If so, how?  If not, why not?

Thanks!

The correct way to add your wireless to a vlan is by using a bridge.
To clarify, in networking, the VLAN term generally refers to making one network interface control multiple ports on a switch, and a Bridge combines multiple interfaces into one (like a switch but separate physical hardware).
A way of thinking about it is a VLAN splits up your network (i.e. port 0 is WAN, ports 1-3 are VLAN1, and port 4 is another VLAN2), and a bridge combines multiple interfaces into one (i.e. Wireless and VLAN1 are in the same network and can ping each other).

For example, you can create multiple wireless APs using one wireless card (like in Atheros you can make a ath0 and ath1 device) and then bridge each one to a separate VLAN in the 4-port switch, in essence making two independent networks with one router.

The manual steps that I usually take to create a bridge are:

ifconfig eth0 0.0.0.0 up
vconfig add eth0 1 #Usually already done
ifconfig eth0.1 0.0.0.0 up
ifconfig wlan0 0.0.0.0 up
brctl addbr br0
brctl addif br0 eth0.1
brctl addif br0 wlan0
ifconfig br0 xx.xx.xx.xx up
brctl show

However, be careful since adding an interface to a bridge (in my experience) it must have no IP address set (to ensure the routing table uses the correct interface).  This means you will lose your SSH/telnet session, so you must either put those commands in a shell script and run it at once. If it works well the SSH should resume once the interface is back up.

A better way is to figure out how to use the UCI or NVRAM configuration to do this automatically:

The way OpenWRT Kamikaze does this is by defining a "option type bridge" in your lan network.
Then, adding "option network lan" in the wireless config will make UCI automatically add the wireless interface to the LAN.

Unfortunately I can't help you with the steps to do this under Whiterussian, but my impression is that this should automatically happen if you have the wireless interface set up as part of the normal LAN.  Can you describe your setup in more detail (are you using defaults, or creating custom VLANs?)

(Last edited by phorn on 25 Sep 2008, 07:22)

I was aware of using a bridge.  I am just wondering if there is a hardware reason why wireless can't be part of a vlan.

Yes there is a reason that a bridge is actually necessary: wireless and ethernet ports are usually on different physical hardware, so the only way for the two to communicate directly is via the CPU (or direct memory access).  Without a bridge, there is no way for the CPU to know to forward packets between the two pieces of hardware.
So that would require you to route which is hard to do if both networks are on the same subnet. (how do you distinguish 192.168.1.2 on eth0.0 and 192.168.1.2 on wlan0?)

Another reason is that you can not have the same IP address on two different mac addresses if they are on the same network (and even if not, it can get awkward interfacing the two).
Otherwise, if you get a ARP query for IP address 192.168.1.1, which network interface should it use to respond?

Essentially, once you bridge them, they will indeed be part of the same network, through the bridge, so everything should work as you expect.
The bridge guarantees that both interfaces use the same MAC address, and therefore that it acts as a single node on both networks instead of as a router between them (in which case you need to setup a gateway, etc.)

For example, if you do a broadcast ping on your eth0, it should go out on all ports of your LAN nic.  But it should not touch the wireless chip.  Similarly if you broadcast to all wireless clients it will only send broadcast packets through the wireless chip.
But if you broadcast from a bridge, I believe the OS will send broadcast packets on all interfaces in the bridge.

VLANs as I said above only make sense on a single hardware device (although in theory it is possible to make vlans on a bridge interface... not sure what that would do).  It is possible that on certain systems, wireless and ethernet are on the same chip, and then if you have the hardware documentation you may be able to link them together using VLANs--but that is probably a rare situation.

Here's a wikipedia page on bridging vs. routing:
http://en.wikipedia.org/wiki/Network_br … us_routing

Thanks alot.