Hey guys,
I am new to open source routing and linux in general. I have a script which runs a binary that requires 2 ethernet interfaces eth0 and eth1. Where eth1 is for a wan connection and eth0 is for a lan connection.
I am currently using an airlink 101 ar335 which I don't believe has an eth1 card (if someone can correct me please do)

What I tried to do was to create a virtual lan by modifying the /etc/config/network file by adding:
config switch eth0
option vlan0 "0 1 2 3 5*"
option vlan1 "4 5"

and modifying eth0 to be eth0.0 below

config interface lan
        option ifname   eth0.0
        option type     interface
        option proto    static
        option ipaddr   192.168.77.111
        option netmask  255.255.255.0

then creating vconfig eth0.1 and eth0.0, bridging them, trying to associate eth0.0 as eth0 and eth0.1 as eth1. I ran into 3 problems:
1) I lost routing to the internet when I created the virtual lans. My router can ping hosts over the internet but my pc connected directly via lan port could not access the internet.
2) I did not assign eth0.1/eth0.0 to a specific port (I do not know how) so eth0.1 was not transmitting any packets
3) When I pulled the plug off my router I couldn't access it an IP address so I had to reboot.

I know this is a lot of questions into a single question but if there is an alternate way to separate eth0/eth1 for lan/wan rather than a vlan suggestions are welcome.
Also if I am doing something wrong when setting up a vlan when vlans indeed should meet my needs again point me in the right direction.

Thank you for your help
Hamid

The ar335w uses the IP175C switch which has not yet been included in Kamikaze, and by default, the switch comes with all vlans disabled.

If you are compiling from source, see here for my switch driver:
http://inst.eecs.berkeley.edu/~pathorn/ip175c/#switch

After applying the patch, if you have select kmod-switch, the switch driver should be loaded.  Then you have to change the line saying "config switch eth0" to say "config switch 0"

If you do not want to compile from source, there is a userspace binary at the bottom of that page called "user-switch".  However this will have to be run manually. like ./user-switch +v "" "0 1 2 3 5*" "4 5"

Also, according to the spec, the switch will treat VLAN 0 (eth0.0) the same as eth0.  So personally I use eth0.1 and eth0.2 instead.

Thank you for your help, however I am still running into problems
I ran the ./user-switch command without inputting any parameters so as to see the virtual lans available and I see that vlan1 has "0 1 2 3 5" and vlan2 has "4 5" assigned. Does that mean that if I create a vlan using vconfig and name them eth0.1 eth0.2 that I will be using vlan1 and vlan2 respectively?? It seems that this is not the case as no packets are being sent to or received on either interface when my script is running. Is there some way to assign the virtual lan to an interface, or am I doing something wrong?

Thank you
Hamid

Does your output match mine?

Router Enabled: 0
VLANs Enabled: 1
Tagged Ports: 5
Untgged Ports: 0 1 2 3 4
Number of VLANs: 3
Port info:
    Port 0 shares with {0,1,2,3,5} and defaults to VLAN 1
    Port 1 shares with {0,1,2,3,5} and defaults to VLAN 1
    Port 2 shares with {0,1,2,3,5} and defaults to VLAN 1
    Port 3 shares with {0,1,2,3,5} and defaults to VLAN 1
    Port 4 shares with {4,5} and defaults to VLAN 2
    Port 5 shares with {0,1,2,3,4,5} and defaults to VLAN 1
VLAN info:
    VLAN 0 contains ports 
    VLAN 1 contains ports {0,1,2,3,5}
    VLAN 2 contains ports {4,5}
    VLAN 3 contains ports

Are you sure you see "VLANs Enabled: 1"?  I think the vlans are initialized as you say, but if vlan tagging is not enabled, it doesn't matter what the vlans are set to.
Have you checked that they are properly tagged?  (ports 0,1,2,3,4 should be in Untagged and port 5 should be in Tagged)

What parameters did you give to user-switch in order to enable the vlans?

