Simple VLAN config, no connection

aleksanda · February 11, 2024, 11:42am

I think I'm going crazy. Granted my knowledge about VLANs is now more than a decade old I think I should still be able to understand basic concepts, even if I didn't have to configure it OpenWRT for years now.

Device is an ASUS RT-AX53U.

cat /etc/config/network

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdb3::…/48'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '10.0.0.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '10.0.0.2'

config interface 'wan'
	option device 'wan'
	option proto 'dhcp'
	option peerdns '0'
	list dns '10.0.0.2'

config interface 'wan6'
	option device 'wan'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'
	option peerdns '0'
	list dns 'fdb3::…::2'

Then changes LUCI would make are very simple forward:

uci add network bridge-vlan # =cfg07a1b0
uci set network.@bridge-vlan[-1].device='br-lan'
uci set network.@bridge-vlan[-1].vlan='10'
uci add_list network.@bridge-vlan[-1].ports='lan1:u*'
uci add_list network.@bridge-vlan[-1].ports='lan2:u*'
uci add_list network.@bridge-vlan[-1].ports='lan3:u*'
uci set network.lan.device='br-lan.10'

NPeca75 · February 11, 2024, 12:34pm

Hi

it is unclear, do you want to untag (access) vlan10 on all ports ?

aleksanda · February 11, 2024, 12:37pm

Yes, just for testing. Add a VLAN 10 and allow all ports to continue working as if there was no VLAN.

NPeca75 · February 11, 2024, 12:40pm

Hmmm, it smells like TAGGED

and allow all ports to continue working as if there was no VLAN

so, you want the old (current) vlan1 (10.0.0.1) to be still in function on all ports
AND
on top of this, you want vlan10 (tagged) on all ports ?

aleksanda · February 11, 2024, 12:55pm

VLAN1? Do you mean the "network.lan.device" (which in LUCI is listed in the networks tab)?

My ultimate goal is different.

Configure 2 VLANs, 10 and 20.

10 untagged on port 1 and 2 (for LAN and WIFI) and tagged on port 3
20 tagged on port 3 with a separate network, e.g. IOT (port 3 has a VLAN capable switch)

Because that config didn't work I tried to reduce it to the basics that seem to work for others. Did I miss something?

NPeca75 · February 11, 2024, 12:59pm

ok, try this way

config device
        option type 'bridge'
        option name 'switch'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'

config bridge-vlan
        option device 'switch'
        option vlan '10'
        list ports 'lan1:u*'
        list ports 'lan2:u*'
        list ports 'lan3:t'

config bridge-vlan
        option device 'switch'
        option vlan '20'
        list ports 'lan3:t'

config interface 'vlan10'
        option device 'switch.10'
	option proto 'static'
	option ipaddr '10.0.0.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '10.0.0.2'

config interface 'vlan20'
        option device 'switch.20'
	option proto 'static'
	option ipaddr '10.0.20.1'
	option netmask '255.255.255.0'

replace these lines in /etc/config/network

aleksanda · February 11, 2024, 1:35pm

Isn't that the same config, just with different naming?
And in addition, wouldn't it require all other configs referencing "lan" to now point to "vlan10"?

Truncating your example for VLAN 10 only, the commands I posted and the changes LUCI makes should result in the following config:

config device
	option type 'bridge'
	option name 'br-lan'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'

config interface 'lan'
	option device 'br-lan.10'
	option proto 'static'
	option ipaddr '10.0.0.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '10.0.0.2'
	
config bridge-vlan
    option device 'br-lan'
    option vlan '10'
    list ports 'lan1:u*'
    list ports 'lan2:u*'
    list ports 'lan3:u*'

This would be your exact setup, except for the names. And that's also the config that doesn't work and results in a revert.

NPeca75 · February 11, 2024, 1:38pm

No
it is NOT the same

config bridge-vlan

is missing from your OP

aleksanda · February 11, 2024, 1:40pm

Oh, OK, that might have been misleading.

config bridge-vlan is missing because that's the config that's running now.

That's why I posted the UCI commands I applied below the current config.
(uci add network bridge-vlan # =cfg07a1b0)

NPeca75 · February 11, 2024, 1:42pm

did you tried to copy/paste the new config ?
what ever naming convention you want, lan / vlan10 whatever ?
and reboot ?

aleksanda · February 11, 2024, 1:49pm

Yes. I tried, multiple times. Must have been 20 different configs so far (starting from the real setup I want and reducing it to the bare minimum).

But I didn't try to apply it on the CLI so far.

Turns out, for whatever reason, LUCI thinks the config is broken and forces a revert. A manual reboot on the CLI worked.

Thank you!

system · February 21, 2024, 1:53pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.