RouterOS to OpenWRT CLI command

Hello. I´m new to both Mikrotik and OpenWRT, sorry if I miss something.

I recently get for free a Mikrotik rb2011uias-2hnd-in. It is an old device but works fine. I can remove my ISP router, plug the Mikrotik and, with only three CLI commands I get Internet working fine. Those lines are:

/interface vlan add name=Internet interface=ether1 vlan-id=20
/ip dhcp-client add disabled=no interface=Internet
/ip firewall nat add action=masquerade chain=srcnat out-interface=Internet

Then I flash OpenWRT to the Mikrotik, and everything looks OK. But when I try to connect the Wan port and get Internet, I does not work. No mather what I tried, WAN port never get the DHCP Address. I tried to add the VLAN 20 and firewall rule on the web interface, but not luck.
My question is, anyone can tell me how to "translate" those three Mikrotik commads to OpenWRT commands.

Thanks.

The second two features (DHCP client and v4 masquerade) are already active in the default configuration. If your ISP did not require a VLAN tag on the WAN connection, it would work to route to the Internet just by plugging it in.

So on the first one, it is a bit complicated because OpenWrt does not do much hardware abstraction. You will have to directly configure the two Ethernet switches inside the RB2011 to pass VLAN 20 tagged packets through. This is done with the config switch sections at the end of /etc/config/network. I don't have experience with this particular model so I can't say exactly what to do.

4 Likes

My ISP use vlan 20. Masmovil, from Spain

I add the vlan id 20 and set tagged traffic to openwrt default WAN interface using web interface. But did not work.

There seems to be a bug in LuCI in version 19.07.

Please post the output of uci show network redacting the sensitives.

1 Like

I reset the OpenWRT to defaults and only add the VLAN id 20 and set it to WAN and tagged. The uci show network output:

root@OpenWrt:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fdfe:fff4:7b64::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0.1 eth1.1'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.wan=interface
network.wan.proto='dhcp'
network.wan.ifname='eth0.20'
network.wan6=interface
network.wan6.proto='dhcpv6'
network.wan6.ifname='eth0.20'
network.sfp=interface
network.sfp.ifname='eth0.3'
network.sfp.proto='none'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch[0].ar8xxx_mib_type='0'
network.@switch[0].ar8xxx_mib_poll_interval='500'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='2 3 4 5 0t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='1 0t'
network.@switch_vlan[2]=switch_vlan
network.@switch_vlan[2].device='switch0'
network.@switch_vlan[2].vlan='3'
network.@switch_vlan[2].ports='6 0t'
network.@switch[1]=switch
network.@switch[1].name='switch1'
network.@switch[1].reset='1'
network.@switch[1].enable_vlan='1'
network.@switch_vlan[3]=switch_vlan
network.@switch_vlan[3].device='switch1'
network.@switch_vlan[3].vlan='1'
network.@switch_vlan[3].ports='0t 1 2 3 4 5'
network.@switch_vlan[3].vid='1'
network.@switch_vlan[4]=switch_vlan
network.@switch_vlan[4].device='switch1'
network.@switch_vlan[4].vlan='2'
network.@switch_vlan[4].ports='1t'
network.@switch_vlan[4].vid='20'
uci set network.@switch_vlan[1].vlan='20'
uci set network.@switch_vlan[1].vid='20'
uci set network.@switch_vlan[1].ports='1t 0t'
uci commit network
/etc/init.d/network restart
2 Likes

You're real close, but this needs to be '0t 1t' so the packets have somewhere to go once they come in from the modem on port 1 they will go to the CPU (eth0) on port 0.

:grinning:
Is working now. Many thanks. Can you tell me what was wrong? Just to learn

You've done half the job by setting the correct ifname, but you should also enable tagging for the corresponding port.

https://openwrt.org/docs/guide-user/network/vlan/switch_configuration#assigning_vlan_ids_on_vlan-enabled_switch_hardware

https://openwrt.org/docs/guide-user/network/vlan/switch#the_configuration

1 Like