VLans on a switch [Solved]

Installing and Using OpenWrt Network and Wireless Configuration
1

I have an old D-Link DIR-615 rev.C1 with OpenWRT (Chaos Calmer 15.05) compiled by myself a long time ago. I'm using it only as a switch on one of the lans on a dual homed machine, the router have 4 lan ports, 1 wan port and a wireless port (this it's used from time to time), it's based on the Atheros chip.

The onboard nic of the dual homed machine is connected to my network, I use WOL feature and everything work well, but the other nic (pci card) have no option to WOL, this nic is connected to a lan port on the DIR-615, another lan port is connected to my neighbor lan, just to share machine content with him, the router acting as a switch just isolate wires and have a better signal levels than the pci nic card for the long cat5 wire.
Because the pci card have no option for WOL, I wonder if I can connect my internal network to some of the free lan ports on the router and use VLan to isolate this connection with the other one, then, I can send the WOL packet from the router vía this connection to the on-board NIC, just to let my neighbor to turn on the machine.
Both networks have their own dchp & dns servers and are in different ip address but this is irrelevant for this case.

Desired scenario:

My network connected to Port 1
Port 2 connected to on-board nic

Neighbor lan connected to Port 3
Port 4 connected to pci nic

Goals:
Create 2 vlan, one for Ports 1&2, the other one for Ports 3&4
Bind the router CPU to both VLans (I need it to send magic packet with lua and a web interface accesible from both VLans).
Have all traffic isolated.

Before messing it at all and because I know nothing about vlans I ask if my idea is possible?

I don't want to mess up the router because it's not easy accessible to reset to factory settings, also, I don't want to being with no access.
I don't understand at all tagged/nontagged.
I need this to be transparent to both networks, I mean and I think that I have to do nothing with network cards on the multihomed cpu (for example have no to set or configure some VLan Id) neither in my own or my neighbor lan.

Can somebody let me know if this is possible and what to setup, I mean, tagged/nontagged on each port/vlan?

Screenshot from 2021-08-13 23-44-27
Screenshot from 2021-08-13 23-44-27793×744 49 KB

2

I setup the unused wan port and connect a long wire then play with vlans until I solved. Not too complex, I just have problems to loose access playing and learning vlans.
The only thing that can be a problem is while the openwrt is booting the switch acts like a normal switch, I mean, not isolating ports, just a though.

WAN is used as backup port
LANC is my neighbor network
LAN is mine
Then I can bridge wireless to any of the network to use one of them if I need it.
ssh and web listen and runs on every network like I want.
Port 1&2 are isolated from Port3&4 like I want (maybe not on startup).
From a web page I can ping to every network and WOL to the onboard dualhomed cpu.
My neighbor can turn on the machine using the webpage.

config interface 'lan'
	option _orig_ifname 'eth0 radio0.network1'
	option _orig_bridge 'true'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '192.168.2.202'
	option ifname 'eth0.1'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'
	option mirror_source_port '0'
	option mirror_monitor_port '0'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option vid '1'
	option ports '0t 3 4'

config interface 'WAN'
	option proto 'static'
	option ifname 'eth1'
	option ipaddr '10.1.0.202'
	option netmask '255.255.255.0'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option vid '2'
	option ports '0t 1 2'

config interface 'LANC'
	option type 'bridge'
	option proto 'static'
	option ipaddr '192.168.100.202'
	option netmask '255.255.255.0'
	option _orig_ifname 'eth0.2 wlan0'
	option _orig_bridge 'true'
	option ifname 'eth0.2'
3

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.