Seamlessly Bridging interface over VLAN

Hello,

I have two OpenWRT devices on my network (Router and a Raspberry Pi)
Both of them can communicate via VLANs, The Pi has a USB 4G modem connected to eth1, which provides a DHCP WAN IP address.

I would like to passthrough the modem/eth1 via 802.1q VLANs, so that my router can get it's WAN IP via my managed switch from the USB Modem, like it was directly connected to the router via USB.

I have tried various configurations using the bridge type, but have not found success so far.

Does anyone have advice for this situation?
Cheers!

This should be possible... just a matter of understanding the topology you're aiming for. Can you draw a quick diagram, including any additional equipment between the two OpenWrt devices, and if you have multiple internet connections, please make that clear, too. In your diagram, be sure to label the devices with the brand/model and also port numbers with the OpenWrt main router.

Funny you say that, I was just making one up!

wan openwrt773×828 37 KB

I believe I've got everything, please let me know if you need any further info.

Cheers!

Great!

If those are real IP addresses on the WAN, you should probably remove them from the image.

Meanwhile, is the GL-AR750S running Gl-inet's vendor firmware or official OpenWrt?

They're fake, no worries. Example.org!

The GL-AR750S is running Official OpenWRT. I did mean to mention that.

Ok... great.

Let's see the contents of the network config files for each of the devices:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network

root@GL-AR750S:~# ubus call system board
{
        "kernel": "5.15.137",
        "hostname": "GL-AR750S",
        "system": "Qualcomm Atheros QCA956X ver 1 rev 0",
        "model": "GL.iNet GL-AR750S (NOR/NAND)",
        "board_name": "glinet,gl-ar750s-nor-nand",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.2",
                "revision": "r23630-842932a63d",
                "target": "ath79/nand",
                "description": "OpenWrt 23.05.2 r23630-842932a63d"
        }
}
root@GL-AR750S:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix ''

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option netmask '255.255.255.0'
        list dns '1.1.1.2'
        list dns '1.0.0.2'
        option ipaddr '192.168.0.1'
        option ip6ifaceid '::1'
        option ip6assign '64'
        list ip6class 'local'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option description 'LAN'
        option ports '0t 3 2t 1t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t'
        option vid '2'
        option description 'WAN'

config interface 'tether'
        option proto 'dhcp'
        option hostname '*'
        option metric '3'
        option peerdns '0'
        list dns '1.1.1.2'
        list dns '1.0.0.2'
        option device 'eth0.6'

config switch_vlan
        option device 'switch0'
        option vlan '6'
        option ports '0t 2t'
        option vid '5'
        option description 'DSL'

config interface 'wan'
        option proto 'pppoe'
        option device 'eth0.5'
        option username ''
        option ipv6 'auto'
        option peerdns '0'
        list dns '1.1.1.2'
        option metric '2'
        option auto '0'

config switch_vlan
        option device 'switch0'
        option vlan '9'
        option ports '0t 3t 2t 1t'
        option vid '6'
        option description '4G'

root@Aux:~# ubus call system board
{
        "kernel": "5.15.134",
        "hostname": "Aux",
        "system": "ARMv8 Processor rev 4",
        "model": "Raspberry Pi 3 Model B Rev 1.2",
        "board_name": "raspberrypi,3-model-b",
        "rootfs_type": "ext4",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.0",
                "revision": "r23497-6637af95aa",
                "target": "bcm27xx/bcm2710",
                "description": "OpenWrt 23.05.0 r23497-6637af95aa"
        }
}
root@Aux:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix ''

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.1'

config interface 'lan'
        option device 'br-lan'
        option proto 'static'
        option ipaddr '192.168.0.2'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.0.1'
        list dns '192.168.0.1'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '6'
        option name 'eth0.6'

config device
        option type '8021q'
        option ifname 'eth0'
        option vid '1'
        option name 'eth0.1'

config device
        option type 'bridge'
        option name '4g'
        list ports 'eth0.6'
        list ports 'eth1'
        option bridge_empty '1'

config interface '4g'
        option proto 'dhcp'
        option device 'eth1'
        option hostname '*'

I'd like to note the configuration on the Pi has remnants of my previous attempt (bridge and interfaces) I have not removed

So it looks like you already have the AR750S setup with VLAN6 and an interface for the 4G network, correct? This appears to be it here:

So, all we really need to do here is make sure that the Pi sends it over the trunk...

Delete these:

Let's change he name of the 4g bridge to make it clear what it is:

config device
        option type 'bridge'
        option name 'br-4g'
        list ports 'eth0.6'
        list ports 'eth1'

And change the 4G network to unmanaged like this (it may even be okay to delete it entirely, but start here):

config interface '4g'
        option proto 'none'
        option device 'br-4g'

Now, make sure your GS724T is configured with VLAN 6 tagged on both ports 3 and 6.

That should be all that is required. Reboot the two OpenWrt devices an the cellular modem.

Many many thanks for your input.
Yes that's correct, the AR750S is set up for that already as you stated.

I did not remove the above code snipped as I would not be able to manage the Pi via the network if I removed VLAN 1 device, and the eth0.6 device would not exist I removed the VLAN 6 device?

I am happy to be wrong!

Everything else is set up as you provided awaiting feedback.

Cheers

Was just about to reboot my router after verifying the updated configuration was correct and noticed it had found an IP address!

It looks like it's working! Going to reboot now and test connectivity

Great!!

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks!

These bits can be safely removed... the eth0 (vlan1) device is the native eth0, and eth0.6 (vlan 6) is created by the dotted notation used in the bridge.

Hiya,

Did remove those but am unable to contact the device.
Am marking as solved as did have it working.

Will get this reverted now and let you know how I get on

Interesting. That shouldn't be an issue. But please let me know what happens when you revert.

Have reverted and re-applied your suggestion, now appears to be working.
I had no ethernet link on the Pi, so was a bit of an odd one.

Only observation is that it does not seem to work if the 4G modem is offering a public IP address, but private (192.168.1.0/24) addresses seem to work fine. I am assuming this is a quirk of the modem and not the set up, unless you think otherwise?

Eitherway, thank you so much for your help this evening, I really really appreciate it!

Yes, I agree - this is probably the modem. It may have 'learned' the previous MAC address and it may only issue a public IP to that MAC until the association is cleared. heck the modem setup.

Glad this is all working now!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.