VLAN hell - 5 days and still unable to get one vlan working

windswept321 · October 1, 2018, 12:14pm

I would really appreciate any help on this - I am completely stuck

DHCP works fine on the untagged port/s but not on vlan enabled ports - no lease is given.

Router:

Bt Homehub 5A running OpenWrt 18.06.1.

Port 4 trunk port set to vlan 10.
Port 1 untagged port.

DHCP is working on ports 1 and 2 for the untagged network (192.168.0.x) Ports 3 (testing another vlan config) and 4 do not give a lease so I think I’m doing something right.

Testing with cables shows ports to be reversed from the physical markings - 4 = 1 etc, which led to some conflicts between editing via both luci and the network config file last week.

I assume that the CPU port should always be tagged (6t from what I can see). Setting it to untagged for the trunk port made no difference.

Setting the port 3 vlan to 3 in case there of some interface issue I can’t figure out gets a DHCP lease for the untagged network:

config switch_vlan
option device 'switch0'
option vlan '3'
option vid '3'
option ports '3 6t'

I assume that the CPU port should always be tagged (6t from what I can see).

swconfig list:

Found: switch0 - eth0

swconfig dev switch0 help:

switch0: eth0(Lantiq XRX200 Switch), ports: 7 (cpu @ 6), vlans: 64
     --switch
	Attribute 1 (int): enable_vlan (Enable VLAN mode)
	Attribute 2 (none): apply (Activate changes in the hardware)
	Attribute 3 (none): reset (Reset the switch)
     --vlan
	Attribute 1 (int): vid (VLAN ID (0-4094))
	Attribute 2 (int): enable (Enable VLAN)
	Attribute 3 (ports): ports (VLAN port mapping)
     --port
	Attribute 1 (int): uvr (Unknown VLAN Rule)
	Attribute 2 (int): vsr (VLAN Security Rule)
	Attribute 3 (int): vinr (VLAN Ingress Tag Rule)
	Attribute 4 (int): tvm (Transparent VLAN Mode)
	Attribute 5 (int): pvid (Primary VLAN ID)
	Attribute 6 (unknown): link (Get port link information)

switch0: eth0(Lantiq XRX200 Switch), ports: 7 (cpu @ 6), vlans: 64
     --switch
	Attribute 1 (int): enable_vlan (Enable VLAN mode)
	Attribute 2 (none): apply (Activate changes in the hardware)
	Attribute 3 (none): reset (Reset the switch)
     --vlan
	Attribute 1 (int): vid (VLAN ID (0-4094))
	Attribute 2 (int): enable (Enable VLAN)
	Attribute 3 (ports): ports (VLAN port mapping)
     --port
	Attribute 1 (int): uvr (Unknown VLAN Rule)
	Attribute 2 (int): vsr (VLAN Security Rule)
	Attribute 3 (int): vinr (VLAN Ingress Tag Rule)
	Attribute 4 (int): tvm (Transparent VLAN Mode)
	Attribute 5 (int): pvid (Primary VLAN ID)
	Attribute 6 (unknown): link (Get port link information)

/etc/config/network:

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix ‘******’

config atm-bridge 'atm'
        option vpi '1'
        option vci '32'
        option encaps 'llc'
        option payload 'bridged'
        option nameprefix 'dsl'

config dsl 'dsl'
        option xfer_mode 'ptm'
        option line_mode 'vdsl'
        option annex 'b'
        option tone 'a'
        option ds_snr_offset '0'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.0.1'
        option ifname 'eth0.1'

config interface 'lan2'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.20.1'
        option ifname 'eth0.2'

config interface 'lan3'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.30.1'
        option ifname 'eth0.3'

config interface 'lan4'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ipaddr '192.168.40.1'
        option ifname 'eth0.4'

config device 'lan_dev'
        option name 'eth0.1'
        option macaddr *********’

config interface 'wan'
        option proto 'dhcp'
        option release '0'
        option peerdns '0'
        option dns '8.8.8.8 8.8.4.4'
        option clientid ***
        option macaddr ‘******’
        option vendorid ‘********’
        option _orig_ifname 'eth0'
        option _orig_bridge 'false'
        option ifname 'dsl0.101'

config interface 'wan6'
        option ifname 'eth0'
        option proto 'dhcpv6'
        option reqprefix '56'
        option peerdns '0'
        option norelease '1'
        option dns ‘*******’
        option reqaddress 'none'
        option macaddr ‘********

config device 'wan_dev'
        option macaddr ‘********’
        option name 'dsl0'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config interface 'vpn0'
        option ifname 'tun0'
        option proto 'none'
        option auto '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'
        option ports '0 1 2 6t'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'
        option ports '5 6t'

config switch_vlan
        option device 'switch0'
        option vlan '10'
        option vid '10'
        option ports '4t 6t'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '3'
        option ports '3 6t'

config switch_vlan
        option device 'switch0'
        option vlan '5'
        option vid '12'
        option ports '4t 6t'

config switch_vlan
        option device 'switch0'
        option vlan '6'
        option vid '13'
        option ports '4t 6t'

config switch_vlan
        option device 'switch0'
        option vlan '7'
        option vid '14'
        option ports '4t 6t'

/etc/config/dhcp:

config dnsmasq
        option domainneeded '1'
        option localise_queries '1'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'
        option localservice '0'
        option local '/ddd/'
        option domain 'ddd'
        option rebind_protection '0'
        option nonwildcard '0'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'

config dhcp 'lan2'
        option interface 'lan2'
        option limit '150'
        option leasetime '2h'
        option start '100'

config dhcp 'lan3'
        option interface 'lan3'
        option limit '150'
        option leasetime '2h'
        option start '100'

config dhcp 'lan4'
        option interface 'lan4'
        option limit '150'
        option leasetime '2h'
        option start '100'

config dhcp 'wan'
        option interface 'wan'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'

/etc/config/firewall:

config defaults
        option syn_flood '1'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'REJECT'

config zone
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option network 'lan'

config zone
        option name 'wan'
        option input 'REJECT'
        option output 'ACCEPT'
        option forward 'REJECT'
        option masq '1'
        option mtu_fix '1'
        option network 'wan wan6'

config forwarding
        option src 'lan'
        option dest 'wan'

config zone
      option name       'lan2'
      option network    'lan2'
      option input      'ACCEPT'
      option output     'ACCEPT'
      option forward    'ACCEPT'

config zone
      option name       'lan3'
      option network    'lan3'
      option input      'ACCEPT'
      option output     'ACCEPT'
      option forward    'ACCEPT'

config zone
      option name       'lan4'
      option network    'lan4'
      option input      'ACCEPT'
      option output     'ACCEPT'
      option forward    'ACCEPT'

windswept321 · October 1, 2018, 1:48pm

Setting switch_vlan to an option vid of '4' instead of '10' gets DHCP to work for port 4 on the correct network.
No such luck with port 3 - I guess it could be under some other number.

Does this mean I can only have 1 vlan per interface..?

lleachii · October 1, 2018, 2:45pm

You did set the computer or switch at the far-end to also be a tagged port, correct?

Nope, I currently trunk 7 VLANs on a port.

Can you take a screenshot of the LuCI web GUI Switch page?

windswept321 · October 1, 2018, 5:26pm

I have it now thanks. Realised my understanding was probably incorrect when I noticed the 'tagged' setting on the smart switch - it never occurred to me that end devices wouldn't require tagging or be able to work when tagging is present. Other than very random port naming on the router, the end device port on the switch was set to tagged.

Drawing the below helped me to understand my mistake; hope it is of use to someone.

Whiteboard1a