Thanks for your help phorn,

However you are correct. The vlans are not enabled. Sample output:

Router Enabled: 0
VLANs Enabled: 0
Tagged Ports:
Untgged Ports:
Number of VLANs: 2
Port info:
    Port 0 shares with {0,1,2,3,4,5} and defaults to VLAN 1
    Port 1 shares with {0,1,2,3,4,5} and defaults to VLAN 1
    Port 2 shares with {0,1,2,3,4,5} and defaults to VLAN 1
    Port 3 shares with {0,1,2,3,4,5} and defaults to VLAN 1
    Port 4 shares with {0,1,2,3,4,5} and defaults to VLAN 2
    Port 5 shares with {0,1,2,3,4,5} and defaults to VLAN 2
VLAN info:
    VLAN 0 contains ports {0,1,2,3,4,5}
    VLAN 1 contains ports {0,1,2,3,5}
    VLAN 2 contains ports {4,5}
    VLAN 3 contains ports {0,1,2,3,4,5}
    VLAN 4 contains ports {0,1,2,3,4,5}
    VLAN 5 contains ports {0,1,2,3,4,5}
    VLAN 6 contains ports {0,1,2,3,4,5}
    VLAN 7 contains ports {0,1,2,3,4,5}
    VLAN 8 contains ports {0,1,2,3,4,5}
    VLAN 9 contains ports {0,1,2,3,4,5}
    VLAN 10 contains ports {0,1,2,3,4,5}
    VLAN 11 contains ports {0,1,2,3,4,5}
    VLAN 12 contains ports {0,1,2,3,4,5}
    VLAN 13 contains ports {0,1,2,3,4,5}
    VLAN 14 contains ports {0,1,2,3,4,5}
    VLAN 15 contains ports {0,1,2,3,4,5}

What is confusing me right now is how should I turn them on? I looked through your code and used your example:

When trying to set vlan5 to use ports 0 1 2 3 and 5, the script hangs prematurely before completion. Below is excerpt output:

root@OpenWrt:/etc# ./user-switch +v "VLAN 5" "0 1 2 3 5"
PHY 29 23 is currently 0x0000
PHY 29 23 is currently 0x0000
PHY 29 19 is currently 0x9F9F
PHY 29 19 is currently 0x9F9F
PHY 29 20 is currently 0x9F9F
PHY 29 20 is currently 0x9F9F
PHY 29 21 is currently 0x9F00
PHY 30 18 is currently 0x669F
PHY 30 1 is currently 0x2F3F
PHY 30 1 is currently 0x2F3F
PHY 30 2 is currently 0x3F30
PHY 30 2 is currently 0x3F30
PHY 30 3 is currently 0x3F3F
PHY 30 3 is currently 0x3F3F
PHY 30 4 is currently 0x3F3F
PHY 30 4 is currently 0x3F3F
PHY 30 5 is currently 0x3F3F
PHY 30 5 is currently 0x3F3F
PHY 30 6 is currently 0x3F3F
PHY 30 6 is currently 0x3F3F
PHY 30 7 is currently 0x3F3F
PHY 30 7 is currently 0x3F3F
PHY 30 8 is currently 0x3F3F
PHY 30 8 is currently 0x3F3F
PHY 29 24 is currently 0x0001
PHY 29 25 is currently 0x0001
PHY 29 26 is currently 0x0001
PHY 29 27 is currently 0x0001
PHY 29 28 is currently 0x0002
PHY 29 30 is currently 0x0002
PHY 30 9 is currently 0x1001
VLAN 0
Ports:    00000000
Untagged: 00000000
PVID:     00000000

VLAN 1
Ports:    0000002F
Untagged: 0000000F
PVID:     00000000

VLAN 2
Ports:    00000030
Untagged: 00000010
PVID:     00000000

PHY 29 23 is currently 0x0000
PHY 29 23 is currently 0x0000
       -> Setting to 0x0002
PHY 29

When I use any other combination a seg faults occur. Could you please tell me the exact syntax for setting up a vlan for ports 0 1 2 3 5 on interface eth0.1 and a secondary vlan for port 4 and 5 on iface eth0.2? Secondly I was wondering what tagging means in a vlan context. I could not find this information anywhere. Finally how will setting up this vlan affect the router's port forwarding between either virtual interface?

Again thank you for your help
Hamid

This program is not smart, and the only thing it accepts is a series of vlan arguments.

