X86, switch, one network card

TqB · May 4, 2020, 10:41am

This is preliminary question, and searching "mailstones" and comments. I read manual, faq etc.

First: I want use Openwrt as standard router. "Black box, RJ-connector named WAN, RJ-connector named LAN". WAN, ISP use dynamic ip (general 4G-modem with rj-"output"). LAN, normal dhcp, nat, etc. Just normal functions, this all is possible make using any bulk router. But... Openvpn, ssh... it will be goal. Now I am on chalclines.

Hardware, first I think use any router. Then, Rasp. But: I have many computer with i7-processor, SSD and Openwrt-compatible LAN-card. ("Many", long story...) Then, I have a couple of HP Procurve switches. So, all what I need is here.

More prology: Now I use old Cisco ADSL-router. In this model it is not possible use ETH-port as WAN. Only WAN is adsl. But, easy as 1-2-3: CLI is most easy way configure this type devices. So: "VLAN 100, name OWN-WAN, interface eth-0, ip = dhcp + some adjust", "VLAN 123, name LAN, interface eth1, 2, 3, nat, dhcp etc". So: I program it Cisco "eth 0 = WAN, other eth = lan". In nutcell. Why I say this, later.

Some basic, really basic question need clarification.

QUESTION 1: So, I use x86-computer as router. It is normal computer with one LAN-port. Must I add second LAN-card for second port? "WAN" and "LAN"

QUESTION 2: IF I can use only one network card, it mean "LAN and WAN" is same hole. So I must add this HP Procurve switch and program it. Is this possible? I am not sure of "how to". I read it article VLAN, but not sure understand or not. Maybe it is same as my example of Cisco. Maybe it is "Procurve switch ETH1 = connection to router, LAN+WAN". ETH2 = WAN, hole to bad world. Maybe it is , eth1 = trunk, Eth2 = VLAN 1000 . All other port eg. VLAN 2. Maybe any this type configuration works? Any physical ethernet port is connection to WAN, to bad world and this port is VLAN 1000. So, if ETH 1 = router = trunk, this ETH2 (VLAN 1000) is "connected" to eth1. Then Openwrt-configuration is "LAN, it is VLAN 2".

So: If I am right, I can use only one "hole" router? Any comments, ideas?

anon50098793 · May 4, 2020, 11:03am

Yes, it would be almost identical to a cisco "router-on-a-stick"...

your tagging 802.11q each subnet to the switch, a switch then strips the tags on each access port.

It will be tricky without a console or separate out-of-band untagged network card as when you "activate" the config... you need to be solid on how the switch is going to handle the tags... troubleshooting can be difficult if you are not confident with openwrt/802.11q at a switch level. if you have keyboard and monitor, then easier to setup.

lan = eth0.1 -> SWITCHPORT1-TRUNK
wan = eth0.2 -> SWITCHPORT1-TRUNK

SWITCHPORT2-ACCESS(vlan2) -> wan
SWITCHPORT3/24-ACCESS(vlan1) -> lan

etc.

( but given the cost of cheap network cards... it's probably only worth it of you are desperate, wan is especially useful on it's own nic )

TqB · May 4, 2020, 11:39am

Good, this clarify. As you all see, I am not specialist. Or, I know much but it is no any connection between all :D.

Of course two network card is easier. i7-3770, 8-16G memory, I checked just. Many this I have, no any clever use (one man, only two hand). So I can collect network cards and put it to one...

Maybe most important reason use one port is: "it is difficult". It is, "much studying, grow up brain capacity", and, "maybe it is useful in future if know this".

Thanks. If anyone have comments, really want hear.

TqB · May 6, 2020, 2:32pm

Must ask question. Installing OpenWrt x86 is very easy. Luci works also. I simply install Openwrt 19.07.2. combined-ext4.img.gz.

