Dear All,
I just got my hands on a bt home hub 5a running LEDE 17.01.2 and this seemed like a nice replacement for my old VDSL modem and wndr3700v2 at the same time.
Unfortunately however, running the vdsl interface, NAT, PPPoE, sqm/cake for a 50/10Mbps link, and two wlan radios on that device seems to require more CPU cycles than this router has to spare.
Symptom: while running a taxing speedtest over the 5GHz radio or even a lan port, the router runs at a flat 0% idle and 95+% sirq.
Since I still have the old router that could do all of the above (modulo the vdsl interface/modem) with cycles to spare, I now plan to have the home hub just run the vdsl duty in bridge mode, so my old router will keep doing its job.
I would guess in principle, "all" I need to do is to disable the firewall and bridge the ptm interface with the lan switch (bonus points for allowing to pass vlan tags from the LAN ports to the ptm0 interface). That seems almost too easy conceptually (and yet I have no clue yet how to achieve that in practice).
If anyone has done that already or failed doing so I would love to hear about it... I have seen https://forum.openwrt.org/t/wan-dsl-bridge-mode/912 but that did not really end up successful (or at least the success report is missing).
{SOLUTION] thanks to @Trismo I got a working configuration (my ISP is deutsche telekom (DTAG), the link is a VDSL50 link @BRAS without vectoring, I expect I will need to get a vectoring capable firmware on the modem once vectoring is activated on my link, but I will cross that bridge once I get there... Anyway, DTAG uses PPPoE and VLAN7 between the modem and the BRAS/BNG):
on the home hub 5 a:
root@BTHH5A:~# cat /etc/config/network
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fdd9:e73d:3c4a::/48'
config atm-bridge 'atm'
option vpi '1'
option vci '32'
option encaps 'llc'
option payload 'bridged'
config dsl 'dsl'
option xfer_mode 'ptm'
option annex 'b'
option tone 'bv'
option line_mode 'vdsl'
config device 'ptm_dev'
option ifname 'ptm0'
option name 'ptm0.7'
option type '8021q'
option mtu '1500'
option mac 'AA:BB:CC:DD:EE:FF'
option vid '7'
config interface 'modem'
option type 'bridge'
option delegate '0'
option _orig_ifname 'eth0.2 ptm0.7'
option _orig_bridge 'true'
option ifname 'eth0.7 ptm0.7'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.100.1'
option _orig_ifname 'eth0.1 wlan0 wlan1'
option _orig_bridge 'true'
option ifname 'eth0.1 eth0.2'
config device 'lan_dev'
option name 'eth0.1'
option macaddr 'c8:91:FF:FF:FF:FF'
config interface 'wan'
option proto 'pppoe'
option ipv6 '1'
option pppd_options 'debug'
option _orig_ifname 'ptm0.101'
option _orig_bridge 'false'
option ifname 'ptm0.7'
option username '${SECRETNUMBER}@t-online.de'
option password '${SECRETPASSWORD}'
config device 'wan_dev'
option name 'ptm0'
option macaddr 'AA:BB:CC:DD:EE:FF'
config interface 'wan6'
option ifname '@wan'
option proto 'dhcpv6'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0 1 2 4 6t'
config switch_vlan
option device 'switch0'
option vlan '2'
option vid '2'
option ports '5t 6t'
config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '5t 6t'
config switch_vlan
option device 'switch0'
option vlan '4'
option ports '5t 6t'
option vid '4'
config switch_vlan
option device 'switch0'
option vlan '5'
option vid '5'
option ports '5t 6t'
config switch_vlan
option device 'switch0'
option vlan '6'
option vid '6'
option ports '5t 6t'
config switch_vlan
option device 'switch0'
option vlan '7'
option vid '7'
option ports '5t 6t'
I left my wan pppoe stanza in there, in case I quickly want to turn the modem into a full router, but this is not connected.
The more critical part seems to have been to fill up all VLAN IDs up to the highest in use, other wise it seems neither the VLAN7 packets for the modem bridge nor the VLAN2 packets for the lan bridge were delivered correctly. On the wndr3700v2 I have the following noteworthy sections in /etc/config/network:
config interface 'wan'
option _orig_ifname 'eth1'
option _orig_bridge 'false'
option proto 'pppoe'
option ipv6 'auto'
option ifname 'eth1.7'
option username '${SECRETNUMBER}@t-online.de'
option password '${SECRETPASSWORD}'
config interface 'WAN4BTHH5A'
option proto 'static'
option ipaddr '192.168.100.2'
option netmask '255.255.255.0'
option _orig_ifname 'eth1'
option _orig_bridge 'false'
option ifname 'eth1.2'
WAN4BTHH5A is also assigned to the wan firewall zone. And that basically seems to do what I want, offloading PPPoE&NAT&SQM from the home hub, but still allowing easy access to the home hub's LUCI GUI. I believe I learned a bit about VLANs, so thanks again @trismo.
What I am not too sure about is how save this is against attacks from the outside; but it certainly is nice to have a 'VDSL-modem" with all the bells and whistles LEDE can offer
Best Regards