[Solved]I have a very difficult problem

esxi virtualizes the openwrt win10 NAS three VMS. esxi has an spf+ 10G network adapter that passes through to openwrt as eth0. openwrt adds virtual port group lan as eth1.
openwrt now has two nics, eth0 and eth1. The goal is to bridge eth0 and eth1 to switches and Windows 10 NAS devices after eh0 wan dial-up.
With reference to the one-arm configuration, I can now use the eth0 lan as a network device, but I cannot bridge eth1 as a lan together. What should I do?

esxi 分别虚拟openwrt win10 NAS 三个虚拟机。esxi 有一个spf+ 10G网卡,直通给openwrt作为eth0,openwrt 添加虚拟端口组lan 作为eth1,
现在openwrt拥有两个网卡 eth0和eth1.目标是eh0 wan拨号后,eth0和eth1桥接后给交换机 和 win10 NAS设备上网使用。
参考了one-arm配置,我现在可以eth0 lan 作为网络设备使用,但是不能桥接eth1一起作为lan使用。我应该怎么做?

It sounds like eth0 is the wan? If that's the case, you usually cannot bridge the wan through to other hosts/VMs/devices unless you have multiple IP addresses available on the wan network.

Further, you cannot bridge the wan and lan -- that would defeat the whole purpose of routing. Bridging is an L2 operation while routing is L3.

Thank you very much for your help, eth0 as a wan, in turn as a lan and eth1 to form a LAN. Can it be implemented through valn or macvlan, etc

What are you hoping to achieve. Normally, you will have a wan connection that goes into the wan of OpenWrt. From there, OpenWrt will create a lan for your internal network, and the router will handle routing from the lan to wan (and back, of course).

esxi has only one 10G network adapter. If it wants to pass through to openwrt, it connects to OpenWRt from the switch, dials up the wan, and returns to the switch as a lan. In addition, other esxi VMS also need to connect to the lan

oh... I see. So you don't want to bridge the wan and lan, you want to create a trunk port that carries both over the same physical port.

Are you using a managed switch?

Yes, there is only one network card, which needs to be used as a wan dial, and needs to be used as a lan and virtual network card eth1 bridge to form a LAN

Is the switch managed? That is the most important thing.

Is the switch managed? Yes.


I added the topology diagram

Using the translation software, I express and translate the difference

As long as the 10G ethernet port is passed directly through to OpenWrt without any host or ESXI intervention, you should be able to carry VLANs through it.

For example, assuming your ISP doesn't already use VLANs for the connection, you can create VLAN 2 for the wan. That would then be untagged on switch port 6 and tagged on switch port 1.

Then, in OpenWrt, make your wan connection eth0.2.

Your lan, can be eth0 (if you leave it untagged), or you can tag it eth0.1 or eth0.x where x is whatever VLAN ID you want to use for the lan.

You mentioned that you also need to make eth1 a lan port, too... so you can create a bridge:

config device
	option name 'br-lan'
	option type 'bridge'
	list ports 'eth0'  
	list ports 'eth1'  

Then you would change the lan to use device br-lan.

Yes, that's what I do, too, but no Internet access

It is possible that the issue is related to either your switch configuration and/or ESXI. But let's look at your config:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network


Sorry, I failed to connect to ssh once. I can only remotely control openwrt screenshots by esxi
If the wan is connected to the network using the default vlan id in dhcp mode and Bridges eth0 and eth1, the eth0 wan cannot obtain an ip address

you should be using a current version of OpenWrt (23.05.2 as of this moment).

The lan gateway should not be there. erase that line.
You can remove the 802.1q stanzas.

Can you show the working configuration?

The ipset function of version 23.05.2 is broken, because of the isp routing function of mwan3, 22.03.6 is selected. I'm new to this operation and don't understand it

Just so you know, 22.03 is nearing EOL status and will be unsupported and will not be patched after it hits EOL.

But please show the working configuration.

What does working configuration mean? x86 hardware and switches for testing?

Yes, and a working internet connection.