Swconfig versus etc/config/network

Pippo · November 16, 2018, 11:41am

While working toward this Swconfig router and switch gl.inet ar150
trying to troubleshooting this Router-set-up advertising

be patient with my I started 3 months ago.

I need to figure out how the swconfig is related to etc/confi/network

My swconfig options:

root@OpenWrt:/# swconfig dev eth0 help
switch0: eth0(AR934X built-in switch), ports: 6 (cpu @ 0), vlans: 16
     --switch
        Attribute 1 (int): enable_vlan (Enable VLAN mode)
        Attribute 2 (int): mirror_monitor_port (Mirror monitor port)
        Attribute 3 (none): apply (Activate changes in the hardware)
        Attribute 4 (none): reset (Reset the switch)
     --vlan
        Attribute 1 (int): vid (VLAN ID)
        Attribute 2 (ports): ports (VLAN port mapping)
     --port
        Attribute 1 (int): enable_mirror_rx (Enable mirroring of RX packets)
        Attribute 2 (int): enable_mirror_tx (Enable mirroring of TX packets)
        Attribute 3 (int): pvid (Primary VLAN ID)
        Attribute 4 (unknown): link (Get port link information)

swconfig dev eth0 show

Global attributes:
        enable_vlan: 0
        mirror_monitor_port: 5
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:1 link:down
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:5 link:down
VLAN 0:
        vid: 0
        ports: 0 1 2 3 4 5

If I set :

root@OpenWrt:/# swconfig dev eth0 port 1 get  enable_mirror_rx 
0
root@OpenWrt:/# swconfig dev eth0 port 1 set enable_mirror_rx 1
root@OpenWrt:/# swconfig dev eth0 port 1 get  enable_mirror_rx 
1
root@OpenWrt:/# swconfig dev eth0 show
Global attributes:
        enable_vlan: 0
        mirror_monitor_port: 5
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
        enable_mirror_rx: 1
        enable_mirror_tx: 0
        pvid: 0
        link: port:1 link:down
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:5 link:down
VLAN 0:
        vid: 0
        ports: 0 1 2 3 4 5 
root@OpenWrt:/#

as soon as I do a network reload etc/init.d/network reload

I loose my swconfig set up.

My etc/config/network switch parts contains

config switch
        option name 'eth0'
        option reset '1'
        option enable '1'
        option enable_vlan '0'
        option mirror_monitor_port '5'

and through this I am able to change the boot up set up from

 swconfig dev eth0 show
Global attributes:
        enable_vlan: 0
        mirror_monitor_port: 15

to

 swconfig dev eth0 show
Global attributes:
        enable_vlan: 0
        mirror_monitor_port: 5

But for the other parameters I am at loss. Can't find anything that works on the wiki or the forum
and cannot grasp the logic or syntax or whatever is called of the Uci (are we talkin about uci here ?)
and config files.

help !!!

jow · November 16, 2018, 11:44am

config switch_port
        option device 'eth0'
        option port '1'
        option enable_mirror_rx '1'

lleachii · November 16, 2018, 1:14pm

Pippo · November 16, 2018, 2:25pm

hi @jow @lleachii nope

config switch_port
        option device 'eth0'
        option port '1'
        option enable_mirror_rx '1'

no luck

tried a lot of different option from the wiki but no success

Pippo · November 16, 2018, 2:31pm

swconfig dev eth0 port 1 set enable_mirror_rx 1

swconfig dev eth0 port 1 set enable_mirror_tx 1

works only if I already selected mirror_monitor_port with an available value

if mirror_monitor_port: 15 doesnt work

if mirror_monitor_port: 5 it works

but then after network reload everything goes missing

jow · November 16, 2018, 2:36pm

Please provide the complete /etc/config/network you unseccessfully tried

Pippo · November 16, 2018, 2:46pm

config switch
        option name 'eth0'
        option reset '1'
        option enable_vlan '0'
        option mirror_monitor_port '5'
config switch_port
        option device 'eth0'
        option port '1'
        option enable_mirror_rx '1'

Pippo · November 16, 2018, 3:49pm

and once again going back to: Swconfig router and switch gl.inet ar150

this is what luci tries to set up:

config switch 'eth0'
        option name 'eth0'
        option enable_mirror_rx '1'
        option enable_mirror_tx '1'
        option mirror_source_port '0'
        option mirror_monitor_port '4'

of course my topology is wrong

Switch "eth0" has an unknown topology - the VLAN settings might not be accurate.

