Understanding DSA

Installing and Using OpenWrt
1

Today I got faced with DSA. I completley forgot about because my devices are still not converted. I've read some threads here but I still have some questions:

  • Is there any timeframe when there will be a LuCI click solution be available?
  • Is it right that if I say that there is no "real" VLAN available anymore? In terms that the CPU isn't involved anymore. Instead the "switch/driver" itself is tagging now directly.
  • Configuration is done with ip and ip-bridge? Or do I miss here something (had to find out that I have to install it :smiley: ?
  • Given I would split off eth4 on my EdgeRouterX:
config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option macaddr ':EF:76:1C'
        option ip6assign '64'
        option gateway '192.168.178.40'
        option ipaddr '10.0.1.1'
        option ifname 'eth1 eth2 eth3'

config interface 'zedge'
        option proto 'static'
        option gateway '192.168.179.40'
        option netmask '255.255.255.0'
        option ip6assign '64'
        option macaddr ':20:1D:AB'
        list ip6class 'wan6'
        list ip6class 'local'
        option ip6ifaceid 'eui64'
        option ifname 'eth4'
        option ipaddr '10.0.5.1'

What I have to do now is (I don't know for sure so it is more a question):

# setup a "new" bridged interface for tagging:
ip link add name br-zedge type bridge
# enable/setup tagging for new interface:
ip link set dev br-zedge type bridge vlan_filtering 1
# assign interfaces to br-zedge:
ip link set dev eth4 master br-zedge
# remove "old" tag and assign new the tag:
bridge vlan del dev eth4 vid 1 # should not be necessary because br-lan is not vlan aware by default?
bridge vlan add dev eth4 vid 10 pvid tagged # add new tag
  • Wouldn't it be enough to just assign/remove tag on eth4 and forget about the bridge or am I wrong? I did not test so far anything. This is just guessing.
  • Given I want to add tag 10 to eth3 on br-lan. How would I do that? I would do it like that:
ip link set dev br-lan type bridge vlan_filtering 1
bridge vlan add dev eth3 vid 10 pvid tagged

Thx for help/input in advance. ^^

2

Might take a stab at this, still did not work the last time I tried, and I have not seen further commits in support of method; there is a LuCI PR4307 in support of that method.

1 Like
3

Thanks for your input. My setup here at home is not that complex so I will try to setup DSA Vlan this weekend. If things fail I will go for 19.07.4 or classic with routing, firewalling and more cables between my subnets.

4

I still need advise on DSA. My setup is working since a while now (in terms of tagging etc.). But I have a side-effect which is very annoying:

I have the similar issue as described here:

I have a similar setup as pmelange, just with more than only one untagged VLAN. Creating the bridge in /etc/config/network like in the above examples causes the bridge to come up with all ports set to VLAN 1 untagged. This causes leakage between all untagged VLANs during boot time. After the hotplug script runs and VLAN 1 is removed from all ports, everything is fine again - but the damage is already done, e.g. clients being unreachable because they received DHCP IP addresses from the wrong VLAN.

First what I did was to disable autostart of interfaces. So I've just put my dsa setup into rc.local (in addition to the hotplug script) and executing ifup after dsa-setup has finished.

This is working (in terms of no VLAN 1 leakage anymore). Until other services want to get connected to those interfaces during bootup (in before ofc). Like S95done, DNSmasq, nlbwmon, collectd, sqm, etc. This is horrible in terms of race conditions/regressions.

So the only option I have is to disable most services by default and start them right after dsa setup finished.

Basically I imagine sth. like a stall/hold until DSA setup has finished. But I lacking knowledge about startup internals. How could I fix this propberly?