If you want eth0.1 (vlan 1) to have 0 1 2 3 5 and eth0.2 (vlan 2) to have 4 5 then you do this:

./user-switch +v "" "0 1 2 3 5*" "4 5"

Notice the empty string for vlan 0 because vlan 0 is untagged and so should not have any ports on it.

If you instead want to use VLAN 5 (eth0.5) you set argument number 5+2, like
./user-switch +v '' '' '' '' '' '0 1 2 3 5'
Though I don't really understand why you want vlan5 specifically.

if you want better a better interface that acts like other switches I recommend compiling this kernel driver.
http://inst.eecs.berkeley.edu/~pathorn/ip175c/#switch

After taking some time off working on the router I decided to reflash the router with openwrt from source. I patched the trunk as prescribed but am unable to set vlans using the ./user-switch program.
Here is an output of the result after running ./user-switch +v "" "0 1 2 3 5*" "4 5"

Router Enabled: 0
VLANs Enabled: 0
Tagged Ports:
Untgged Ports:
Number of VLANs: 3
Port info:
    Port 0 shares with  and defaults to VLAN 5433
    Port 1 shares with  and defaults to VLAN 16147
    Port 2 shares with {0,1,2,3,4} and defaults to VLAN 32237
    Port 3 shares with  and defaults to VLAN 6608
    Port 4 shares with {0} and defaults to VLAN 7929
    Port 5 shares with {0} and defaults to VLAN 274
VLAN info:
    VLAN 0 contains ports {0,2,3,5}
    VLAN 1 contains ports {3,4,5}
    VLAN 2 contains ports {0,1}
    VLAN 3 contains ports {1}
    VLAN 4 contains ports
    VLAN 5 contains ports {0,2,3}
    VLAN 6 contains ports {0,5}
    VLAN 7 contains ports {0,2}
    VLAN 8 contains ports {0,5}
    VLAN 9 contains ports {0,2,3}
    VLAN 10 contains ports {0,1,3}
    VLAN 11 contains ports
    VLAN 12 contains ports {0,3}
    VLAN 13 contains ports
    VLAN 14 contains ports {0,3}
    VLAN 15 contains ports

From above the vlans enabled are 0. I tried to use the following in a script:
#!/bin/sh
vconfig add eth0 1
vconfig add eth0 2                               
                   
uci set network.eth0=switch                       
uci set network.eth0.vlan1="0 1 2 3 5*"           
uci set network.eth0.vlan2="4 5"       
                                       
uci set network.wan=interface         
uci set network.wan.ifname=eth0.1     
uci set network.wan.proto=static       
uci set network.wan.type=interface     
uci set network.wan.ipaddr=192.168.82.3
uci set network.wan.netmask=255.255.255.0
                                         
ifconfig eth0.2 up                       
                                         
uci set network.lan=interface           
uci set network.lan.ifname=eth0.2       
uci set network.lan.type=interface       
uci set network.lan.proto=static 
uci set network.lan.ipaddr=192.168.82.5
uci set network.lan.netmask=255.255.255.0
                                         
ifconfig eth0.1 up   

Here the led's lose synch but I am no longer able to connect from either eth0.1 or eth0.2.
Any help will be greatly appreciated.

Hamid

I think you are pretty close.

If you download the new "user-switch" tool it should fix the broken reads.  See here: http://inst.eecs.berkeley.edu/~pathorn/ip175c/ under "Userspace Tool".  The new user-switch works by using /proc/switch/0/phy,reg,val directly instead of the broken network/ioctl hack it was using (which requires a patch to the kernel itself to work)  The reason you get weird values is the kernel was overwriting the PHY argument and reading from the "port 0 link status" registers at PHY 0 instead of the switch configuration at PHY 29,30,31.

As for your script, the reason it is not working as you would expect is you are using ifconfig directly.  ifconfig does not know anything about the UCI config, so doing "ifconfig eth0.2 up" just brings the interface into the up state, which for virtual vlan devices does nothing useful.

What I recommend is for you to restart the network using /etc/init.d/network restart.  That will correctly reinitialize all of the interfaces and ip addresses.