luci-switch

and swconfig:

Global attributes:
        enable_vlan: 1
        mirror_monitor_port: 4
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:5 link:down
VLAN 0:
        vid: 0
        ports: 0 1 2 3 4 5

so even Luci can't set up it correctly

but will the

config switch 'eth0'
        option name 'eth0'
        option enable_mirror_rx '1'
        option enable_mirror_tx '1'
        option mirror_source_port '0'
        option mirror_monitor_port '4'

attempt have the right syntax ?? who knows ?

can I borrow an ar934x Soc uci setup for my target/linux/ar71xx/base-files/etc/board.d/02_network set up ?

why Luci tries to turn on the Vlan function of my switch ?

lleachii · November 16, 2018, 3:57pm

Because; in order to mirror a port - ports on a switch have to be on a VLAN. Basically - VLANs must be enabled!

Pippo · November 16, 2018, 4:38pm

Hi thank a lot

this gives me a completely new perspective to work on.

Can we have a port mirroring section in the wiki. I think it would be useful at least to me.

any hints on the 02_network uci set-up ?

In my swconfig I have six ports

0 (cpu I believe eth0) 1 2 3 4 5

1 and 5 are the port connected to an actual rj45 plug.

jeff · November 16, 2018, 5:16pm

You may also need to ensure that the port to which you're mirroring packets isn't "connected" to anything else. Most of the managed switches I have worked with only allow mirroring to a port that is otherwise "unused".

Pippo · November 16, 2018, 5:51pm

HI Jeff,

hope its the case !! I spent last two months trying to rewire the router to get the two plug i needed for the

monitoring ( of course in the meanwhile I learnt the very basic of patches, git, repos, nano, wireshark, serial etc.. not to mention managing VMs with full virtual HDD..)

just today I figured out 'git worktree add' to work at the same time with the standard router configuration and

my modded one.

I believe the road is going to be bumpy again soon but its big fun.

Thanks a lot to everybody

dlang · November 16, 2018, 7:14pm

They will need the entire file, not just a snippet of it.

David Lang

Pippo · November 17, 2018, 8:29am

Just realized my swconfig dev eth0 show

root@OpenWrt:/# swconfig dev eth0 help
switch0: eth0(AR934X built-in switch), ports: 6 (cpu @ 0), vlans: 16
     --switch
        Attribute 1 (int): enable_vlan (Enable VLAN mode)
        Attribute 2 (int): mirror_monitor_port (Mirror monitor port)
        Attribute 3 (none): apply (Activate changes in the hardware)
        Attribute 4 (none): reset (Reset the switch)
     --vlan
        Attribute 1 (int): vid (VLAN ID)
        Attribute 2 (ports): ports (VLAN port mapping)
     --port
        Attribute 1 (int): enable_mirror_rx (Enable mirroring of RX packets)
        Attribute 2 (int): enable_mirror_tx (Enable mirroring of TX packets)
        Attribute 3 (int): pvid (Primary VLAN ID)
        Attribute 4 (unknown): link (Get port link information)

Is missing the

 option mirror_source_port '

Pretty sure this happen in both the normal and modded configuration

Any clue ?

lleachii · November 17, 2018, 10:05am

~~Interesting...this means...~~

~~You can mirror packets; but cannot select what port...oddly enough, those options appear under switch on my device.~~

You do understand, this is a two (2) port switch per the techdata page, correct?
Also, I noticed your screenshot of the Switch page on the web GUI is blank...

Pippo · November 17, 2018, 11:36am

Yes I understand that but since I am completely unaware of linuxing and routing and having swconfig in normal build showing me 4 ports I assumed that the switch was there only and that only the physical rj45 connections were missing. In normal config ar7240 built in switch I could only see port 0 (CPU maybe) and port 1 eth1. In my random ar9344 built in switch config I got an extra port 5 where I can see link up and speed data and where I saw data flowing using wireshark on my PC with my mic in promiscuous mode. At first I thought that vlan was not necessary for port mirroring and that the options on swconfig dev switch0 help were there because of the hardware ability through specific driver to mirror ports. Now as you explained me I understand that for my switch to be able to port mirror I need to set up Vlans; a topic that so far I deliberately skipped because seems really difficult to understand. I’ll try to figure it out and ask less questions untill I have a more defined picture of what is going on clear in my mind. That is why at the beginning of my adventure I was asking about ways to understand openwrt overview in terms of how the system works. I know I should read the code as per Linus Torvald doctrine but I am missing the basic so trying to give my best with what I have got. Thank again. I’ll try to bother less.

