i dont want to care about phy ports on switch,
i wish to allow users connect they .10.x devices to any port on switch and route between subnets on router.
In truth, a few YouTube videos and explainer articles on the internet are probably sufficient for a basic config like this 
That's not how it works... at least not in the simple case. You could add 802.1x authentication methods to map devices to the desired VLAN, though -- but that's a seriously complex config.
You could alternatively add another ethernet port to your router and another physical switch to your topology.
I'm not sure if i understand correctly, but why don't you add 192.168.1.1/24 and 192.168.10.1/24 in the lan interface?
Easiest way would just to be assign the IPs and all manually on the OpenWRT server, then add the forward.
That will allow the forwarding, but you have to know every MAC address you wish to have an IP, and it would also allow people to just enter a different IP in their system and then be able to contaminate different networks.
Best way is to do like I did, spend the $20 and get a NIC with multiple ports. then a second switch so you can have 2 switches with different networks on each switch.
If you want to just add the IPs and just set it up like I mentioned earlier, then that would be the easier way.
This will not work properly. Yes, the system will allow you to add multiple addresses to an interface, but this is only intended for addresses in the same subnet. Putting two subnets into a single network interface will fail to operate in any predictable way and will likely cause massive network issues. (I think it will also fail to route properly between subnets due to the fact that it would be attempting to route to the same network).
VLANs would be simple and easier to maintain in the future...
But just add the bridges, and set them up with the IPs.
Set up the DHCP and MAC binding along with MAC restrictions.
Set up the forwarding you want, and done...
Easy to set up through the GUI.
yeah) i got this rule. one untagged subnet on one PHY. if i want more i need VLANS.
it so sad ))
It's also so easy to do!
If you're afraid of the switch you have now (which seems like serious overkill for your current usage), maybe pick up a small/cheap 5-8 port managed switch that has a simple user interface. This can even be done with essentially any OpenWrt supported "plastic" all in one router device, many of which have 5 ports. This will make learning to use VLANs (properly) much less daunting. After that, you can learn how to do the Cisco specific stuff (which is all the same principle leveraging the 802.1q standard, but with different methods and terminology to configure the device itself).
2 Likes
i have an idea to use switch ports with devices from 2 subnets without strictly assign ports to any subnet.
Interesting, what exactly will be unpredictable?
I've used this for decades
If you use the bridge method, as I was told in another post on this forum, then it will allow you to accomplish what you want in the short term.
But if you want something stable then you should use the VLAN options, and not set up dedicated interfaces for it, set it up so it is determined by the MAC that is connceted to the port. Easy...
can u explain ?
Trying to make the ports truly dynamic isn't really an option here. Two physically separate switches could do this for you, though -- plug into switch A for one network, switch B for the other. Similarly, with VLANs, you could split the switch half (left/right or top/bottom) so one half of the chassis is the first VLAN and the other half is the second... almost like two switches in that you don't have to give it much thought.
1 Like
with forwarding? or w/o?
The forwarding comes after. The forwarding is super simple with the GUI, takes only a few seconds. From the CLI, takes a few more than a few seconds.
just make sure you have all the details of the MAC addresses for each machine so they can be assigned their networks. Make sure the switch is set up to pass everything through the gateway first as well. (in other words the openwrt system)
You can't use a DHCP server in this context, for example, because which subnet would it serve? And how would it know which subnet to use for a given client (especially one not used previously or otherwise pre-defined)?
I have to agree with @psherman, cisco ui is much cleaner and easier than openwrt.
1 Like
is that only cause?
i have static leases almost.
Nit: I did not say that.
I will say that each vendor has different methods of configuration, each with their own quirks. The key is to understand the principles behind 802.1q VLANs in general... with that knowledge, you can (relatively) easily learn different syntax/methods to get to a working config.