Switch config for VLANs on RT4230W with eth0 eth1

I'm having trouble using VLANs on a router with switch (Askey RT4230W REV6).

I have a relatively simple setup on a WRT3200ACM, and I am trying to replicate it on the RT4230W, but cannot figure out what I am doing wrong.

My network config on the WRT3200:

root@WRT3200ACM:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'wan'

config interface 'LAN'
        option device 'br-lan.10'
        option proto 'static'
        option ipaddr '192.168.10.5'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option gateway '192.168.10.1'
        option delegate '0'
        list dns '8.8.8.8'

config device
        option name 'wan'
        option macaddr '26:f5:a2:c6:2a:e8'

config bridge-vlan
        option device 'br-lan'
        option vlan '10'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        list ports 'wan'

config bridge-vlan
        option device 'br-lan'
        option vlan '20'
        list ports 'wan:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '30'
        list ports 'wan:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '40'
        list ports 'wan:t'

config interface 'USER'
        option proto 'none'
        option device 'br-lan.20'

config interface 'IOT'
        option proto 'none'
        option device 'br-lan.40'

config interface 'GUEST'
        option proto 'none'
        option device 'br-lan.30'


I'm using the WAN port as a trunk to an OPNsense device. OpenWRT is acting as a AP only. Everything works fine without issues for several months.

How would I create a similar setup on a router with 2 eth ports and a switch?

I tried the below and many other permutations but in all combinations no internet connection over VLAN or DHCP is recieved from the OPNsense device.
I'm not sure how to troubleshoot the issue either.

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0.2'
        list ports 'eth1.1'

config interface 'lan'
        option device 'eth1.10'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option delegate '0'
        list dns '8.8.8.8'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'

config interface 'USER'
        option proto 'none'
        option device 'eth0.30'

config interface 'GUEST'
        option proto 'none'
        option device 'eth0.20'

config interface 'IOT'
        option proto 'none'
        option device 'eth0.40'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '20'
        option description 'USER'
        option ports '0t 1t'

config switch_vlan
        option device 'switch0'
        option vlan '4'
        option vid '30'
        option description 'GUEST'
        option ports '0t 1t'

config switch_vlan
        option device 'switch0'
        option vlan '5'
        option ports '0t 1t'
        option vid '40'
        option description 'IOT'

config switch_vlan
        option device 'switch0'
        option vlan '6'
        option ports '6t 2 3 4 5 1'
        option vid '10'
        option description 'LAN'


Do I need to change something for the br-lan?
I've tried using just 1 eth0 or eth1, using the existing VLAN 1 and 2 etc etc, but nothing seems to be the right combination. I hope I am missing something simple.

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth1.10'

config interface 'lan'
        option device 'br-lan'
        ...

config switch_vlan
        option device 'switch0'
        option vlan '6'
        option ports '6t 2 3 4 5 1'
        option vid '10'
        option description 'LAN'

If you'd flash a current (main-) snapshot image, you'd get DSA for ipq806x (as in your rt4230w) as well, giving you the same configuration interface for both of your routers, which might make things easier.

2 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.