Pippo · November 18, 2018, 1:04pm

Hi again

to have a way to better understand my set up I got my hands on a nice and very cheap USB to ethernet adapter.

Now my PC has got 2 nic cards one is connected to my minirouter 1st rj45 plug and the second to the 2nd
rj45 plug.

I connect my PC to the router using the 1st card (I add the ethernet card MAC address to the Connection
configuration to be sure to use that one)

As per my [Solved] Router-set-up advertising problem (but let's not discuss that here)
I need to ping a random device on the subnet from serial console to have my PC aware of the minirouter
but after that (help please !!??) I am able to ssh to the router and I have access to Luci.

Now using these three lines from console on my 2 physical port router where swconfig shows 5 port entries


 swconfig dev eth0 set mirror_monitor_port '5'
 
 swconfig dev eth0 port '1' set enable_mirror_rx '1'

 swconfig dev eth0 port '1' set enable_mirror_tx '1'

I get

Global attributes:
        enable_vlan: 0
        mirror_monitor_port: 5
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
	enable_mirror_rx: 1
	enable_mirror_tx: 1
	pvid: 0
	link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:5 link:up speed:100baseT full-duplex auto
VLAN 0:
        vid: 0
        ports: 0 1 2 3 4 5

Opening up two wireshark instances on my PC

-1st using 1st card connected to router in promiscuous mode port 1

-2nd using 2nd card connected to router in promiscuous mode port 5 (THE MONITOR PORT)

Everything works nicely !!!!

1st Wireshark istance sees traffic from 192.168.1.1 to 192.168.1.2
and from 192.168.1.2 to 192.168.1.1

2nd Wireshark istances THE MONITOR PORT sees traffic from 192.168.1.1 to 192.168.1.2
and from 192.168.1.2 to 192.168.1.1

if I type on router console

swconfig dev eth0 port '1' set enable_mirror_tx '0'

1st Wireshark istance sees traffic from 192.168.1.1 to 192.168.1.2
and from 192.168.1.2 to 192.168.1.1

2nd Wireshark istances THE MONITOR PORT sees traffic from 192.168.1.2 to 192.168.1.1

and if I type

if I type on router console

swconfig dev eth0 port '1' set enable_mirror_tx '1'

swconfig dev eth0 port '1' set enable_mirror_rx '0'

1st Wireshark istance sees traffic from 192.168.1.1 to 192.168.1.2
and from 192.168.1.2 to 192.168.1.1

2nd Wiresharkistances THE MONITOR PORT sees traffic from 192.168.1.1 to 192.168.1.2

so apparently my set up doesnt need Vlan to enable port mirroring.

Problem remains because when I start Luci (I was monitoring packets relating to Luci itself)

I get

luci_monitor_ok

and if save and apply Luci switch config page I end up with

config switch 'eth0'
	option name 'eth0'
	option reset '1'
	option enable_mirror_rx '1'
	option enable_mirror_tx '1'
	option mirror_monitor_port '5'
	option mirror_source_port '0'

in my etc/config/network file

once again when I use etc/init.d/network reload

I loose my monitor port and swconfig dev eth0 shows:

Global attributes:
	enable_vlan: 1
	mirror_monitor_port: 5
Port 0:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:2 link:down
Port 3:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:3 link:down
Port 4:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:4 link:down
Port 5:
	enable_mirror_rx: 0
	enable_mirror_tx: 0
	pvid: 0
	link: port:5 link:up speed:100baseT full-duplex auto
VLAN 0:
	vid: 0
	ports: 0 1 2 3 4 5

Any clue ?

Pippo · November 19, 2018, 10:42am

wrong information in previous post, deleted by me.