#!/bin/sh
vconfig add eth0 1
vconfig add eth0 2                               

uci set network.eth0=switch                       
uci set network.eth0.vlan1="0 1 2 3 5*"           
uci set network.eth0.vlan2="4 5"       

uci set network.wan=interface         
uci set network.wan.ifname=eth0.1     
uci set network.wan.proto=static       
uci set network.wan.type=interface     
uci set network.wan.ipaddr=192.168.82.3
uci set network.wan.netmask=255.255.255.0

uci set network.lan=interface           
uci set network.lan.ifname=eth0.2       
uci set network.lan.type=interface       
uci set network.lan.proto=static
uci set network.lan.ipaddr=192.168.82.5
uci set network.lan.netmask=255.255.255.0

/etc/init.d/network restart

Also, if you are using "v3" of the driver, you will need to use network.0=switch, network.0.vlan1=..., network0.vlan2=...
But the fact that you did not have to do this implies that you are using the "v2.2" version?  If so, it is strange that your user-switch program was not working.

Would it be possible to run "ls /proc/switch/*/*" and see what files are there

root@OpenWrt:~# ls /proc/switch/*/*
/proc/switch/0/driver         /proc/switch/0/phy
/proc/switch/0/enable         /proc/switch/0/reg
/proc/switch/0/enable_router  /proc/switch/0/reset
/proc/switch/0/enable_vlan    /proc/switch/0/val
/proc/switch/0/errno          /proc/switch/0/version
/proc/switch/0/name

/proc/switch/0/port:
0  1  2  3  4  5

/proc/switch/0/vlan:
0   1   10  11  12  13  14  15  2   3   4   5   6   7   8   9

Also here is the output for ifconfig when I set up the script using uci set network.eth0
eth0      Link encap:Ethernet  HWaddr 00:18:02:7E:20:2A 
          inet addr:192.168.82.5  Bcast:192.168.82.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2390 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1569 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:214718 (209.6 KiB)  TX bytes:247042 (241.2 KiB)
          Interrupt:4 Base address:0x1000

eth0.1    Link encap:Ethernet  HWaddr 00:18:02:7E:20:2A 
          inet addr:192.168.82.3  Bcast:192.168.82.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:5
          RX bytes:0 (0.0 B)  TX bytes:276 (276.0 B)

eth0.2    Link encap:Ethernet  HWaddr 00:18:02:7E:20:2A 
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:276 (276.0 B)

imq0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          UP RUNNING NOARP  MTU:16000  Metric:1
          RX packets:980 errors:0 dropped:0 overruns:0 frame:0
          TX packets:980 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:5
          RX bytes:65912 (64.3 KiB)  TX bytes:65912 (64.3 KiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:240 (240.0 B)  TX bytes:240 (240.0 B)

So basically what happened is that I am able to access the router from either port eth0 or eth0.1 but this isn't what I want I want is 2 seperate interfaces that can port forward from one to the other. Is there anything else that I can do to help you debug or is reflashing the only option available right now?

Thank you
Hamid

Two things:
When setting up the switch parameters, the name here must match exactly the directory in /proc/switch.
So you must use "0" instead of "eth0" or else you won't actually change the switch parameters.

uci set network.0=switch                       
uci set network.0.vlan1="0 1 2 3 5*"           
uci set network.0.vlan2="4 5"

In addition, the reason it still seems to be working is that eth0 still has an IP address set, and still on the same subnet as eth0.1 (so your router is still happily responding on eth0 because it is on the same subnet).

So you may need to do "ifconfig eth0 0.0.0.0" which in the linux ifconfig tells it to remove the IP address from eth0 (you don't want to ifconfig eth0 down because that will down the whole network including all vlans, you just want to make sure it only responds to the vlan, not to the global one)

#!/bin/sh
vconfig add eth0 1
vconfig add eth0 2                               

uci set network.0=switch                       
uci set network.0.vlan1="0 1 2 3 5*"           
uci set network.0.vlan2="4 5"       

uci set network.wan=interface         
uci set network.wan.ifname=eth0.1     
uci set network.wan.proto=static       
uci set network.wan.type=interface     
uci set network.wan.ipaddr=192.168.82.3
uci set network.wan.netmask=255.255.255.0

uci set network.lan=interface           
uci set network.lan.ifname=eth0.2       
uci set network.lan.type=interface       
uci set network.lan.proto=static
uci set network.lan.ipaddr=192.168.82.5
uci set network.lan.netmask=255.255.255.0

ifconfig eth0 0.0.0.0
/etc/init.d/network restart

Can you give that script a try?

