Vlan with many interfaces

Ok wifi is for next time.

I have configurate my proxmox to work with vlan 100 it's OK now.

I have create more VLAN but now I don't have internet, only OpenWrt have internet.

All the interfaces works without internet :

root@OPENWRT:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd7d:9daf:db85::/48'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option peerdns '0'
        list dns '208.67.222.222'
        list dns '208.67.220.220'

config interface 'HOME'
        option proto 'static'
        option ipaddr '10.0.1.254'
        option netmask '255.255.255.0'
        option device 'HOME'

config interface 'DMZ'
        option proto 'static'
        option ipaddr '10.0.0.254'
        option netmask '255.255.255.0'
        option device 'SWITCH.100'

config device
        option name 'wan'
        option ipv6 '0'

config interface 'Guest'
        option proto 'static'
        option netmask '255.255.255.240'
        option device 'SWITCH.5'
        option ipaddr '10.0.4.254'

config interface 'IoT'
        option proto 'static'
        option ipaddr '10.0.2.254'
        option netmask '255.255.255.0'
        option device 'SWITCH.66'

config device
        option type 'bridge'
        option name 'SWITCH'
        list ports 'lan1'
        list ports 'lan3'

config bridge-vlan
        option device 'SWITCH'
        option vlan '1'
        list ports 'lan1:u*'
        list ports 'lan3:u*'

config bridge-vlan
        option device 'SWITCH'
        option vlan '5'
        list ports 'lan3:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '25'
        list ports 'lan1:t'
        list ports 'lan3:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '66'
        list ports 'lan1:t'
        list ports 'lan3:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '100'
        list ports 'lan1:t'
        list ports 'lan3:t'

config device
        option name 'SWITCH.1'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '1'
        option ipv6 '0'

config device
        option name 'SWITCH.100'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '100'
        option ipv6 '0'

config device
        option name 'SWITCH.66'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '66'
        option ipv6 '0'

config device
        option name 'SWITCH.25'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '25'
        option ipv6 '0'

config device
        option name 'SWITCH.5'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '5'
        option ipv6 '0'

config device
        option type 'bridge'
        option name 'HOME'
        list ports 'SWITCH.1'

config bridge-vlan
        option device 'SWITCH'
        option vlan '99'
        list ports 'lan1:t'
        list ports 'lan3:t'

config interface 'RASPBERRY'
        option proto 'static'
        option device 'SWITCH.99'
        option ipaddr '10.0.3.254'
        option netmask '255.255.255.0'

config bridge-vlan
        option device 'SWITCH'
        option vlan '666'
        list ports 'lan1:t'
        list ports 'lan3:t'

config interface '666'
        option proto 'static'
        option device 'SWITCH.666'
        option ipaddr '10.0.5.254'
        option netmask '255.255.255.0'

config device
        option name 'SWITCH.666'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '666'
        option ipv6 '0'

config device
        option name 'SWITCH.99'
        option type '8021q'
        option ifname 'SWITCH'
        option vid '99'
        option ipv6 '0'

config interface 'MANAGMENT'
        option proto 'static'
        option device 'SWITCH.25'
        option ipaddr '10.0.6.254'
        option netmask '255.255.255.0'

I know it's not perfect, but I'm learning in the same times

again, you deleted bridge vlan filtering and put sotware vlan

same ...

same ...

same ...

same ...

again, whole config is messed up

look, last time will try to explain

config device
        option type 'bridge'
        option name 'switch'
        list ports 'lan1'
        list ports 'lan2'
        list ports 'lan3'
        list ports 'lan4'

this stanza will create ONE main bridge
and this is COMMON for whole setup !!!!
in this bridge vill be ALL vlans and ALL interface
you don't need other bridges. point !

per vlan settings are

config bridge-vlan
        option device 'switch'
        option vlan '1'
        list ports 'lan1:u*'
        list ports 'lan3:u*'

this will create vlan1 on bridge called "switch" and name it switch.1
it will be present on lan1 & lan3 as untagged (acces) port

and last part

config interface 'vlan1'
        option proto 'static'
        option device 'switch.1'
        option ipaddr '10.0.1.254'
        option netmask '255.255.255.0'

so it will create interface named "vlan1", attach to "switch.1" which is vlan1 untagged on LAN1 and LAN3

so, you have one COMMON part, first on top

then you have vlan definition on common bridge
then you have interface definition, which is bonded to vlan

this is new DSA / bridge vlan filtering way

no need for software vlans
so, if you want to add / remove vlans, you will go to

Luci -> network -> interfaces -> devices
there you will wind device named "switch", type bridge
click configure
go to last tab (bridge vlan filtering)
this is a way to add / remove /tag /untag vlans on COMMON switch (common bridge)

it is NOT firewal, word filtering is here because bridge will filter only listed vlans
again, it is NOT L3 routing filtering

but, you newer listen, and again, started to create option type '8021q' interfaces

so, again, start from scratch
and don;t touch network->interfaces->devices-> ADD DEVICE CONFIGURATION
stop this please

Ok, now, all works as I want.

