Swconfig > DSA, WRT3200ACM

Hey!

I'm still using 19.07.10 with my WRT3200ACM because of swconfig or rather DSA.
I've tried to use DSA in the past but never got it to work with my network config and gave up because my WRT3200ACM is the main router in my network. Anyway I would like to give 23.05.0-rc1 a try but I need a proper function VLAN config.

Could someone please give me a helping hand and tell me if my swconfig would work with DSA?
If u think that my VLAN config should be done different let me know. I'm happy to start from the scratch if it's worth it...

Network config:

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ipaddr '192.168.1.1'
	option netmask '255.255.255.0'

config interface 'guest'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.55.1'
	option netmask '255.255.255.0'
	option ifname 'eth0.3'

config interface 'psx'
	option type 'bridge'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '192.168.100.1'
	option ifname 'eth0.15'

config interface 'modem'
	option proto 'static'
	option ipaddr '192.168.254.1'
	option netmask '255.255.255.0'
	option ifname 'eth1.42'

config interface 'wan'
	option ifname 'eth1.7'
	option proto 'pppoe'
	option username ''
	option ipv6 'auto'
	list dns '1.1.1.1'
	option peerdns '0'
	option password ''
	option pppd_options 'debug'

config interface 'wan6'
	option ifname 'eth1.7'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan 'lan_switch'
	option device 'switch0'
	option vlan '1'
	option ports '5t 3t 2 1 0'
	option vid '1'
	option description 'LAN'

config switch_vlan 'guest_switch'
	option device 'switch0'
	option vlan '3'
	option ports '5t 3t'
	option vid '3'
	option description 'GUEST'

config switch_vlan 'consoles_switch'
	option device 'switch0'
	option vlan '15'
	option ports '5t 3t'
	option vid '15'
	option description 'PSX'

config switch_vlan 'mgmt_switch'
	option device 'switch0'
	option vlan '42'
	option ports '6t 4t'
	option vid '42'
	option description 'MODEM'

config switch_vlan 'wan_switch'
	option device 'switch0'
	option vlan '7'
	option ports '6t 4t'
	option vid '7'
	option description 'WAN'

Switch config Luci:

vlan_swconfig1146×631 36.4 KB

At a first glance, I don't spot anything that should pose particular problems (and DSA is supposed to express anything swconfig can do anyways). The config is complex, so take your time and move forward in steps (one VLAN at a time), with sufficient testing inbetween (and I would suggest to go with 23.05~ at this point, start from clean sheets once; you already got the advice to use the upcoming -rc2 or a recent 23.05 snapshot).

Hi

i think this will be enough to configure LAN ports, then you could proceed manually with WAN/WIFI

config device
        option name 'switch'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

config bridge-vlan
        option device 'switch'
        option vlan '1'
        list ports 'lan1:t'
        list ports 'lan2:u*'
        list ports 'lan3:u*'
        list ports 'lan4:u*'

config bridge-vlan
        option device 'switch'
        option vlan '3'
        list ports 'lan1:t'

config bridge-vlan
        option device 'switch'
        option vlan '15'
        list ports 'lan1:t'

config interface 'lan'
        option device 'switch.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'

config interface 'guest'
        option device 'switch.3'
        option proto 'static'
        option ipaddr '192.168.55.1'
        option netmask '255.255.255.0'

config interface 'psx'
        option device 'switch.15'
        option proto 'static'
        option ipaddr '192.168.100.1'
        option netmask '255.255.255.0'

hope this will help you

Thanks for your reply, I'll definitely start from scratch if I move away from 19.07.10.
I also forget to mention that I'm using another router running OpenWRT which is acting like a smart switch with wifi AP (DIR-860L B1, also running 19.07.10)

And I'm also running the following ebtables rules to fully isolate wifi clients in the guest network between the OpenWRT devices.

WRT3200ACM:

ebtables -A FORWARD --logical-in br-guest -j DROP # Client Isolation [GUEST]

DIR-860L B1:

ebtables -A FORWARD -i ! eth0.3 -o eth0.3 -j ACCEPT # allow AP clients to talk to router
ebtables -A FORWARD -i eth0.3 -o ! eth0.3 -j ACCEPT # allow router to talk to AP clients
ebtables -A FORWARD --logical-in br-guest -j DROP

So I would also need to figure out if this part would still work with 23.05.x
I guess it would be the best for me to wait for 23.05 rc2 and then do the switch, I've tried snapshot builds in the past and had issues with installing needed packages.

Thank you! This will be a great starting point for me.
The other thing I forgot to mention is that I'm also running a second OpenWRT router with 19.07.10 (DIR-860L B1) which is acting like a smart switch with wifi AP, so I would also need configure this one for DSA.

DIR-860L B1:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdd1:7df9:db49::/48'

config interface 'lan'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.1.2'
	option netmask '255.255.255.0'
	option ifname 'eth0.1'

config interface 'guest'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.55.2'
	option netmask '255.255.255.0'
	option ifname 'eth0.3 eth0.4'

config interface 'psx'
	option proto 'static'
	option type 'bridge'
	option ipaddr '192.168.100.2'
	option netmask '255.255.255.0'
	option ifname 'eth0.15'

config device 'lan_eth0_1_dev'
	option name 'eth0.1'
	option macaddr ''

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '1'
	option ports '6t 4 0t'
	option description 'LAN'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option vid '3'
	option ports '6t 0t'
	option description 'GUEST'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option vid '4'
	option ports '6t 3'
	option description 'GUEST-LAN2'

config switch_vlan
	option device 'switch0'
	option vlan '15'
	option vid '15'
	option ports '6t 2 1 0t'
	option description 'PSX'

Switch config Luci:

vlan_swconfig_21141×675 36.3 KB

Hi

doing advanced networking withs VLANs and relying on someone "pre-made" configs is a bad idea
maybe the best is to convert R#1 as you wanted, have a few day with new DSA semantic and then try to learn / examine network config file
if you get stuck i am sure that someone will help you, but please, step by step, learn & implement

as you see, port names are straight
lan1, lan2, etc
tagging is :t
and access (PVID) is :u*

I hope that I will manage to get everything to work. I'm looking forward to 23.05.0-rc2.

I'm in the same boat, but whatever I do I can't get it to work. I followed https://openwrt.org/docs/guide-user/network/dsa/converting-to-dsa and configured bridge vlan filtering.

Screenshot_20231007_1454061363×850 57.8 KB

Screenshot_20231007_1455231363×850 95.9 KB

Screenshot_20231007_1455451363×850 104 KB

But when I save these settings I always get the "Configuration changes have been rolled back!" error.

Screenshot_20231007_1453141363×850 107 KB

on „general settings“ of your interface „LAN“, set device from „br-lan“ to „br-lan.1“, once you create a VLAN „1“ in br-lan. You must do this in the same „save and apply“ step. If not, you will see the error message as seen.

if you have more bugs, rather post config „network“ file content instead of screenshots.
Example: How to format logs, scripts, configs and general console output

That solved it, thanks!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.