Here's the configs I use for my WRT1900ACS, which is configured as a smart switch
-
/etc/config/dhcp# ##::[[--- LEDE LAN DHCP Config ---]]::## #################################################### ##----- DNS Server -----## #################################################### # DNS Masq # #--------------------------------------------------- config dnsmasq option domain 'WRT' option local '/lan/' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' option localise_queries 1 option readethers 1 option localservice 1 option logquerries 1 option domainneeded 1 option filterwin2k 0 option authoritative 0 option rebind_protection 0 option sequential_ip 1 option nonwildcard 0 #################################################### ##----- oDHCPd Server -----## #################################################### # oDHCPd # #--------------------------------------------------- config odhcpd 'odhcpd' option maindhcp 0 option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update' option loglevel 4 #################################################### ##----- DHCP Settings -----## #################################################### # LAN: Home Network # #--------------------------------------------------- config dhcp 'lan' option interface 'lan' option leasetime '24h' option dhcpv6 'server' option ra 'server' option ra_management 1 option start 40 option limit 10 option force 1
-
/etc/config/firewall# ##::[[--- LEDE LAN Firewall Config ---]]::## #################################################### ##----- Scripts -----## #################################################### config include option path '/etc/firewall.user' #################################################### ##----- Blocked IPs & MACs -----## #################################################### # Devices # #--------------------------------------------------- #################################################### ##----- Default Zone -----## #################################################### config defaults option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option custom_chains 1 option drop_invalid 0 option synflood_protect 0 option tcp_syncookies 1 #################################################### ##----- Zones -----## #################################################### # LAN # #--------------------------------------------------- config zone option name 'lan' option network 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT'
-
/etc/config/network# ##::[[--- LEDE LAN Network Config ---]]::## #################################################### ##----- Global -----## #################################################### # Globals # #--------------------------------------------------- config globals 'globals' option ula_prefix 'fde1:a11b:b64f::/48' #################################################### ##----- Active Networks w/ LAN-----## #################################################### # Loopback # #--------------------------------------------------- config interface 'loopback' option ifname 'lo' option proto 'static' option ipaddr 127.0.0.1 option netmask 255.0.0.0 # LAN: Home Network # #--------------------------------------------------- config interface 'lan' option ifname 'eth0.1 eth1.2' option _orig_ifname 'eth0.1' option type 'bridge' option _orig_bridge 'true' option proto 'static' option ip6assign 60 option ipaddr 192.168.20.1 option netmask 255.255.255.192 option broadcast 192.168.20.63 option dns 192.168.20.62 option gateway 192.168.20.62 option force_link 1 #################################################### ##----- Virtual Switches -----## #################################################### # vSwitches # #--------------------------------------------------- # Switch 0: config switch option name 'switch0' option reset 1 option enable_vlan 1 # vLANs # #--------------------------------------------------- # 1: LAN config switch_vlan option device 'switch0' option vlan 1 option ports '0 1 2 3 4 5t 6t' #################################################### ##----- Inactive Networks for WAN -----## #################################################### # LAN # #--------------------------------------------------- #config interface 'lan' # option ifname 'eth0.1' # option type 'bridge' # option proto 'static' # option ip6assign 60 # option ipaddr 192.168.20.1 # option netmask 255.255.255.192 # option broadcast 192.168.20.63 # option dns '208.67.222.222 208.67.220.220' # option force_link 1 # WAN # #--------------------------------------------------- #config interface 'wan' # option ifname 'eth1.2' # option proto 'dhcp' #config interface 'wan6' # option ifname 'eth1.2' # option proto 'dhcpv6' #################################################### ##----- Inactive Virtual Switches -----## #################################################### # vLANs # #--------------------------------------------------- # 2: WAN: #config switch_vlan # option device 'switch0' # option vlan 2 # option ports '4 6t'- Where
192.168.20.62is the LAN IP of your WAN facing router
- Where
.