The problem before was the name of interfaces "I have created with name 666 and OpenWrt don't like number on interface and fire-wall).

Look my new config :

root@OPENWRT:~# cat /etc/config/network

config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd7d:9daf:db85::/48'

config interface 'wan'
        option device 'wan'
        option proto 'dhcp'
        option peerdns '0'
        list dns '208.67.222.222'
        list dns '208.67.220.220'

config interface 'HOME'
        option proto 'static'
        option ipaddr '10.0.1.254'
        option netmask '255.255.255.0'
        option device 'SWITCH.1'

config interface 'DMZ'
        option proto 'static'
        option ipaddr '10.0.0.254'
        option netmask '255.255.255.0'
        option device 'SWITCH.100'

config device
        option name 'lan1'
        option ipv6 '0'

config device
        option name 'wan'
        option ipv6 '0'

config device
        option name 'lan3'
        option ipv6 '0'

config interface 'Guest'
        option proto 'static'
        option netmask '255.255.255.240'
        option device 'SWITCH.5'
        option ipaddr '10.0.4.254'

config device
        option name 'wlan1'
        option ipv6 '0'

config device
        option name 'wlan0'
        option ipv6 '0'

config device
        option name 'wlan0-1'
        option ipv6 '0'

config interface 'IoT'
        option proto 'static'
        option ipaddr '10.0.2.254'
        option netmask '255.255.255.0'
        option device 'SWITCH.66'

config device
        option name 'wlan0-2'
        option ipv6 '0'

config device
        option type 'bridge'
        option name 'SWITCH'
        list ports 'lan1'
        list ports 'lan3'

config bridge-vlan
        option device 'SWITCH'
        option vlan '1'
        list ports 'lan3:t*'

config bridge-vlan
        option device 'SWITCH'
        option vlan '100'
        list ports 'lan1:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '66'
        list ports 'lan1:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '99'
        list ports 'lan3:t'

config bridge-vlan
        option device 'SWITCH'
        list ports 'lan3:t'
        option vlan '101'

config bridge-vlan
        option device 'SWITCH'
        option vlan '25'
        list ports 'lan3:t'

config bridge-vlan
        option device 'SWITCH'
        option vlan '5'

config interface 'MANAGMENT'
        option proto 'static'
        option device 'SWITCH.25'
        option ipaddr '10.0.6.254'
        option netmask '255.255.255.0'

config interface 'ACCESS'
        option device 'SWITCH.101'
        option proto 'static'
        option ipaddr '10.0.5.254'
        option netmask '255.255.255.0'

config interface 'RASPBERRY'
        option proto 'static'
        option device 'SWITCH.99'
        option ipaddr '10.0.3.254'
        option netmask '255.255.255.0'

and :

root@OPENWRT:~# cat /etc/config/wireless

config wifi-device 'radio0'
        option type 'mac80211'
        option path 'platform/18000000.wmac'
        option channel '1'
        option band '2g'
        option htmode 'HT20'
        option cell_density '0'
        option country 'FR'

config wifi-iface 'default_radio0'
        option device 'radio0'
        option mode 'ap'
        option ssid 'Awxdn'
        option encryption 'psk2'
        option key ''
        option network 'IoT'

config wifi-device 'radio1'
        option type 'mac80211'
        option path '1a143000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0'
        option channel '36'
        option band '5g'
        option htmode 'HE80'
        option cell_density '0'
        option country 'FR'

config wifi-iface 'wifinet3'
        option device 'radio0'
        option mode 'ap'
        option ssid 'Guest'
        option encryption 'psk2'
        option network 'Guest'
        option key '*'

config wifi-iface 'wifinet4'
        option device 'radio0'
        option mode 'ap'
        option ssid 'HOME'
        option encryption 'psk2'
        option key ''
        option network 'HOME'

config wifi-iface 'wifinet5'
        option device 'radio1'
        option mode 'ap'
        option ssid 'HOME_5GHz'
        option encryption 'psk2'
        option key ''
        option network 'HOME'

So, I have now one interface "HOME" with switch.1 (vlan1) and lan3 and 2 wifi because I want TV and phone in the same vlan to cast youtube.

Look at my wireless config :

image1115×974 54.6 KB

I can't choose vlan filtering, only interface.

Look my screen, how can I choose bridge vlan filtering ? @NPeca75

Thanks you for your help

good

good

good

remove

remove

remove

remove

i told you before,WIFI interfaces are NOT configured with other network interfaces in /etc/config/network

Ok I will delete wifi config device.

Maybe can you help me for one other problem ? I have appleTV and one or two times per hours, I have a little freeze (1s) and low quality after for somes minutes. I have fiber optic and the problem is with wifi or ethernet.

How can I check errors on traffic ?

sorry
i helped you with VLAN config, and this tread is about VLANs on your device
pleas open new topic for other questions

if your setup is working now as expected, please mark this topic as [solved] and mark one answer as solution

No problem, thanks you again.

If I remove wlan device in network files, all it's broken.

Openwrt don't boot now , need to reset the config

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.