VLAN wan to wan

robertsearle · August 19, 2023, 12:26pm

Two questions;

Is it possible to remove all incoming VLAN tags from the ISP? Basically remove the VLAN tags on the WAN device?
Is it possible to let a VLAN tag go through the WAN? I have this a setup below. I want to strip the VLAN from incoming ISP traffic on the first WAN. I also want the traffic from #1 to reach into #2 if tagged correctly

ISP --> wan / open wrt #1 --> wan / open wrt #2

slh · August 19, 2023, 6:58pm

With the according switch configuration, yes.

psherman · August 19, 2023, 10:09pm

As @slh said, yes this can be done by means of the switch configuration. But at that point, the first router becomes nothing more than a managed switch.

Is there a reason you want to strip the vlan tag in the first router and pass it to the second as untagged? There is no real reason to do this from a technical perspective since the second router can handle the vlan tag just the same. You could simply remove the first router and use the second normally with the tag.

robertsearle · August 20, 2023, 1:48am

I don't want any VLAN tags entering my network from the outside world / ISP. It sounds like a security issue but I am a newbie so can't say for sure.

To clarify I want something started in router1 going into router2. I want to remove / stripe all VLAN info from the ISP going into router1. Nothing based on ISP VLAN tags should go to router2

Remove all ISP VLAN info
Allow route 1 --> router 2 wan --> router 2 network

krazeh · August 20, 2023, 1:54am

It's not. You're not achieving anything of any practical use in your proposed setup.

robertsearle · August 20, 2023, 1:56am

Okay. How can I stripe out the ISP VLAN tags on the router's wan interface

krazeh · August 20, 2023, 2:02am

The vlan tags will be removed when the traffic arrives at the router. Assuming the traffic then leaves on an interface that has vlan tags it'll have those tags added, otherwise it'll be untagged.

_bernd · August 20, 2023, 6:43am

Are you aware that vlan is a layer-2 technology while on the Internet we usually do layer-3?
And as the others already tried to explain to you: the moment a frame with a tag hits a router the tag gets removed anyway.

There are also valid scenarios where you want to bridge ISP traffic like to connect multiple routers on a single line... Or to pass it into a virtualisation cluster or the like...

system · August 30, 2023, 6:43am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.