OpenWrt Forum Archive

Topic: Needs help configuring my Soekris net4801 to get vlan VID 100 working

The content of this topic has been archived on 7 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
johmar
4 Feb 2012, 14:41

Hi all,

I've been reading docs on this forum and from the wiki, but I just didn't managed to get a working configuration for my home network.
I'm using a snapshot (~ January 2012, 30st) of OpenWrt for X86.
My hardware is an old Soekris net4801, which has been working for 5 years with openbsd as my home router (VLAN configuration is OK with openbsd).

What I need
========
My network configuration :

My ISP DSL Line (gateway box,ethernet Bridged) <--->[eth2]  my soekris router  [eth0]<---> switch <---> IPTV Box (Freebox on VLAN VID 100), other computers...

This configuration has been working with an openbsd box, so I don't think the problem comes from a non 802.1Q-compatible hardware somewhere (a switch or the soekris).

On the soekris, eth0 is a 'natsemi' interface connected to the lan. The eth2 interface gets its IP public address directly via DHCP from my ISP.

When I use the standard configuration from openwrt (lan=eth0, eth2=wan), all is working fine except the IPTV Box.
So my problem is to find a configuration with vlans allowing VID_100 streams from the IPTV-Freebox to the ISP-gateway.

What I've tried
==========

So, i've read docs...
I've understood the problem this way : on the lan, i need to create two VLAN : VLAN1 one for VID 100 (for the IPTV streams) and another VLAN2 for the untagged streams, "legacy" internet access. It's the same on the eth2 external/wan interface.
Then I need to bridge the vlan1 interfaces related to VID 100 together. On the other vlan2, I want masquerading and firewalling.

So, this is my configuration file : 

config interface loopback
        option ifname   lo
        option proto    static
        option ipaddr   127.0.0.1
        option netmask  255.0.0.0

#configurating the legacy network 
config switch eth0
   option reset 1
   option enable 1
   option enable_vlan 1

config 'switch_vlan'
   option 'vlan'       '2'
   option 'device'     'eth0'
   option 'ports'      '0t 5'

#vlan 1 is the vlan with pvid 101 and handling IPTV stream
config 'switch_vlan'
  option 'vlan' '100'
  option 'device' 'eth0'
  option 'ports' '3 5t'
  option pvid 100


config switch_port
  option port '3'
  #sets default pvid
  option pvid '100'

config switch_port
  option port 0
  option pvid 0

#lan interface : lan vlan & static configuration           
config interface lan
  option ifname eth0.2
  option 'proto' 'static'
  option 'ipaddr' '192.168.42.1'
  option 'netmask' '255.255.255.0'

config switch eth2
   option reset 1
   option enable_vlan 1

config 'switch_vlan'
   option 'vlan'       '101'
   option 'device'     'eth2'
   option 'ports'      '0 1 2 5t'

config 'switch_vlan'
   option 'vlan' '100'
   option 'device' 'eth2'
   option 'ports' '3 5t'
   option 'pvid' '100'

#internet interface : ip from ISP, NAT enabled.
config interface wan
        option ifname 'eth2.2'
        option proto dhcp

#the bridge between the two vlan interface to "forward"[bridge] VID 100  
config interface brlan1
  option type bridge
  option ifname 'eth0.1 eth2.1'

Status
====
This configuration file isn't working.

I can observe :

1) Vlans don't seem to be configured as I want (wrong VID) : 

root@OpenWrt:/# cat /proc/net/vlan/*
VLAN Dev name    | VLAN ID
Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
eth0.2         | 2  | eth0
eth0.1         | 1  | eth0
eth2.2         | 2  | eth2
eth2.1         | 1  | eth2
eth0.1  VID: 1   REORDER_HDR: 1  dev->priv_flags: 4001
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted            4
       total bytes transmitted          264
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:
eth0.2  VID: 2   REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           82
       total bytes transmitted         3804
Device: eth0
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:
eth2.1  VID: 1   REORDER_HDR: 1  dev->priv_flags: 4001
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted            4
       total bytes transmitted          264
Device: eth2
INGRESS priority mappings: 0:0  1:0  2:0  3:0  4:0  5:0  6:0 7:0
 EGRESS priority mappings:
eth2.2  VID: 2   REORDER_HDR: 1  dev->priv_flags: 1
         total frames received            0
          total bytes received            0
      Broadcast/Multicast Rcvd            0

      total frames transmitted           17
       total bytes transmitted         6851
Device: eth2
INGRESS priority mappings: 0:0  1:

2) eth2.2 can't retrieve its IP address from DHCP. It sends DHCP requests, but responses are not transmitted on eth2.2. I think it's related to vlan configuration.

3) From the lan, we even can't ping the eth0.2 internal interface (with ip address 192.168.42.1). Once again, it's related to VLAN i think. Because we see traffic on eth0. On eth0.2 we only see ARP request sent from the soekris to the lan.

I've checked that all interfaces are up (the bridge, the vlans ...). I've checked the bridge with brctl too. eth0.2 is up and correctly configured (it's static smile)

Thanks in advance for the help you can provide me, my understanding of VLAN openwrt configuration is weak.
cheers,

(Last edited by johmar on 6 Feb 2012, 18:07)

Post #2
johmar
6 Feb 2012, 18:06

So... I managed to get my router working as I need, by putting the following commands right after network init :

#set up vlan 
vconfig add eth0 100
vconfig add eth2 100
#ifs up
ifconfig eth0.100 up
ifconfig eth2.100 up
#create a bridge
brctl addbr br-brlan1
brctl addif br-brlan1 eth0.100
brctl addif br-brlan1 eth2.100
#
ifconfig br-brlan1 up
ifconfig br-brlan1 down
ifconfig br-brlan1 up

It's very ugly... I'm still looking for the proper way to do it in the openwrt-/etc/config/network(uci) style.

Thanks for any suggestions !

Post #3
fyi
18 Feb 2012, 07:24

There's no hardware switch in Soekris net4801 so I don't think you need the switch configuration. Simply declare the vlan and bridge and it should do the trick.

config interface loopback
    option ifname   lo
    option proto    static
    option ipaddr   127.0.0.1
    option netmask  255.0.0.0

config interface lan
    option ifname eth0
    option proto static
    option ipaddr 192.168.42.1
    option netmask 255.255.255.0

config interface wan
    option ifname eth2
    option proto dhcp

#the bridge between the two vlan interface to "forward" [bridge] VID 100  
config interface brlan1
    option type bridge
    option ifname 'eth0.100 eth2.100'
    option proto none
    option auto 1

OpenWrt / Problems with bridge and vlan
OpenWrt / Problem: configuration VLAN on the NANOSTATION2 - NS2

The discussion might have continued from here.