Vlan newbie advice

hi all!

i have a TD-W8970 and a R7800 both with 19.07.2. configured the 8970 as a bridged modem and the 7800 to do routing/wifi/dhcp/sqm and all the good stuff. all is working good. now i'd like to use a single cable from one to the other to use both wan an lan and free some ports, since i've read a lot but no sure, can you guys check this configuration?? i don't use vlan 1, vlan 2 is wan and vlan 3 is lan. is this correct to keep wan an lan traffic separated? or i'm messing up things?

8970:

root@modem:~# cat /etc/config/network 

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'edit'

config dsl 'dsl'
        option annex 'b'
        option xfer_mode 'ptm'
        option line_mode 'vdsl'
        option tone 'bv'

config interface 'modem'
        option type 'bridge'
        option proto 'none'
        option ifname 'eth0.2 dsl0.100'
        option auto '1'

config device 'modem_dev'
        option name 'eth0.2'
        option macaddr 'edit'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ifname 'eth0.3'
        option ipaddr '192.168.1.254'

config device 'lan_dev'
        option name 'eth0.3'
        option macaddr 'edit'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'
        option ports '6t 2t'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '3'
        option ports '6t 5 0 2t'

7800:

root@router:~# cat /etc/config/network 

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'edit'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ifname 'eth1.3'

config interface 'wan'
        option ifname 'eth0.2'
        option proto 'dhcp'
        option peerdns '0'
        option macaddr 'edit'
        list dns '127.0.0.1'

config interface 'wan6'
        option proto 'dhcpv6'
        option reqaddress 'try'
        option reqprefix 'auto'
        option peerdns '0'
        option macaddr 'edit'
        list dns '0::1'
        option ifname '@wan'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '1'

config switch_vlan
        option device 'switch0'
        option vlan '1'
        option vid '1'

config switch_vlan
        option device 'switch0'
        option vlan '2'
        option vid '2'
        option ports '0t 5t'

config switch_vlan
        option device 'switch0'
        option vlan '3'
        option vid '3'
        option ports '6t 4 3 2 1 5t'

on both deivces eth0.2 is assigned to wan firewall zone and eth0.3(8970) eth1.3(7800) to lan firewall zone.

i will use all the untagged ports on the 7800 to connect lan devices.

many thanks.

Y

It's not clear what you are trying to do.

I infer from your [post that your current situation is that you have the TD-W8970 working as a modem, and then you are running a cable form one of it's LAN ports to your R7800 WAN port, which is set as probably PPPoE. The R7800 is doing the PPPoE termination, all routing and serving all devices.

Now you want to do what? Have the TD-W8970 to do some routing, and use the R7800 as AP? Or you want to keep the TD-W8970 as a modem and the R7800 as a router, but "re-use" the ports of the TD-W8970 as an "extension" of R7800 switch?

TD-W8970 working as a modem, and then you are running a cable form one of it's LAN ports to your R7800 WAN port, which is set as probably PPPoE. The R7800 is doing the PPPoE termination, all routing and serving all devices.

this is correct. but since it's my first time using vlans, i was wondering if this configuration is correct to keep wan and lan separeted. single cable should provide bridged modem to R7800 (for ppp/routing/dhcp/wifi/sqm/etc..) and lan management for TD-W8970 (i connect my desktop pc to R7800 lan and laptop to R7800 wifi).

keep the TD-W8970 as a modem and the R7800 as a router, but "re-use" the ports of the TD-W8970 as an "extension" of R7800 switch?

yes, TD-W8970 only as modem no services at all (used imagebuilder to remove dhcp etc.. and wifi is turned off) and use switch as an extension of the R7800 if needed for lan devices.

my main concern is if the configuration is correct to keep lan/wan separated, also on the single cable.

many thanks.

Y

I was considering doing the same (except that instead of your R7800 I would use a Raspberry Pi, so I would be forced to use one cable and wouldn't have the option of using two).

See the post below. I didn't try it, but you can start from there

used the configuration described in my first post and it's working correctly.. for my knowledge/reading this should be the corect way to keep wan/lan separated also with single cable.

if some guru finds out that it completely wrong please let me know :slight_smile:

many thanks to all.

Y

I noticed that you have LAN 4 port on the 8970 off--maybe you might not be using it now, but it's probably best to have it working so that you don't later try to connect to it and wonder why there is no connection.

And if I were you, I would actually use the port that's next to the xDSL port (let that be 1 or 4--I don't know) for the cable you are running to the other router. It's just tidier that way.

port 4 doesn't work well on my 8970, often the speed of connected devices is very slow compared to same device connected to other ports. so i marked that port as dead and put electrical tape on it to avoid plugging in whatever :slight_smile:

device i pretty old and is on 24/7 365, so who knows maybe hardware fault, from time to time i test the port again but lo luck.. still slow compared to others :frowning:

Y

1 Like