
-
4
[ ]
u
-
-
t
6
[x]
-
-
-
t
Your logical interfaces should then use the following devices:
Logical interface
Proto
Zone
Device
lan
static
lan
br-lan.1
wan
pppoe
wan
br-lan.6
Further notes:
you do not need to include eth0 in the bridge
to make the config slightly less confusing once all ports are bridged, I personally rename my br-lan bridge to a more generic name like switch0. You can easily do that on the cli using something like sed -i -e 's#br-lan#switch0#g' /etc/config/network && /etc/init.d/network restart
