VLAN Help - multiple vlans one port - 23.05.2 - for wrt1900ac

Installing and Using OpenWrt
1

Hey all,

you've probably answered this question probably a million times already but i think there something about using swconfig for so long that makes just unable to "get" DSA. I apologize for the redundancy and monstrosity.

So i just upgraded from 19.07 with a VLAN swconfig found below:

| VLAN ID | CPU (eth0) | CPU (eth1) | LAN 1    | LAN 2    | LAN 3    | LAN 4    | WAN    |
|---------|------------|------------|----------|----------|----------|----------|--------|
| Status  | 1000T FDX  | 1000T FDX  | 1000T FDX| No Link  | No Link  | No Link  | No Link|
| 1       | untagged   | off        | untagged | untagged | untagged | untagged | off    |
| 2       | off        | tagged     | off      | off      | off      | off      | untagged|
| 4       | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 5       | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 8       | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 10      | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 31      | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 33      | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 34      | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 336     | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 337     | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |
| 440     | tagged     | tagged     | tagged   | tagged   | tagged   | tagged   | off    |

I had no issues creating and bridging/assigning different wireless SSIDs to different VLANs and everything worked great. I didn't save a backup of the interfaces simply due to me using the "scorched earth" method and not simply going back so i don't have that information.

Now after upgrading to 23.05.2, I'm having trouble understanding how all this works. The current set up is the same as with version 19.07

Wireless devices -> WRT1900ac (plugged in lan1 nothing in WAN port of router) -> Cisco switch (properly configured) -> top level firewall (where vlans are, dhcp,dns)

The Wi-Fi set up was done this way:

SSID1 - vlan 10 - subnet xyz
SSID2 - vlan 337 - subnet xyz
SSID3 - vlan x - subnet xyz

I know multiple SSIDs are bad for my neighbors but meh, should they stop walking like elephants ill re-evaluate.

LAN1 is the only port that is connecting back to the cisco switch, so every single VLAN will be on that port - Do i need the br-lan that comes by default ?

I've tried to create a 802.1q onto LAN1 so i get LAN1.10 and when i create the interface with a dhcp client protocol - i get an IP from the proper subnet for the vlan. Although - when i link a wireless SSID to it, im not able to get an IP on my wireless devices. Am i skipping a step?

image
image998×280 40 KB

I see the device trying but it never works.

If some of the above doesn't make sense , let me know ill clarify.

2

Your device is almost certainly now DSA (instead of swconfig). This requires a very different method of configuring VLANs.

https://openwrt.org/docs/guide-user/network/dsa/dsa-mini-tutorial

We can help you with the details if you need it -- just post your default config:

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
grafik
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
3 
{
        "kernel": "5.15.137",
        "hostname": "OpenWrt",
        "system": "ARMv7 Processor rev 2 (v7l)",
        "model": "Linksys WRT1900AC v1",
        "board_name": "linksys,wrt1900ac-v1",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "23.05.2",
                "revision": "r23630-842932a63d",
                "target": "mvebu/cortexa9",
                "description": "OpenWrt 23.05.2 r23630-842932a63d"
        }
}

root@OpenWrt:~# cat /etc/config/network



config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fdf7:4c8b:cbcd::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'
        option vlan_filtering '1'

config device
        option name 'lan1'
        option macaddr ''

config device
        option name 'lan2'
        option macaddr ''

config device
        option name 'lan3'
        option macaddr ''

config device
        option name 'lan4'
        option macaddr ''

config interface 'lan'
        option device 'br-lan'
        option proto 'dhcp'

config device
        option name 'wan'
        option macaddr 'x'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'

config interface 'wan6'
        option device 'wan'
        option proto 'dhcpv6'

config interface 'test'
        option proto 'dhcp'
        option device 'lan1.10'
        option type 'bridge'

config device
        option type '8021q'
        option ifname 'lan1'
        option vid '10'
        option name 'lan1.10'
4

We'll just work on these two... you'll see the 'recipe' and you can continue the process with all the other VLANs.

I'd recommend that you only do one or two of these at first to make sure you've got it right... once you've proven it, feel free to go wild with the rest of them.

Start by deleting all of this:

Delete the last line (vlan_filtering) from br-lan:

Now, create bridge-VLANs:

config bridge-vlan
        option device 'br-lan'
        option vlan '1'
        list ports 'lan1:u*'
        list ports 'lan2:u*'
        list ports 'lan3:u*'
        list ports 'lan4:u*'

config bridge-vlan
        option device 'br-lan'
        option vlan '10'
        list ports 'lan1:t'
        list ports 'lan2:t'
        list ports 'lan3:t'
        list ports 'lan4:t'

config bridge-vlan
        option device 'br-lan'
        option vlan '337'
        list ports 'lan1:t'
        list ports 'lan2:t'
        list ports 'lan3:t'
        list ports 'lan4:t'

Edit your main lan interface to use br-lan.1 (instead of just br-lan)

config interface 'lan'
        option device 'br-lan.1'
        option proto 'dhcp'

Now, create unmanaged interfaces for the other VLANs:

config interface 'vlan10'
        option device 'br-lan.10'
        option proto 'none'

config interface 'vlan337'
        option device 'br-lan.337'
        option proto 'none'

Finally, create your SSIDs and attach them to networks vlan10 and vlan337

(obviously feel free to name the network interfaces differently -- the important part is the bridge-vlans as defined.)

5

I'd hug you if i could, this seems to work well and i am getting proper IPs

Say, is there a name length limit for the interface names? i noticed when i changed the interface names to slightly longer ones, i wasnt able to get an IP, when i changed back i was able.

6

I think 15 characters, IIRC.

1 Like
7

Correct 15 characters (plus \0), but that also needs to include automatically added prefixes (br-, pppoe-, etc.).

1 Like
8

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.