Well that cause complete connection loss to the router as the communication is solely through eth0. However I did notice 2 things:
1) With wireshark active it seems that the router is sending ARP requests to my pc which is responding with the correct mac address. However, the router still does not recognize this and keeps on sending more arp requests. Maybe there is something wrong with the arp table?

2) From your site:
* 990-phyfix.patch

You may place this patch in target/linux/atheros/patches-2.6.26/ under the Kamikaze root and it should get applied automatically--but make sure to check the drivers/net/phy/phy.c file to make sure it actually got changed to save yourself some frustration.

When I went to basedir /target/linux/atheros/files/drivers/net/ there is only the ar2313 folder. The phy folder that you mentioned is not available could this be the cause of the problem.

Thank you
Hamid

You do not need this patch for the "version 3" phy driver (and it won't be applied by default).  If it were to be applied, the linux kernel code is actually located in build_dir/linux-atheros/linux-2.6.26.*/

Anyway, I noticed some more things about your setup that does not make sense.
You can't have wan and lan use the same subnet. If you do, Linux might respond or listen on the wrong interface (In general, I have never gotten a connection to work when I have two interfaces with the same IP address).  What exactly are you trying to do?

Also, your VLANs did not match up.
You put VLAN1 as "0 1 2 3 5*" which (I assume) is intended to be the lan. However in your config, you set "config.wan.ifname=eth0.1" and "config.lan.ifname="eth0.2".  Unless you were testing using the WAN port, it makes sense that you were not allowed to SSH to the router since the wan interface is usually firewalled by default.

However, next time you test, you can try putting the ethernet port into both the LAN and WAN ports to see if that makes any difference.

Another thing to look for is if Wireshark is detecting any VLAN TAG packets.  This would indicate that the switch is not being initialized correctly as it should remove vlan tags to any port other than the CPU.  Also, another command to try out is the "arping" command that sends out arp queries and checks if the other host responds (So like a ethernet ping instead of a IP ping)

...
uci set network.wan=interface         
uci set network.wan.ifname=eth0.2     
uci set network.wan.proto=static       
uci set network.wan.type=interface     
uci set network.wan.ipaddr=192.168.99.3
uci set network.wan.netmask=255.255.255.0

uci set network.lan=interface           
uci set network.lan.ifname=eth0.1       
uci set network.lan.type=interface       
uci set network.lan.proto=static
uci set network.lan.ipaddr=192.168.82.5
uci set network.lan.netmask=255.255.255.0
...

(Last edited by phorn on 18 Dec 2008, 21:01)

@phorn, I think I know what's happening with @ahelbabl's setup.

I'm cooking the firmware for 3CRWER200, it has ICP175C switch.
uci set network.0=switch                       
uci set network.0.vlan1="0 1 2 3 5*"           
uci set network.0.vlan2="4 5"       

The above commands set everything OK, but the /proc/switch/0/enable_vlan is still 0, and so the switch doesn't forward anything properly.

I haven't found yet how to enable VLAN support via UCI. I think you know how, so please help

That's strange. The UCI "/lib/network/switch.sh" does it by default on 8.09RC1 for me:

setup_switch() {
        config_cb() {
                case "$1" in
                        switch)
                                [ -n "$2" -a -d "/proc/switch/$2" ] && {
                                        echo 1 > "/proc/switch/$2/reset"
                                        echo 1 > "/proc/switch/$2/enable"
                                        echo 1 > "/proc/switch/$2/enable_vlan"
                                        option_cb() {
                                                case "$1" in
                                                        vlan*) setup_switch_vlan "${1##vlan}";;
                                                esac
                                        }
                                }
                        ;;
                        *)
                                option_cb() { return 0; }
                        ;;
                esac
        }
        config_load network
}