VLAN connection problem

Installing and Using OpenWrt
1

Hi,

I need help configuring a connection between two OpenWrt 24.10 devices.

  • Flint 2 - acts as the main router and supports two internet connections, DSL and Fiber, using MultiWan Manager.
  • BT HomeHub - only works as a DSL modem, but I have access to the WebUI and would like to use it as a switch for VLAN1.
    Below is the connection diagram:

Siec
Siec818×296 39.7 KB

Everything works correctly except for the ability to use the HH as a switch, meaning access to a PC device, e.g., from the Flint or another device on the LAN. The connection can be established, but there is significant packet loss, with an ICMP of around 40%. It looks like some packets go through, then some don't, then some more go through, and so on. Connection from Flint to the HH, both via WebUI and SSH, works without any problems. Using tcpdump, I found that the packet loss occurs between Flint lan.1 (all of them are visible) and HH wan.1 (not all of them are arriving).

Flint:

config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option packet_steering '1'

config device
	option name 'br-lan'
	option type 'bridge'
	option ipv6 '0'
	list ports 'lan1.1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'
	list ports 'lan5'

config interface 'lan'
	option device 'br-lan.1'
	option proto 'static'
	option ipaddr '192.168.2.2'
	option netmask '255.255.255.0'
	option ip6assign '60'
	list dns '192.168.2.2'
	option delegate '0'

config interface 'wan'
	option device 'eth1'
	option proto 'pppoe'
	option username 'XXXXXXXXXXXXXXXXX'
	option password 'XXXXXXXXXXXXXXXXX'
	option ipv6 '0'
	option peerdns '0'
	list dns '1.1.1.1'
	list dns '8.8.8.8'
	option metric '1'

config interface 'wandsl'
	option proto 'pppoe'
	option device 'lan1.35'
	option ipv6 '0'
	option username 'XXXXXXXXXXXXXXXXX'
	option password 'XXXXXXXXXXXXXXXXX'
	option metric '2'
	option peerdns '0'
	list dns '1.1.1.1'
	list dns '8.8.8.8'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '35'
	option name 'lan1.35'
	option ipv6 '0'

config device
	option type '8021q'
	option ifname 'lan1'
	option vid '1'
	option name 'lan1.1'
	option ipv6 '0'

config bridge-vlan
	option device 'br-lan'
	option vlan '1'
	list ports 'lan1.1:u*'
	list ports 'lan2:t*'
	list ports 'lan3:u*'
	list ports 'lan4:t*'
	list ports 'lan5:u*'

config bridge-vlan
	option device 'br-lan'
	option vlan '3'
	list ports 'lan2:t'
	list ports 'lan4:t'

config interface 'iot'
	option proto 'static'
	option device 'br-lan.3'
	option ipaddr '192.168.3.2'
	option netmask '255.255.255.0'

HH:


config interface 'loopback'
	option device 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd6d:138e:88a0::/48'
	option packet_steering '1'

config atm-bridge 'atm'
	option vpi '0'
	option vci '35'
	option encaps 'llc'
	option payload 'bridged'
	option nameprefix 'dsl'
	option atmdev '1'
	option unit '1'

config dsl 'dsl'
	option annex 'a'
	option ds_snr_offset '0'
	option line_mode 'vdsl'

config device
	option name 'br-lan'
	option type 'bridge'
	option ipv6 '0'
	list ports 'lan1'
	list ports 'lan2'
	list ports 'lan3'
	list ports 'lan4'
	list ports 'wan.1'

config device
	option name 'lan1'
	option macaddr 'c8:91:f9:10:fa:cc'

config device
	option name 'lan2'
	option macaddr 'c8:91:f9:10:fa:cc'

config device
	option name 'lan3'
	option macaddr 'c8:91:f9:10:fa:cc'

config device
	option name 'lan4'
	option macaddr 'c8:91:f9:10:fa:cc'

config interface 'lan'
	option device 'br-lan'
	option proto 'static'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'
	option ip6assign '60'
	option delegate '0'
	option gateway '192.168.2.2'
	list dns '192.168.2.2'

config device
	option name 'dsl0'
	option macaddr 'c8:91:f9:10:fa:cd'
	option ipv6 '0'

config device
	option type '8021q'
	option ifname 'wan'
	option vid '35'
	option name 'wan.35'
	option ipv6 '0'

config device
	option type '8021q'
	option ifname 'wan'
	option vid '1'
	option name 'wan.1'
	option ipv6 '0'

config device
	option type 'bridge'
	option name 'br-wan'
	option ipv6 '0'
	list ports 'dsl0.35'
	list ports 'wan.35'

config interface 'wan'
	option proto 'none'
	option device 'br-wan'

config device
	option type '8021q'
	option ifname 'dsl0'
	option vid '35'
	option name 'dsl0.35'
	option ipv6 '0'

Thanks in advance for your help.

2

There are a ton of issues here.

Which device is intended to be the main router? You seem to have 2 internet connections - is that right? Are you trying to set them up as a multi-wan setup?

3

The main router is a Flint. The HH only serves as a modem and forwards PPPoE packets to the Flint. The second internet connection is directly to the Flint, and I use a MultiWan. It works fine and I have no problems with it. The only problem is using the HH as an additional switch for the internal network.

4

Fix lan1.1 - it should just be lan1

Delete these:

Fix lan1.1 as before

Consider swapping the ip addresses so that the main router uses the .1 address. Not required, but fits with standard practice.

Meanwhile, I think it is best to terminate the pppoe connection on the hh device and send it over as standard ip over the trunk.

Fix the main router first and then post that and we’ll review before moving to the other.

5

I changed the configuration as instructed. Nothing changed. Everything works except the connection to the PC device.

config bridge-vlan
        option device 'br-lan'
        option vlan '1'
        list ports 'lan1:t*'
        list ports 'lan2:t*'
        list ports 'lan3:u*'
        list ports 'lan4:t*'
        list ports 'lan5:u*'

I know I could handle a PPPoE connection on HH, but I want to have all the external connection configuration on one router.

6

Where is the pc device connected?

Normally I would agree, but I’m not positive that OpenWrt can bridge the raw PPPoE connectivity from the modem through Ethernet. Others who use pppoe modems on OpenWrt can comment on this part.

7

The PC is the device connected to the HH switch on the LAN2 port.
One more thing. Enabling the VLAN option on the HH from the bridge level and adding any VLAN (as in the example below), even without configured interfaces, results in the device being unavailable from the LAN level and the need to revert the changes.The options with VLAN1 and untagged wan.1 or tagged wan produce the same effect.

Bez tytułu
Bez tytułu908×400 40.3 KB

8

I also think that there is no problem with bridging PPPoE since it works correctly.

9

Does it? Have you verified that the connection is being routed properly?

10

Yes. MultiWan works correctly, failover works, and rules can be added and work.

Bez tytułu
Bez tytułu679×216 29.2 KB

1 Like