Main board network card is intel, but card inside computer is Broadcom (vendor 14, device 1681), Broadcom NetXtreme Gigabit Ethernet. Looks Openwrt does not regognize it. Also I try connect network cable to Broadcom, and display say nothing. (Monitor connected to computer show status nag etc)

I try google this, "how to add second card Openwrt x86" and several "...adding Broadcom" etc etc, but information is not clear. Any very old thread told anything "broadcom.ko and tg3", but it is not clear....

1, how I can search drivers? Documentation I try read, but x86 is quite special and manual on the page does not tell this. Look ready-to-use routers is easy, but x86 need drivers and how to install it...

2, also... documentation does not tell how to install drivers... first find it, then install. This old archived thread tell somethn "edit kernel"..

3, if this is supported by my package, how to activate it?

Questions are basics, but looks x86 need much more than normal router... most important question is "how to search help".

mk24 · May 6, 2020, 2:47pm

I have a similar card (BCM5751 chip), it works with kmod-tg3. That module should be standard in the x86 release build though.

The fully supported kernel drivers are already compiled and packaged in packages named starting with "kmod-", simply install them with opkg install.

TqB · May 7, 2020, 12:31pm

Basic questions. Many times problem is "how to punch this thin film". And... then happened much. Eg. searching how to use command line. Manual is excelent, but typically manual does not tell this "how to punch thin film" :). After it easy to use.

Very big help is, x86 computer, monitor and keyboard. Very easy to use command line. Luci work also, with other computer.

Two network card work properly now, Broadcomm and Intel. WAN: it is 4G-modem, 192.168 etc, and DHCP. LUCI status show it work. LAN is 10.15.0.0/22; ipv4 = 10.15.0.1, mask 22 it is 255.255.252.0, LAN DHCP 10.15.1.1 ... 254.

LUCI show status and WAN is ok. Also my test computer show (ipconfig -all) just right addresses.

Command line I can use ping: eg. ping www.google.com answer. BUT, on computer ping any address no answer, and also browser cannot open webpages.

I try read manual, forum, google... "basic configuration" is very simple. It is configure wan, configure LAN. Only I cannot found is "routing". /etc/config/network there is clearly just as standard examples show but no any "routing".

So... what I forget? Must I add any routing between WAN and LAN? Or any other I forget? I see problem is easy. Only any little detail I forget... but what...

anon50098793 · May 7, 2020, 12:39pm

uci show network | grep wan | grep ifname

routing is always on... but "forwarding" (firewall FORWARD) is in /etc/config/firewall;

config forwarding
	option src		lan
	option dest		wan

Greetings from Sydney

TqB · May 7, 2020, 1:01pm

This problem solved. /etc/config/firewall forwarding is ok. But I found from LUCI interfaces, WAN tab "firewall settings". It was "empty", I change it to "WAN", and now work. Zone must be "WAN" and it is not automatic.

Wan is installed later ie. "not automatically installed lan card". So:

Install new card drivers using opkg, module kmod-tg3
Luci, "Add new interface", this new lan card
then "firewall"-tab.

In my opinion, this "firewall tab activation" is not possible via command line. Only way activate it is LUCI. It is not automatic option, must be set manually.

anon50098793 · May 7, 2020, 1:02pm

winner!!!

mk24 · May 7, 2020, 1:06pm

There is no setting LuCI does that can't be set via the CLI.

The problem here appears to be the common rookie mistake of uppercase network names. This is something that a bad design of LuCI promotes. In something I don't agree with, LuCI displays network names in uppercase though they may (or may not) be set in lowercase or mixed case, and for this the kernel is case sensitive. By convention lowercase should always be used.

If you name your new wan network 'wan' and not 'WAN', it is already in the default firewall file and it would have worked right away.

anon50098793 · May 7, 2020, 1:11pm

opkg update
opkg install diffutils
cp /etc/config/firewall /tmp/firewallworking
[UNDO YOUR FIX IN LUCI]
cp /etc/config/firewall /tmp/firewallbroken
diff /tmp/firewallbroken /tmp/firewallworking

tmomas · May 17, 2020, 1:15pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.