Here's how I've laid out my file system, of which allows for an easy switch back to a router, and vice versa
- I recommend saving all your WAN configs to either external storage, or
/etc/config/WAN/-
Files specific for WAN:
- ddns
- dhcp
- firewall
- network
- qos
- sqm
/etc/config: 0 drwxr-xr-x 2 root root 162 Oct 1 06:01 LAN 0 drwxr-xr-x 1 root root 304 Oct 1 06:01 WAN 12 -rw-r--r-- 1 root root 9992 Oct 1 06:01 adblock 4 -rw-r--r-- 1 root root 1176 Oct 1 06:01 aria2 4 -rw-r--r-- 1 root root 148 Jan 18 20:38 attendedsysupgrade 4 -rw-r--r-- 1 root root 494 Oct 1 06:01 cshark 4 -rw-r--r-- 1 root root 590 Jan 18 20:38 ddns 12 -rw-r--r-- 1 root root 9871 Oct 1 12:48 dhcp 4 -rw-r--r-- 1 root root 462 Oct 1 06:01 dropbear 4 -rw-r--r-- 1 root root 720 Oct 1 06:01 etherwake 16 -rw-r--r-- 1 root root 12691 Oct 1 12:26 firewall 4 -rw-r--r-- 1 root root 941 Oct 1 06:01 fstab 4 -rw-r--r-- 1 root root 379 Oct 1 06:01 hd-idle 4 -rw-r--r-- 1 root root 797 Jan 18 20:38 luci 8 -rw-r--r-- 1 root root 6578 Oct 1 06:01 luci_statistics 8 -rw-r--r-- 1 root root 6065 Oct 1 12:42 network 4 -rw-r--r-- 1 root root 3906 Oct 1 06:01 openvpn 4 -rw------- 1 root root 743 Oct 1 06:01 openwisp 4 -rw-r--r-- 1 root root 366 Oct 1 06:01 p910nd 4 -rw-r--r-- 1 root root 3276 Oct 1 06:01 qos 4 -rw------- 1 root root 97 Oct 1 06:01 rpcd 4 -rw-r--r-- 1 root root 820 Oct 1 06:01 samba 1 -rw-r--r-- 1 root root 939 Oct 1 06:01 sqm 4 -rw------- 1 root root 174 Oct 1 06:01 sysstat 4 -rw-r--r-- 1 root root 2738 Oct 1 06:01 system 4 -rw-r--r-- 1 root root 115 Jan 18 20:38 ubootenv 4 -rw-r--r-- 1 root root 856 Jan 18 20:38 ucitrack 4 -rw------- 1 root root 1801 Oct 1 06:01 uhttpd 4 -rw-r--r-- 1 root root 1019 Oct 1 06:01 wifi_schedule 8 -rw------- 1 root root 6988 Dec 8 19:29 wireless /etc/config/LAN: 1 -rw-r--r-- 1 root root 1281 Oct 1 06:01 ddns.LAN 11 -rw-r--r-- 1 root root 10855 Oct 1 06:01 dhcp.LAN 9 -rw-r--r-- 1 root root 9363 Oct 1 06:01 firewall.LAN 5 -rw-r--r-- 1 root root 5323 Oct 1 06:01 network.LAN 4 -rw-r--r-- 1 root root 3853 Oct 1 06:01 qos.LAN 1 -rw-r--r-- 1 root root 939 Oct 1 06:01 sqm.LAN /etc/config/WAN: 4 -rw-r--r-- 1 root root 1281 Oct 1 06:01 ddns.WAN 8 -rw-r--r-- 1 root root 7920 Oct 1 06:01 dhcp.WAN 16 -rw-r--r-- 1 root root 13757 Oct 1 06:01 firewall.WAN 5 -rw-r--r-- 1 root root 5330 Oct 1 06:01 network.WAN 4 -rw-r--r-- 1 root root 3853 Oct 1 06:01 qos.WAN 1 -rw-r--r-- 1 root root 939 Oct 1 06:01 sqm.WAN
-