Pippo · November 19, 2018, 3:19pm

Hi using new approach:

deleted all my etc/config/network : rm etc/config/network

changed the etc/board.d/02_network for gl-ar150

from

gl-ar150)
	ucidef_set_interfaces_lan_wan "eth1" "eth0"

to

gl-ar150)
                 ucidef_add_switch "switch0" \
                        "0@eth0" "1:lan:1" "5:mir:5"

removed etc/board.json: rm etc/board.json

start from scratch reboot (or rebuild board.json with bin/board_detect and then

config_generate then etc/init.d/network reload)

Still problems with [Solved] Router-set-up advertising

need to ping subnet from router to be able to access Luci e ssh

nevertheless Luci/uci created:

ls -ls sys/class/net/

     0 lrwxrwxrwx    1 root     root             0 Nov 12 16:16 br-lan -> ../../devices/virtual/net/br-lan
     0 lrwxrwxrwx    1 root     root             0 Jan  1  1970 eth0 -> ../../devices/platform/ag71xx.1/net/eth0
     0 lrwxrwxrwx    1 root     root             0 Nov 12 16:16 eth0.1 -> ../../devices/virtual/net/eth0.1
     0 lrwxrwxrwx    1 root     root             0 Nov 12 16:21 eth0.2 -> ../../devices/virtual/net/eth0.2
     0 lrwxrwxrwx    1 root     root             0 Jan  1  1970 lo -> ../../devices/virtual/net/lo
     0 lrwxrwxrwx    1 root     root             0 Nov 12 16:16 wlan0 -> ../../devices/platform/ar933x_wmac/net/wlan0

etc/confignetwork:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'auto'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'mir'
        option ifname 'eth0.2'
        option proto 'none'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '1 0t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '5 0t'

swconfig dev eth0 show gives:

Global attributes:
        enable_vlan: 1
        mirror_monitor_port: 15
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 1
        link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 2
        link: port:5 link:up speed:100baseT full-duplex auto
VLAN 0:
        vid: 0
        ports: 0t 2 3 4 
VLAN 1:
        vid: 1
        ports: 0t 1 
VLAN 2:
        vid: 2
        ports: 0t 5

pinging 192.168.1.8

I can connect to Luci:

luci-switch-before

If I set enable mirroring of incoming/outgoing packets:

luci-switch-after

and then Save & Apply:

etc/config/network change in

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'auto'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth0.1'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'mir'
        option ifname 'eth0.2'
        option proto 'none'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'
        option enable_mirror_rx '1'
        option enable_mirror_tx '1'
        option mirror_source_port '1'
        option mirror_monitor_port '5'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option ports '0t 1'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option ports '0t 5'
        option vid '2'

swconfig dev eth0 show:

Global attributes:
       enable_vlan: 1
       mirror_monitor_port: 5
Port 0:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 0
       link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 1
       link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 0
       link: port:2 link:down
Port 3:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 0
       link: port:3 link:down
Port 4:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 0
       link: port:4 link:down
Port 5:
       enable_mirror_rx: 0
       enable_mirror_tx: 0
       pvid: 2
       link: port:5 link:up speed:100baseT full-duplex auto
VLAN 0:
       vid: 0
       ports: 0t 2 3 4 
VLAN 1:
       vid: 1
       ports: 0t 1 
VLAN 2:
       vid: 2
       ports: 0t 5

still port mirroring doesnt work untill I add:

root@OpenWrt:/# swconfig dev eth0 port '1' set enable_mirror_rx '1'     
root@OpenWrt:/# swconfig dev eth0 port '1' set enable_mirror_tx '1'
root@OpenWrt:/# swconfig dev eth0 show

that gives:

Global attributes:
        enable_vlan: 1
        mirror_monitor_port: 5
Port 0:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:0 link:up speed:1000baseT full-duplex txflow rxflow 
Port 1:
        enable_mirror_rx: 1
        enable_mirror_tx: 1
        pvid: 1
        link: port:1 link:up speed:100baseT full-duplex auto
Port 2:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:2 link:down
Port 3:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:3 link:down
Port 4:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 0
        link: port:4 link:down
Port 5:
        enable_mirror_rx: 0
        enable_mirror_tx: 0
        pvid: 2
        link: port:5 link:up speed:100baseT full-duplex auto
VLAN 0:
        vid: 0
        ports: 0t 2 3 4 
VLAN 1:
        vid: 1
        ports: 0t 1 
VLAN 2:
        vid: 2
        ports: 0t 5

I'll try @jow


config switch_port
        option device 'eth0'
        option port '1'
        option enable_mirror_rx '1'

in etc/config/network and let you know.

Pippo · November 21, 2018, 10:38am

deleted wrong